[tor-dev] Website Fingerprinting Defense via Traffic Splitting

Daniel Forster daniel.forster at rwth-aachen.de
Mon Apr 20 08:47:03 UTC 2015

Hi Marc,

your plans for the wfpadtools framework sound really interesting.
An evaluation framework of website fingerprinting defenses would be really
useful! I would be happy to use it to evaluate the splitting/padding approach.

Like you and Mike said, I have to implement the splitting in Tor first but I will
definitely come back to you when this first step is done.



> Hi Daniel,
> I find it a very interesting idea to explore.
> I feel that a smart use of padding in combination with splitting will
> be necessary in order to see improvements. The most immediate effect
> of splitting is to conceal packet lengths, but Tor fixed-length cells
> already make length not an interesting feature to exploit in WF
> attacks. Even if the cells are routed through different entry guards,
> ISP-like adversaries sitting between the user and the entry have the
> advantage of knowing the origin of the fragments. However, DLP
> strategies combined with Conflux-like splitting can be interesting.
> Also, routing through different entries seems to raise the bar for
> internal adversaries only controlling entry guards.

> As Mike already mentioned, the framework we developed within the GSoC
> project allows to implement a wide range of padding strategies in the
> first hop, including chopping packets at arbitrary lengths (e.g.,
> following a length distribution). But, as Mike pointed out, the
> framework is implemented as a PT and a Conflux-like strategy that
> reassembles fragments at the middle-node requires to be implemented in
> Tor itself.
> I'm still working on the framework, currently refactoring and
> implementing new defenses. My goal now is to extend it to become an
> evaluation framework of WF defenses. So, I'm definitely interested in
> this topic. My research is closely related to WF, so I'm up for a
> collaboration on this as well as in other related problems.
> Best,
> --
> marc
> _______________________________________________
> tor-dev mailing list
> tor-dev at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20150420/273dbc1b/attachment.sig>

More information about the tor-dev mailing list