A website fingerprinting technology with time-sampling

Website Fingerprinting (WF) attacks allow web eavesdroppers to de-anonymize Tor users’ website traffic, and reveal information about the websites they visit. The state-of-the-art WF attacks based on deep learning have achieved high accuracy. However, they often ignore low-level timing information and use a simple direction-based traffic representation method that only retains the spatial information of website traffic packets. In fact, the timing information of website traffic packets is also one of the essential features of a website, which plays a significant role in the WF attack. In this paper, we propose a sampling-based traffic representation method called Time-Sampling in this paper. Time-Sampling uses a time-based sampling technique, which samples website traffic packets and fills packet gaps with zeros when generating model input sequences. It maintains both the timing and spatial information in traffic. To evaluate the performance of Time-Sampling, we reimplemented the state-of-the-art WF attacks with it against the direction-based methodology under diverse settings. Under the undefended datasets, the sampling-based WF attacks attained higher accuracy on closed-world evaluation. Moreover, on the protected datasets, the accuracy is improved by 20% at most, higher than direction-based attacks. It reveals that time information is facilitated to WF attacks.