Major
Computer Science
Anticipated Graduation Year
2021
Access Type
Open Access
Abstract
Identifying the website based solely from the network packets’ size and number from anonymized and encrypted network traffic is called website fingerprinting. Previous research on website fingerprinting attacks have focused on visiting one website at a time; the accuracy of the attack is 90%. However, this is highly unrealistic as a user visits multiple sites at the same time. This research project aims to increase the realism of website fingerprinting by allowing two website visits at the same time; the proposed algorithm could be further extended to deal with more than two simultaneous website visits. The goal is to identify when each website download begins and ends. This allows separating the two websites into two individual websites, which then allows previous methods to be used to identify each website. When two websites are run at the same time, identifying both sources is difficult since the network packets overlap. The data for the websites will be examined to find some patterns which indicate the start (or end) of a website. Uncovering the pattern between the websites allows for additional research to protect users’ privacy.
Faculty Mentors & Instructors
Eric Chan-Tin, Assistant Professor, Department of Computer Science
Description of Poster
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 License.
Realistic Website Fingerprinting Attacks
Identifying the website based solely from the network packets’ size and number from anonymized and encrypted network traffic is called website fingerprinting. Previous research on website fingerprinting attacks have focused on visiting one website at a time; the accuracy of the attack is 90%. However, this is highly unrealistic as a user visits multiple sites at the same time. This research project aims to increase the realism of website fingerprinting by allowing two website visits at the same time; the proposed algorithm could be further extended to deal with more than two simultaneous website visits. The goal is to identify when each website download begins and ends. This allows separating the two websites into two individual websites, which then allows previous methods to be used to identify each website. When two websites are run at the same time, identifying both sources is difficult since the network packets overlap. The data for the websites will be examined to find some patterns which indicate the start (or end) of a website. Uncovering the pattern between the websites allows for additional research to protect users’ privacy.