Understanding Traffic Fingerprinting CNNs

2020 IEEE 45th Conference on Local Computer Networks (LCN) Pub Date : 2020-11-16 DOI:10.1109/LCN48667.2020.9314785

T. Dahanayaka, Guillaume Jourjon, Suranga Seneviratne

{"title":"Understanding Traffic Fingerprinting CNNs","authors":"T. Dahanayaka, Guillaume Jourjon, Suranga Seneviratne","doi":"10.1109/LCN48667.2020.9314785","DOIUrl":null,"url":null,"abstract":"HTTPS encrypted traffic can leak information about underlying contents through various statistical properties of traffic flows like packet lengths and timing, opening doors to traffic fingerprinting attacks. Recently proposed traffic fingerprinting attacks leveraged Convolutional Neural Networks (CNNs) and recorded very high accuracies undermining the state-of-the-art mitigation techniques. In this paper, we methodically dissect such CNNs with the objectives of building further accurate and scalable traffic classifiers and understanding the inner workings of such CNNs to develop effective mitigation techniques. By conducting experiments with three datasets, we show that website fingerprinting CNNs focus majorly on the initial parts of traces instead of longer windows of continuous uploads or downloads. Next, we show that traffic fingerprinting CNNs exhibit transfer-learning capabilities allowing identification of new websites with fewer data. Finally, we show that traffic fingerprinting CNNs outperform RNNs because of their resilience to random shifts in data happening due to varying network conditions.","PeriodicalId":245782,"journal":{"name":"2020 IEEE 45th Conference on Local Computer Networks (LCN)","volume":"26 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-11-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 IEEE 45th Conference on Local Computer Networks (LCN)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/LCN48667.2020.9314785","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 4

Abstract

HTTPS encrypted traffic can leak information about underlying contents through various statistical properties of traffic flows like packet lengths and timing, opening doors to traffic fingerprinting attacks. Recently proposed traffic fingerprinting attacks leveraged Convolutional Neural Networks (CNNs) and recorded very high accuracies undermining the state-of-the-art mitigation techniques. In this paper, we methodically dissect such CNNs with the objectives of building further accurate and scalable traffic classifiers and understanding the inner workings of such CNNs to develop effective mitigation techniques. By conducting experiments with three datasets, we show that website fingerprinting CNNs focus majorly on the initial parts of traces instead of longer windows of continuous uploads or downloads. Next, we show that traffic fingerprinting CNNs exhibit transfer-learning capabilities allowing identification of new websites with fewer data. Finally, we show that traffic fingerprinting CNNs outperform RNNs because of their resilience to random shifts in data happening due to varying network conditions.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

了解流量指纹cnn

HTTPS加密的流量可以通过流量流的各种统计属性(如数据包长度和时间)泄露有关底层内容的信息，从而为流量指纹攻击打开了大门。最近提出的流量指纹攻击利用卷积神经网络(cnn)，并记录了非常高的准确性，破坏了最先进的缓解技术。在本文中，我们系统地剖析了这些cnn，目的是建立进一步准确和可扩展的流量分类器，并了解这些cnn的内部工作原理，以开发有效的缓解技术。通过对三个数据集进行实验，我们发现网站指纹cnn主要关注痕迹的初始部分，而不是连续上传或下载的较长窗口。接下来，我们展示了流量指纹cnn表现出迁移学习能力，允许用更少的数据识别新网站。最后，我们表明流量指纹cnn优于rnn，因为它们对由于不同网络条件而发生的数据随机变化具有弹性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

2020 IEEE 45th Conference on Local Computer Networks (LCN)

自引率

0.00%

发文量