Website Fingerprinting Attack on Psiphon and Its Forensic Analysis

Ejeta, Tekachew Gobena; Kim, Hyoung Joong

doi:10.1007/978-3-319-64185-0_4

Tekachew Gobena Ejeta¹⁷ &
Hyoung Joong Kim¹⁸

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10431))

Included in the following conference series:

International Workshop on Digital Watermarking

3105 Accesses
8 Citations

Abstract

Internet circumvention applications – such as Psiphon – are widely used to bypass control mechanisms, and each of such anti-censorship application uses a unique mechanism to bypass internet censorship. Although anti-censorship applications provide a unique means to ensure internet freedom, some applications severely degrade network performance and possibly open the door for network security breaches. Anti-censorship applications such as Psiphon can be used as cover for hacking attempts and can assist in many criminal activities. In this paper, we analyze the Psiphon service and perform a passive traffic analysis to detect Psiphon traffic. Moreover, we profile the top 100 websites based on their Alexa rankings according to five different categories under Psiphon and perform an effective website fingerprinting attack. Our analysis uses the well-known k-nearest neighbors for website fingerprinting and support vector machine classifier to detect Psiphon traffic.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

Psiphon, Privacy Policy. https://psiphon.ca/en/privacy.html. Accessed 24 Apr 2017
Herrmann, D., Wendolsky, R., Federrath, H.: Website fingerprinting: attacking popular privacy enhancing technologies with the multinomial Naïve Bayes classifier. In: Proceedings of the 2009 ACM workshop on Cloud Computing Security, pp. 31–42 (2009)
Google Scholar
Wang, T.: Website fingerprinting: attacks and defenses, Ph.D. Dissertation, University of Waterloo (2016)
Google Scholar
Dyer, K.P., Coull, S.E., Ristenpart, T., Shrimpton, T.: Peek-a-boo, I still see you: why efficient traffic analysis countermeasures fail. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 332–346 (2012)
Google Scholar
Cai, X., Zhang, X., Joshi, B., Johnson, R.: Touching from a distance: website fingerprinting attacks and defenses. In: Proceedings of the ACM Conference on Computer and Communications Security, pp. 605–616 (2012)
Google Scholar
Hayes, J., Danezis, G.: Website fingerprinting at scale (2016). arXiv:1509.00789v2
Rimmer, V.: Deep Learning Website Fingerprinting Features, MS thesis, KU Leuven (2017)
Google Scholar
Panchenko, A., Niessen, L.: Website fingerprinting in onion routing based anonymization networks. In: Proceedings of the Annual ACM Workshop on Privacy in the Electronic Society, pp. 103–114 (2011)
Google Scholar
Al-Qura’n, R., Hadi, A., Atoum, J., Al-Zewairi, M.: Ultrasurf traffic classification: detection and prevention. Int. J. Commun. Netw. Syst. Sci. 8(8), 304–311 (2015)
Google Scholar
Alexa Top 500 Global Sites. http://www.alexa.com/topsites. Accessed 8 Jun 2017
The #1 Browser Automation, Data Extraction, and Web Testing Tool, iMacros Software. http://imacros.net/overview. Accessed 24 Mar 2017
Liberatore, M., Levine, B.N.: Inferring the source of encrypted HTTP connections. In: Proceedings of the ACM conference on Computer and Communications Security, pp. 255–263 (2006)
Google Scholar
Wang, T., Cai, X., Nithyanand, R., Johnson, R., Goldberg, I.: Effective attacks and provable defenses for website fingerprinting. In: Proceedings of the USENIX Security Symposium, pp. 143–157 (2014)
Google Scholar
Train models to classify data using supervised machine learning - MATLAB. https://www.mathworks.com/help/stats/classificationlearner-app.html?s_tid=gn_loc_drop. Accessed 14 Apr 2017

Download references

Author information

Authors and Affiliations

Department of Cyber Defense, Korea University, Seoul, South Korea
Tekachew Gobena Ejeta
Graduate School of Information Security, Korea University, Seoul, South Korea
Hyoung Joong Kim

Authors

Tekachew Gobena Ejeta
View author publications
You can also search for this author in PubMed Google Scholar
Hyoung Joong Kim
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Hyoung Joong Kim .

Editor information

Editors and Affiliations

Department of Computer Science, Otto-von-Guericke University Magdeburg, Magdeburg, Germany
Christian Kraetzer
Department of Electrical and Computer Engineering, New Jersey Institute of Technology, Newark, New Jersey, USA
Yun-Qing Shi
Department of Computer Science, Otto-von-Guericke University Magdeburg, Magdeburg, Germany
Jana Dittmann
Graduate School Information Security, Korea University, Seoul, Korea (Republic of)
Hyoung Joong Kim

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Ejeta, T.G., Kim, H.J. (2017). Website Fingerprinting Attack on Psiphon and Its Forensic Analysis. In: Kraetzer, C., Shi, YQ., Dittmann, J., Kim, H. (eds) Digital Forensics and Watermarking. IWDW 2017. Lecture Notes in Computer Science(), vol 10431. Springer, Cham. https://doi.org/10.1007/978-3-319-64185-0_4

Download citation

DOI: https://doi.org/10.1007/978-3-319-64185-0_4
Published: 26 July 2017
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-64184-3
Online ISBN: 978-3-319-64185-0
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics