[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Website Fingerprinting Defense via Traffic Splitting

To: <tor-dev@xxxxxxxxxxxxxxxxxxxx>
Subject: Re: [tor-dev] Website Fingerprinting Defense via Traffic Splitting
From: Daniel Forster <daniel.forster@xxxxxxxxxxxxxx>
Date: Mon, 20 Apr 2015 10:47:03 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 20 Apr 2015 04:47:21 -0400
In-reply-to: <54ADC0F5.40108@xxxxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
References: <20150106193626.GE3901@xxxxxxxxxxxxxxxxxxxxxxxx> <54AD8603.5020403@xxxxxxxxxxxxxx> <54ADC0F5.40108@xxxxxxxxxxxxxxxx>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>

Hi Marc,

your plans for the wfpadtools framework sound really interesting.
An evaluation framework of website fingerprinting defenses would be really
useful! I would be happy to use it to evaluate the splitting/padding approach.

Like you and Mike said, I have to implement the splitting in Tor first but I will
definitely come back to you when this first step is done.


Thanks,

Daniel

> 
> Hi Daniel,
> 
> I find it a very interesting idea to explore.
> 
> I feel that a smart use of padding in combination with splitting will
> be necessary in order to see improvements. The most immediate effect
> of splitting is to conceal packet lengths, but Tor fixed-length cells
> already make length not an interesting feature to exploit in WF
> attacks. Even if the cells are routed through different entry guards,
> ISP-like adversaries sitting between the user and the entry have the
> advantage of knowing the origin of the fragments. However, DLP
> strategies combined with Conflux-like splitting can be interesting.
> Also, routing through different entries seems to raise the bar for
> internal adversaries only controlling entry guards.
> 

> 
> As Mike already mentioned, the framework we developed within the GSoC
> project allows to implement a wide range of padding strategies in the
> first hop, including chopping packets at arbitrary lengths (e.g.,
> following a length distribution). But, as Mike pointed out, the
> framework is implemented as a PT and a Conflux-like strategy that
> reassembles fragments at the middle-node requires to be implemented in
> Tor itself.
> 
> I'm still working on the framework, currently refactoring and
> implementing new defenses. My goal now is to extend it to become an
> evaluation framework of WF defenses. So, I'm definitely interested in
> this topic. My research is closely related to WF, so I'm up for a
> collaboration on this as well as in other related problems.
> 
> Best,
> --
> marc
> 
> _______________________________________________
> tor-dev mailing list
> tor-dev@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Prev by Author: Re: [tor-dev] Website Fingerprinting Defense via Traffic Splitting
Next by Author: [tor-dev] PT-themed stuffed animals: huggable transports
Previous by thread: Re: [tor-dev] Website Fingerprinting Defense via Traffic Splitting
Next by thread: [tor-dev] Possible anomaly in meek user graph circa April 15, 2015
Index(es):
- Author
- Thread