Ephemeral Network-Layer Fingerprinting Defenses
Proceedings on Privacy Enhancing Technologies
Background: Website fingerprinting is a technique used to identify which websites a user is visiting through an encrypted tunnel (such as a VPN or the Tor network). A common setting involves an adversary that monitors the link between the user’s device and the tunnel’s entry point, collects the encrypted traffic, and determines which website it corresponds to via classification models. This works because the traffic, despite encryption, contains patterns that characterize the underlying content.
Most defense studies evaluate against an adversary that can train classification models on defended traffic. That is, these studies implicitly assume that an adversary knows which defense targeted users have and how it works.
Description: The paper presents a technique for quickly generating unique, per-connection defenses for the Maybenot framework, removing the adversary’s usual advantage of being able to train on defended traffic. This is essentially an application of Kerckhoffs’s principle to traffic analysis defenses, where defenses are treated as secret keys. Simulations indicate that ephemeral defenses work well in multiple scenarios (website fingerprinting, video fingerprinting, and circuit handshakes in Tor) and can achieve reasonable trade-offs between protection and overhead. Also, ephemeral defenses need not be tightly bound to any specific attack, situation, or network conditions.