A Website Fingerprint defense technology with low delay and controllable bandwidth

Abstract

Website Fingerprinting (WF) attacks have shown a serious threat to users’ privacy on Tor networks. To resist WF attacks, many defenses have been proposed, of which padding without any delay is the state-of-the-art method. With the extra data overhead, they managed to reduce the accuracy of WF attacks. However, it is challenging to defeat WF attacks effectively while costing low bandwidth and latency. In this paper, we present RanDePad, a traffic protection and obfuscation method. It achieves low delay and controllable bandwidth. RanDePad uses an adaptive random delaying technique to destroy the website traffic’s time distribution characteristics. It could adjust the time interval between the real traffic packets without changing its order and limits the required traffic latency. Through a bandwidth evaluation algorithm, RanDePad evaluates the traffic bandwidth and dynamically adjusts the random bandwidth padding scheme to hide traffic space features. It ensures low and controllable bandwidth overhead. We evaluated the performance of RanDePad against WF attacks under different bandwidth overhead settings. Experimental results show that with the same total bandwidth overhead and 5.89% total latency overhead, RanDePad can decrease the state-of-the-art attack DF accuracy from 94.57% to 62.40%, while the Front reduces it to 71.01% and the WTF-PAD to 86.44%. Furthermore, when the accuracy is defended to 70%, our method consumes only 21.66% total bandwidth overhead, which is half of the Front and WTF-PAD. In addition, the single bandwidth overhead of RanDePad is also lower than the existing defenses, where the Font spends three times as much as RanDePad does. The results indicate that the RanDePad performs better than the current state-of-the-art WTF-PAD and FRONT methods.