Surakav: Generating Realistic Traces for a Strong Website Fingerprinting Defense

• Published in: 2022 IEEE Symposium on Security and Privacy (SP) pp. 1558 - 1573
• Main Authors: Gong, Jiajun, Zhang, Wuqi, Zhang, Charles, Wang, Tao
• Format: Conference Proceeding
• Language: English
• Published: IEEE 01.05.2022
• Subjects: Fingerprint recognition; generative adversarial network; Generative adversarial networks; Generators; Limiting; Privacy; Real-time systems; Telecommunication traffic; Tor; traffic analysis; website fingerprinting
• ISSN: 2375-1207
• DOI: 10.1109/SP46214.2022.9833722

Website Fingerprinting (WF) attacks utilize size and timing information of encrypted network traffic to infer the user's browsing activity, posing a great threat to privacy-enhancing technologies like Tor; nevertheless, Tor has not adopted any defense because existing defenses are not convincing enough to show their effectiveness. Some defenses have been overcome by newer attacks; other defenses are never implemented and tested in the real open-world scenario.In this paper, we propose Surakav, a tunable and practical defense that is effective against WF attacks with reasonable overhead. Surakav makes use of a Generative Adversarial Network (GAN) to generate realistic sending patterns and regulates buffered data according to the sampled patterns. We implement Surakav and evaluate it on the live Tor network. Experiments show that Surakav is able to reduce the attacker's true positive rate by 57% with 55% data overhead and 16% time overhead, saving 42% data overhead compared to FRONT. In the heavyweight setting, Surakav outperforms the strongest known defense, Tamaraw, requiring 50% less overhead in data and time to lower the attacker's true positive rate to only 8%. We also show that two existing defenses, Walkie-Talkie and TrafficSliver, can be fortified with our GAN-based trace generator.