Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
∞ take a peek at our legendary cryptostorm_is twitter feed if you're into that kind of thing ∞
Ξ we're rolling out voodoo network security across cryptostorm - big things happening, indeed! Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit GitHub Ξ

paper: "A Critical Evaluation of Website Fingerprinting Attacks {on Tor users}" (2014) | #torkittenz

To stay ahead of new and evolving threats, cryptostorm has always looked out past standard network security tools. Here, we discuss and fine-tune our work in bringing newly-created capabilities and newly-discovered knowledge to bear as we keep cryptostorm in the forefront of tomorrow's network security landscape.
User avatar

Topic Author
Pattern_Juggled
Posts: 1492
Joined: Sun Dec 16, 2012 6:34 am
Contact:

paper: "A Critical Evaluation of Website Fingerprinting Attacks {on Tor users}" (2014) | #torkittenz

Postby Pattern_Juggled » Wed Dec 17, 2014 8:40 am

{direct link: cryptostorm.org/torkittenz}


A Critical Evaluation of Website Fingerprinting Attacks
Marc Juarez, Sadia Afroz, Gunes Acar, Claudia Diaz, Rachel Greenstadt


ABSTRACT

Recent studies on Website Fingerprinting (WF) claim to have found highly effective attacks on Tor. However, these studies make assumptions about user settings, adversary capabilities, and the nature of the Web that do not necessarily hold in practical scenarios. The following study critically evaluates these assumptions by conducting the attack where the assumptions do not hold. We show that certain variables, for example, user’s browsing habits, differences in location and version of Tor Browser Bundle, that are usually omitted from the current WF model have a significant impact on the efficacy of the attack. We also empirically show how prior work succumbs to the base rate fallacy in the open-world scenario. We address this problem by augmenting our classification method with a verification step. We conclude that even though this approach reduces the number of false positives over 63%, it does not completely solve the problem, which remains an open issue for WF attacks.

ccs-webfp-final.pdf
(587.72 KiB) Downloaded 312 times

User avatar

Topic Author
Pattern_Juggled
Posts: 1492
Joined: Sun Dec 16, 2012 6:34 am
Contact:

#torkittenz

Postby Pattern_Juggled » Sun Dec 28, 2014 12:34 pm

This is brilliant work - #torkittenz, courtesy of Julien Savoie.

{resource mapped via torkittenz.science + kittenz.science}

Combine it with torstorm and a class of hardened, Tor-based network configurations opens up before your eyes.

torkittenz2.png


Absolutely brilliant work. I can't think of another piece of work in recent years that had anywhere close to the "oh that's beautiful" impact on me as does this line of research: elegant, powerful, clever, deadly effective as a defensive technique.

Torkittenz: https://lu376epcoakc6izi.torstorm.org/
(or Tor-direct via: http://lu376epcoakc6izi.onion)

torkittenz.png


Return to “cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity”

Who is online

Users browsing this forum: No registered users and 4 guests

Login