The rise of website fingerprinting on Tor: Analysis on techniques and assumptions

Aminuddin, Mohamad Amar Irsyad Mohd and Zaaba, Zarul Fitri and Samsudin, Azman and Mohd Zaki, Muhammad Faiz and Juma'at, Nor Badrul Anuar (2023) The rise of website fingerprinting on Tor: Analysis on techniques and assumptions. Journal of Network and Computer Applications, 212. ISSN 1084-8045, DOI https://doi.org/10.1016/j.jnca.2023.103582.

Full text not available from this repository.

Abstract

Tor is one of the most popular anonymity networks that allows Internet users to hide their browsing activity. Hiding browsing activity is essential for Internet users to increase their privacy. Only Tor users should know the website they are browsing. However, an attacker can utilise the Website Fingerprinting (WF) attack to identify webpages browsed by Tor users. WF is a significant threat to Internet users' privacy as Tor should conceal the browsed webpages' information. Existing WF studies focused on the investigation to improve the identification capabilities, overlooking the systematic discussion and assessment of existing techniques. In addition, existing surveys and analyses reviewed insufficient variation of WF on Tor techniques. Therefore, this survey paper aims to provide a systematic and thorough review of various WF on Tor techniques. First, we discuss WF on Tor techniques in five primary aspects: threat model, victim target, website realm, traffic feature, and traffic clas-sifier. We analyse and classify the reviewed studies on each WF aspect. The classification facilitates in-depth understanding and comparison between WF on Tor techniques. Furthermore, this paper investigates nine as-sumptions exercised in WF on Tor: closed-world, sequential browsing, isolated traffic, replicability, traffic parsing, passive webpage, disabled cache, static content, and single webpage. These assumptions limit the WF on Tor's practicality in real-world scenarios. Our analysis and classification indicate that most WF on Tor studies apply these assumptions despite being only suitable in controlled environments or laboratory experiments. In addition, most reviewed studies often lack transparency on the assumptions exercised in their studies, risking misunderstanding the WF on Tor techniques' actual practicality. At the end of this survey, we present WF on Tor taxonomy and highlight 21 WF on Tor research's limitations and gaps with plausible recommendations. We also discuss the WF on Tor studies' contribution category and development phase.

Item Type: Article
Funders: Ministry of Education, Malaysia (Grant No: FRGS/1/2019/ICT03/USM/02/2)
Uncontrolled Keywords: Security; Privacy; Anonymity; Tor; Traffic analysis; Website fingerprinting
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions: Faculty of Computer Science & Information Technology > Department of Computer System & Technology
Depositing User: Ms Zaharah Ramly
Date Deposited: 01 Dec 2023 01:22
Last Modified: 01 Dec 2023 01:22
URI: http://eprints.um.edu.my/id/eprint/38779

Actions (login required)

View Item View Item
UM Research Repository is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.