Wireless/Website Traffic Analysis & Fingerprinting: A Survey of Attacking Techniques and Countermeasures

Abstract

Throughout browsing the web or running applications on a wireless network, user's private information should be hidden from other users. Private information may include the visited websites, downloaded files, chatting messages or any other web or network activities. Therefore, several encrypting protocols (such as: IPsec, TLS, SSL, etc.) and privacy mechanisms (such as: SSH and Tor) have been introduced in order to protect user privacy by concealing the content of data being transmitted. However, the traffic behavior may reveal some information that cannot be encrypted; like packet size, direction, and inter- packet times, etc. Consequently, traffic analysis techniques take advantage of such information to infer the identities of the websites visited by Internet users, or the applications being running on a wireless network. On the other hand, several defense schemes have been proposed to provide more secure traffic against those kinds of attacks. In this paper, a taxonomy is introduced to categorize fingerprinting attacks and defenses against both websites and wireless traffic is introduced. Attacks and countermeasures are then qualitatively compared according to several attributes that distinguish their main characteristics. Eventually, we recommend a set of advanced settings that can be taken into account in order to enhance the success rates of fingerprinting techniques.