摘要: Webpage fingerprinting methods infer the webpages visited in a traffic trace and are serious threats to privacy of web users. Prior work evaluates webpage using samples from single client does not consider diversity factor---webpages can be different browsers, operating systems devices. In this paper, we study impact on HTTPS fingerprinting. First, evaluate 5 prominent 19 clients. We show that best performing overfit patterns do generalize when they evaluated (even if clients use same browser system only differ device). Then, investigate find differences HTTP messages generated, servers communicated implementation HTTP/2 across Finally, robustness increased by training them diverse set This informs community towards realistic threat model for presents an analysis modern traffic.
acm.org 
sci-hub.se 参考文章(33)
F. Monrose, S. E. Coull, M. P. Collins, C. V. Wright, M. K. Reiter, On web browsing privacy in anonymized NetFlows usenix security symposium. pp. 23- ,(2007)
Brad Miller, Ling Huang, A. D. Joseph, J. D. Tygar, I Know Why You Went to the Clinic: Risks and Realization of HTTPS Traffic Analysis privacy enhancing technologies. pp. 143- 163 ,(2014) , 10.1007/978-3-319-08506-7_8
Sean Sanders, Jasleen Kaur, Can web pages be classified using anonymized TCP/IP headers? 2015 IEEE Conference on Computer Communications (INFOCOM). pp. 2272- 2280 ,(2015) , 10.1109/INFOCOM.2015.7218614
Ting-Fang Yen, Xin Huang, Fabian Monrose, Michael K. Reiter, Browser Fingerprinting from Coarse Traffic Summaries: Techniques and Implications Detection of Intrusions and Malware, and Vulnerability Assessment. pp. 157- 175 ,(2009) , 10.1007/978-3-642-02918-9_10
Aditya Khosla, Tinghui Zhou, Tomasz Malisiewicz, Alexei A. Efros, Antonio Torralba, Undoing the Damage of Dataset Bias Computer Vision – ECCV 2012. pp. 158- 171 ,(2012) , 10.1007/978-3-642-33718-5_12
Andrew Hintz, Fingerprinting websites using traffic analysis privacy enhancing technologies. pp. 171- 178 ,(2002) , 10.1007/3-540-36467-6_13
George Dean Bissias, Marc Liberatore, David Jensen, Brian Neil Levine, Privacy Vulnerabilities in Encrypted HTTP Streams Privacy Enhancing Technologies. ,vol. 3856, pp. 1- 11 ,(2006) , 10.1007/11767831_1
Qixiang Sun, D.R. Simon, Yi-Min Wang, W. Russell, V.N. Padmanabhan, Lili Qiu, Statistical identification of encrypted Web browsing traffic ieee symposium on security and privacy. pp. 19- 30 ,(2002) , 10.1109/SECPRI.2002.1004359
Tao Wang, Ian Goldberg, Improved website fingerprinting on Tor workshop on privacy in the electronic society. pp. 201- 212 ,(2013) , 10.1145/2517840.2517851
Gabriel Macia-Fernandez, Yong Wang, Rafael Rodriguez-Gomez, Aleksandar Kuzmanovic, ISP-Enabled Behavioral Ad Targeting without Deep Packet Inspection international conference on computer communications. pp. 1469- 1477 ,(2010) , 10.1109/INFCOM.2010.5461963