Traffic analysis of Web browsers

Sami Zhioua; Mahjoub Langar

Traffic analysis of Web browsers

Sami Zhioua^*, Mahjoub Langar

^*Corresponding author for this work

King Fahd University of Petroleum & Minerals

Research output: Contribution to journal › Conference article › peer-review

1 Scopus citations

Abstract

Tor network is currently the most commonly used anonymity system with more than 300,000 users and almost 3000 relays. Attacks against Tor are typically confirmation attacks where the adversary injects easily discernible traffic pattern and observes which clients and/or relays exhibit such patterns. The main limitation of these attacks is that they require a "powerful" adversary. Website fingerprinting is a new breed of attacks that identifies which websites are visited by a Tor client by learning the traffic pattern for each suspected website. Recent works showed that some classifiers can successfully identify 80% of visited websites. In this paper we use a classic classifier, namely, decision trees (C4.5 algorithm) and we study to which extent popular web browsers can resist to website fingerprinting attacks. Among four studied web browsers, Google Chrome offers the best resistance to website fingerprinting (5 times better than the other web browsers). Since most of existing fingerprinting techniques have been evaluated using Firefox web browser, we expect the accuracy results of existing works to be reduced in case Chrome browser is used.

Original language	English
Pages (from-to)	20-33
Number of pages	14
Journal	CEUR Workshop Proceedings
Volume	1158
State	Published - 2014

ASJC Scopus subject areas

General Computer Science

Cite this

@article{59916528bb0f4d258985f71765a96578,

title = "Traffic analysis of Web browsers",

abstract = "Tor network is currently the most commonly used anonymity system with more than 300,000 users and almost 3000 relays. Attacks against Tor are typically confirmation attacks where the adversary injects easily discernible traffic pattern and observes which clients and/or relays exhibit such patterns. The main limitation of these attacks is that they require a {"}powerful{"} adversary. Website fingerprinting is a new breed of attacks that identifies which websites are visited by a Tor client by learning the traffic pattern for each suspected website. Recent works showed that some classifiers can successfully identify 80\% of visited websites. In this paper we use a classic classifier, namely, decision trees (C4.5 algorithm) and we study to which extent popular web browsers can resist to website fingerprinting attacks. Among four studied web browsers, Google Chrome offers the best resistance to website fingerprinting (5 times better than the other web browsers). Since most of existing fingerprinting techniques have been evaluated using Firefox web browser, we expect the accuracy results of existing works to be reduced in case Chrome browser is used.",

author = "Sami Zhioua and Mahjoub Langar",

year = "2014",

language = "English",

volume = "1158",

pages = "20--33",

journal = "CEUR Workshop Proceedings",

issn = "1613-0073",

publisher = "CEUR-WS",

}

TY - JOUR

T1 - Traffic analysis of Web browsers

AU - Zhioua, Sami

AU - Langar, Mahjoub

PY - 2014

Y1 - 2014

N2 - Tor network is currently the most commonly used anonymity system with more than 300,000 users and almost 3000 relays. Attacks against Tor are typically confirmation attacks where the adversary injects easily discernible traffic pattern and observes which clients and/or relays exhibit such patterns. The main limitation of these attacks is that they require a "powerful" adversary. Website fingerprinting is a new breed of attacks that identifies which websites are visited by a Tor client by learning the traffic pattern for each suspected website. Recent works showed that some classifiers can successfully identify 80% of visited websites. In this paper we use a classic classifier, namely, decision trees (C4.5 algorithm) and we study to which extent popular web browsers can resist to website fingerprinting attacks. Among four studied web browsers, Google Chrome offers the best resistance to website fingerprinting (5 times better than the other web browsers). Since most of existing fingerprinting techniques have been evaluated using Firefox web browser, we expect the accuracy results of existing works to be reduced in case Chrome browser is used.

AB - Tor network is currently the most commonly used anonymity system with more than 300,000 users and almost 3000 relays. Attacks against Tor are typically confirmation attacks where the adversary injects easily discernible traffic pattern and observes which clients and/or relays exhibit such patterns. The main limitation of these attacks is that they require a "powerful" adversary. Website fingerprinting is a new breed of attacks that identifies which websites are visited by a Tor client by learning the traffic pattern for each suspected website. Recent works showed that some classifiers can successfully identify 80% of visited websites. In this paper we use a classic classifier, namely, decision trees (C4.5 algorithm) and we study to which extent popular web browsers can resist to website fingerprinting attacks. Among four studied web browsers, Google Chrome offers the best resistance to website fingerprinting (5 times better than the other web browsers). Since most of existing fingerprinting techniques have been evaluated using Firefox web browser, we expect the accuracy results of existing works to be reduced in case Chrome browser is used.

UR - http://www.scopus.com/inward/record.url?scp=84907930087&partnerID=8YFLogxK

M3 - Conference article

AN - SCOPUS:84907930087

SN - 1613-0073

VL - 1158

SP - 20

EP - 33

JO - CEUR Workshop Proceedings

JF - CEUR Workshop Proceedings

ER -

Traffic analysis of Web browsers

Abstract

ASJC Scopus subject areas

Fingerprint

Cite this