DefWeb: Defending User Privacy against Cache-based Website Fingerprinting Attacks with Intelligent Noise Injection
Cache-based website fingerprinting (WF) attacks violate user privacy where the attacker leverages the shared last-level cache in CPUs and analyzes the fingerprints through machine learning and deep learning models. WF attacks are even applicable in Incognito and anonymized browser platforms, leading to a serious threat to the public. Several defense techniques inject random noise during website rendering to degrade the attack success rate, while these techniques either create large performance overhead or cannot obfuscate the WF dataset entirely when the attacker retrains a new learning model with noisy fingerprints.
In this work, we develop a dynamic generative learning-based defense technique, DefWeb, to protect user privacy against cache-based WF attacks by injecting precise noise into the WFs. For this purpose, (i) we train generative neural networks to represent high-dimensional fingerprints in a low-dimension space while creating distinct clusters for each website. (ii) Minimal noise templates are extracted in the low-dimension space to obfuscate the fingerprints efficiently. (iii) We create practical noise templates that can be added to WFs during website rendering by leveraging self-modifying code (SMC). We implement DefWeb in both simulation and real-world setups to degrade the attacker's model accuracy. \textit{DefWeb} can decrease the model accuracy to 1.1\% and 28.8\% in simulation and real-world setups, respectively. Finally, we show that the performance overhead introduced by DefWeb is only 9.5%, which is considerably lower than previous defense techniques.