Hi Marc,
your plans for the wfpadtools framework sound really interesting. An evaluation framework of website fingerprinting defenses would be really useful! I would be happy to use it to evaluate the splitting/padding approach.
Like you and Mike said, I have to implement the splitting in Tor first but I will definitely come back to you when this first step is done.
Thanks,
Daniel
Hi Daniel,
I find it a very interesting idea to explore.
I feel that a smart use of padding in combination with splitting will be necessary in order to see improvements. The most immediate effect of splitting is to conceal packet lengths, but Tor fixed-length cells already make length not an interesting feature to exploit in WF attacks. Even if the cells are routed through different entry guards, ISP-like adversaries sitting between the user and the entry have the advantage of knowing the origin of the fragments. However, DLP strategies combined with Conflux-like splitting can be interesting. Also, routing through different entries seems to raise the bar for internal adversaries only controlling entry guards.
As Mike already mentioned, the framework we developed within the GSoC project allows to implement a wide range of padding strategies in the first hop, including chopping packets at arbitrary lengths (e.g., following a length distribution). But, as Mike pointed out, the framework is implemented as a PT and a Conflux-like strategy that reassembles fragments at the middle-node requires to be implemented in Tor itself.
I'm still working on the framework, currently refactoring and implementing new defenses. My goal now is to extend it to become an evaluation framework of WF defenses. So, I'm definitely interested in this topic. My research is closely related to WF, so I'm up for a collaboration on this as well as in other related problems.
Best,
marc
tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev