XAI-Based Microarchitectural Side-Channel Analysis for Website Fingerprinting Attacks and Defenses

Abstract

Website Fingerprinting attacks aim to track the visited websites in browsers and infer confidential information about users. Several studies showed that recent advancements in Machine Learning (ML) and Deep Learning (DL) algorithms made it possible to implement website fingerprinting attacks even though various defense techniques are present in the network. Nevertheless, trained models for website detection are not analyzed deeply to identify the leakage sources which are not always visible to both attackers and Cyber Threat Intelligence engineers. This study focuses on explaining ML and DL models in the context of microarchitecture-based website fingerprinting attacks. In the attack model, performance counters and cache occupancy side-channels are implemented on Google Chrome and Tor browsers. After ML and DL models are trained, LIME and saliency map XAI methods are applied to examine the leakage points in the side-channel data. In order to match the leakage samples in the measurements to the network traces, a novel dataset is collected by utilizing Google Chrome and Firefox browser developer tools. Next, the efficiency of explainable methods are analyzed with XAI metrics. Finally, an XAI-based obfuscation defense technique is proposed as a countermeasure against microarchitecture-based website fingerprinting attacks