A novel Website Fingerprinting attack against multi-tab browsing behavior

Abstract

Website Fingerprinting (WF) attacks have posed a serious threat to users' privacy, which allow an adversary to infer the anonymous communication content by using traffic analysis. Recent studies have demonstrated the effectiveness of WF attacks through a large number of experiments. However, some researchers believe that the assumptions of WF attacks vastly simplify the problem and are critical in the practical scenarios. In this paper, we assess the threat model of WF and relax the assumptions about browsing behavior to improve the practical feasibility. To deal with the multi-tab browsing scenario, we propose a novel WF attack and identify webpages respectively. The main idea resides in the fact that the user visits the second page with a short delay after opening the first page due to the think time. We analyze the anonymous traffic transmitted in the delay and select fine-grained features to identify the first page. Furthermore, we exclude the first page's traffic and utilize coarse features to identify the second page. We deploy our attack in real word environment and the experiment lasts for two months. The Naive Bayes classifier is then applied on the collected datasets to classify the visited websites among 50 top ranked websites in Alexa. When the delay is set to 2 seconds, our attack can classify the first page with 75.9% accuracy, and the second page is 40.5%. The results show that the WF attack is still effective in the practical scenarios and we can't dismiss WF as a threat.