| Website fingerprinting attack is a technique that extracts characteristics from anonymous/encrypted network traffic through side channel analysis to generate the fingerprint of each website so as to identify the website which the user is visiting accordingly.Website fingerprinting attacks and their defense techniques have always been hot topics in recent researches not only from the perspective of anonymous communication traffic supervision but also from the perspective of strengthening protection for communication privacy.However,current website fingerprinting attacks and defenses are merely theoretical studies under an ideal hypothesis.For one thing,the attack model usually assumes that users only visit one site during a certain period,and the generated traffic does not contain any background noise.For another,the defense scheme is an optimized theoretical defense strategy generated after the defender collects the complete traffic dataset,which neglects the online defense problem.These strong assumptions lead to the low practicality of existed website fingerprinting attacks and defense techniques in real scenarios.Aiming at solving the above problems,this thesis investigates the multi-tab online website fingerprinting attack as well as the adversarial patches based online website fingerprinting defense technique,and implements the prototype systems based on the proposed technique respectively.Specifically,this work includes the following three aspects:Firstly,a multi-tab online website fingerprinting attack technique is proposed.Under the premise of relaxing the strong assumption of no background traffic in the traditional website fingerprinting attack model,the proposed technique considers an online scenario where users visit two pages consecutively within a short random interval.Through building a singlepage/multi-page classification model,it realizes the distinction between the traffic from visiting one website only and the mixed traffic from visiting multiple websites.Meanwhile,the segmentation point identification method based on the Balance Cascade algorithm fulfills the separation of the mixed traffic.Further,fingerprint recognition models based on residual network and multi-head self-attention mechanism are constructed for the segmented tailmissing traffic sequences and front-overlapping traffic sequences respectively.The effectiveness of the proposed technique is evaluated over the target website set comprised of the Alexa Top 100 sites.Secondly,an adversarial patches based online website fingerprinting defense technique is proposed.Aiming at improving the practicality of website fingerprinting defense in online scenarios,the Grad-CAM algorithm is utilized to determine the key areas of the traffic sequence,and then a non-targeted white-box adversarial patch optimization generation scheme is designed to realize the generation of adversarial patches.Moreover,an adversarial patch injection scheme is designed to realize network traffic shaping.Furthermore,experiments conducted over Alexa Top 100 sites evaluate the effect of the defense proposed method in this thesis.Thirdly,the online website fingerprinting attack system and defense system are designed and implemented respectively.The attack system can identify the traffic generated by the user accessing the target website promptly.Besides,the defense system can realize the online insertion of adversarial patches,which reduces the accuracy of deep learning fingerprinting classifiers.Deployment in real network scenarios validates the effectiveness of both the two systems.To sum up,this thesis realizes a multi-tab website fingerprinting attack by segmenting the multi-tab network traffic and constructing a classification model based on the characteristics of different traffic segments.In addition,an efficient defense against website fingerprinting attacks is accomplished via adopting the Grad-CAM algorithm to determine the key areas in traffic sequence followed by generation and online injection of adversarial patches.Finally,an online website fingerprinting attack and defense system is designed and implemented,which improves the practicality of this field. |
PDF Full Text Request