基于流量分割与填充的网站指纹防御技术

An Effective Website Fingerprinting Defense Based on Traffic Splitting and Padding

Tor匿名网络是一种用于保护用户通信隐私的匿名通信系统.网站指纹攻击算法通过分析用户的流量数据来破坏用户通信隐私的匿名性.为防范网站指纹攻击,研究人员提出各种网站指纹防御算法.现阶段,这些防御方法存在着防御开销高、防御性能差的问题.为此提出了一种基于流量分割与填充的网站指纹防御算法.该算法由流量分割和数据单元填充这两个模块组成.流量分割模块通过使用随机数量的链路和基于数据单元间隔时间的链路切换策略,将网站流量分割并发送到不同的链路上.数据单元填充模块通过使用Break Burst和Extend Burst两个子模块,分别在传入和传出burst中注入填充数据单元,进一步混淆各个链路上的网站流量模式.在封闭世界场景下,相较于同类算法HyWF,所提算法进一步降低了最优攻击算法RF的精确率18.54%和召回率20.25%;而相较于CoMPS算法,在使用更少链路的情况下,所提算法能够进一步降低RF算法的精确率2.72%和召回率5.23%.实验结果表明,所提算法在防御性能方面优于其他同类算法,并且带来了更低的防御开销.

Due to Tor as an anonymity communication network system can protect user privacy,so all the attack arithmetic of Website Fingerprinting(WF)attacks were arranged to destroy the user anonymity by analyzing users'traffic.To solve the problems existed in a lot of various WF defense systems developed to resist WF attacks,a novel WF defense,consisting of a traffic splitting module and a padding module,was proposed based on traffic splitting with padding(SWP),reducing the spending of these WF defense methods and advancing defense effectiveness.The traffic splitting module was arranged to split traffic in a random number of multiple circuits and send to different circuits with a circuit-switching strategy based on packet intervals.Meanwhile,the padding module was designed to utilize two sub-modules,Break Burst,and Extend Burst,to inject padding packets into the incoming and outgoing bursts respectively,to further obfuscate the traffic patterns on each circuit.In the closed-world setting,the analysis results show that the proposed algorithm can further reduce RF's precision by 18.54%and RF's recall by 20.25%compared to its comparable HyWF.Comparing with CoMPS,the proposed algorithm can further reduce RF's precision by 2.72%and RF's recall by 5.23%with fewer circuits.Experimental results show that the proposed algorithm can outperform to comparable algorithms and lower defense spending.