Website fingerprinting attacks can predict the website visited by a user with an accuracy of over 90%. This can be useful to de-anonymize clients who use Virtual Private Networks (VPNs) or Tor to browse the web anonymously, that is, the websites they visit are "hidden" from their Internet Service Providers (ISPs). Using only the metadata such as packet size, direction of the packets, number of packets, and timing information of the packets, an adversary (such as the ISP or a Tor entry guard) can accurately predict the website visited. However, most previous work have made many assumptions, such as, assuming the user is browsing only one website at a time, clearing their cache/cookies for each website visit, and only runs the web browser.
This "laboratory" setting severely limits the impact of website fingerprinting attacks. There is, thus, an urgent need to determine the practicality of such attacks so that appropriate mitigations can be implemented. If these attacks can be launched in the wild, then the high accuracy of predicting websites visited is a major concern.
Funding agency: NSA and NCAE September 15, 2021 – December 31, 2023 (with option for a third year)
For more information on the department's research activities, please visit our website.