Mockingbird: Defending Against Deep-Learning-Based Website Fingerprinting Attacks With Adversarial Traces
نویسندگان
چکیده
Website Fingerprinting (WF) is a type of traffic analysis attack that enables local passive eavesdropper to infer the victim's activity, even when protected by VPN or an anonymity system like Tor. Leveraging deep-learning classifier, WF attacker can gain over 98% accuracy on Tor traffic. In this paper, we explore novel defense, Mockingbird, based idea adversarial examples have been shown undermine machine-learning classifiers in other domains. Since gets design and train his classifier first demonstrate at straightforward technique for generating adversarial-example traces fails protect against using training robust classification. We then propose resists moving randomly space viable not following more predictable gradients. The drops state-of-the-art hardened with from 42-58% while incurring only 58% bandwidth overhead. generally lower than defenses, much considering Top-2 accuracy, overheads.
منابع مشابه
Defending Non-Bayesian Learning against Adversarial Attacks
Abstract This paper addresses the problem of non-Bayesian learning over multi-agent networks, where agents repeatedly collect partially informative observations about an unknown state of the world, and try to collaboratively learn the true state. We focus on the impact of the adversarial agents on the performance of consensus-based non-Bayesian learning, where non-faulty agents combine local le...
متن کاملDeep Fingerprinting: Undermining Website Fingerprinting Defenses with Deep Learning
Website fingerprinting enables a local eavesdropper to determine which websites a user is visiting over an encrypted connection. State-of-the-art website fingerprinting attacks have been shown to be effective even against Tor. Recently, lightweight website fingerprinting defenses for Tor have been proposed that substantially degrade existing attacks: WTF-PAD and Walkie-Talkie. In this work, we ...
متن کاملDeep Learning Website Fingerprinting Features
Anonymity networks like Tor enable Internet users to browse the web anonymously. This helps citizens circumvent censorship from repressive governments, journalists communicate with anonymous sources or regular users to avoid tracking online. However, adversaries can try to identify anonymous users by deploying several attacks. One of such attacks is website fingerprinting. Website fingerprintin...
متن کاملAuror: defending against poisoning attacks in collaborative deep learning systems
Deep learning in a collaborative setting is emerging as a cornerstone of many upcoming applications, wherein untrusted users collaborate to generate more accurate models. From the security perspective, this opens collaborative deep learning to poisoning attacks, wherein adversarial users deliberately alter their inputs to mis-train the model. These attacks are known for machine learning systems...
متن کاملRobust Deep Reinforcement Learning with Adversarial Attacks
This paper proposes adversarial attacks for Reinforcement Learning (RL) and then improves the robustness of Deep Reinforcement Learning algorithms (DRL) to parameter uncertainties with the help of these attacks. We show that even a naively engineered attack successfully degrades the performance of DRL algorithm. We further improve the attack using gradient information of an engineered loss func...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: IEEE Transactions on Information Forensics and Security
سال: 2021
ISSN: ['1556-6013', '1556-6021']
DOI: https://doi.org/10.1109/tifs.2020.3039691