Annual Computer Security Applications Conference (ACSAC) 2021

Full Program »

BAPM: Block Attention Profiling Model for Multi-tab Website Fingerprinting Attacks on Tor

Website fingerprinting attacks on Tor pose a security issue to anonymity privacy, in which attackers can identify websites visited by victims through analyzing encrypted packet traces. Although related works have been studied over a long period, most of them focus on single-tab packet traces containing only one website. However, users often open multiple page tabs simultaneously when browsing the web, and multi-tab packet traces will influence the effect of common single-tab attacks. Existing multi-tab attacks depend on an elaborate feature engineering, and fail to make the most of the overlapping area in multi-tab traces due to information lost and confusion. In this paper, we propose a Block Attention Profiling Model named BAPM as a multi-tab attack. Specifically, BAPM fully utilizes the whole multi-tab packet trace including the overlapping area to avoid information lost. It generates a tab-aware representation from traces and performs a block division on it to separate different websites as clearly as possible, thus avoiding information confusion. Then the attention-based profiling is used to group blocks of the same website to provide a global view. We compare BAPM with several state of the art multi-tab attacks, and BAPM outperforms comparison methods on all page tabs even with larger overlapping area. The effectiveness of model design is also validated through ablation analysis, sensitivity analysis and generalization experiment.

Zhong Guan
Institute of Information Engineering, Chinese Academy of Sciences; School of Cyber Security, University of Chinese Academy of Sciences

Gang Xiong
Institute of Information Engineering, Chinese Academy of Sciences; School of Cyber Security, University of Chinese Academy of Sciences

Gaopeng Gou
Institute of Information Engineering, Chinese Academy of Sciences; School of Cyber Security, University of Chinese Academy of Sciences

Zhen Li
Institute of Information Engineering, Chinese Academy of Sciences; School of Cyber Security, University of Chinese Academy of Sciences

Mingxin Cui
Institute of Information Engineering, Chinese Academy of Sciences; School of Cyber Security, University of Chinese Academy of Sciences

Chang Liu
Institute of Information Engineering, Chinese Academy of Sciences; School of Cyber Security, University of Chinese Academy of Sciences

Paper (ACM DL)

Slides

Video

 



Powered by OpenConf®
Copyright©2002-2021 Zakon Group LLC