Page 1 of 1

paper: "A Critical Evaluation of Website Fingerprinting Attacks {on Tor users}" (2014) | #torkittenz

Posted: Wed Dec 17, 2014 8:40 am
by Pattern_Juggled
{direct link:}

A Critical Evaluation of Website Fingerprinting Attacks
Marc Juarez, Sadia Afroz, Gunes Acar, Claudia Diaz, Rachel Greenstadt


Recent studies on Website Fingerprinting (WF) claim to have found highly effective attacks on Tor. However, these studies make assumptions about user settings, adversary capabilities, and the nature of the Web that do not necessarily hold in practical scenarios. The following study critically evaluates these assumptions by conducting the attack where the assumptions do not hold. We show that certain variables, for example, user’s browsing habits, differences in location and version of Tor Browser Bundle, that are usually omitted from the current WF model have a significant impact on the efficacy of the attack. We also empirically show how prior work succumbs to the base rate fallacy in the open-world scenario. We address this problem by augmenting our classification method with a verification step. We conclude that even though this approach reduces the number of false positives over 63%, it does not completely solve the problem, which remains an open issue for WF attacks.

(587.72 KiB) Downloaded 237 times


Posted: Sun Dec 28, 2014 12:34 pm
by Pattern_Juggled
This is brilliant work - #torkittenz, courtesy of Julien Savoie.

{resource mapped via +}

Combine it with torstorm and a class of hardened, Tor-based network configurations opens up before your eyes.


Absolutely brilliant work. I can't think of another piece of work in recent years that had anywhere close to the "oh that's beautiful" impact on me as does this line of research: elegant, powerful, clever, deadly effective as a defensive technique.

(or Tor-direct via: http://lu376epcoakc6izi.onion)