The search functionality is under construction.
The search functionality is under construction.

Gene Fingerprinting: Cracking Encrypted Tunnel with Zero-Shot Learning

Ding LI, Chunxiang GU, Yuefei ZHU

  • Full Text Views

    0

  • Cite this

Summary :

Website Fingerprinting (WF) enables a passive attacker to identify which website a user is visiting over an encrypted tunnel. Current WF attacks have two strong assumptions: (i) specific tunnel, i.e., the attacker can train on traffic samples collected in a simulated tunnel with the same tunnel settings as the user, and (ii) pseudo-open-world, where the attacker has access to training samples of unmonitored sites and treats them as a separate class. These assumptions, while experimentally feasible, render WF attacks less usable in practice. In this paper, we present Gene Fingerprinting (GF), a new WF attack that achieves cross-tunnel transferability by generating fingerprints that reflect the intrinsic profile of a website. The attack leverages Zero-shot Learning — a machine learning technique not requiring training samples to identify a given class — to reduce the effort to collect data from different tunnels and achieve a real open-world. We demonstrate the attack performance using three popular tunneling tools: OpenSSH, Shadowsocks, and OpenVPN. The GF attack attains over 94% accuracy on each tunnel, far better than existing CUMUL, DF, and DDTW attacks. In the more realistic open-world scenario, the attack still obtains 88% TPR and 9% FPR, outperforming the state-of-the-art attacks. These results highlight the danger of our attack in various scenarios where gathering and training on a tunnel-specific dataset would be impractical.

Publication
IEICE TRANSACTIONS on Information Vol.E105-D No.6 pp.1172-1184
Publication Date
2022/06/01
Publicized
2022/03/23
Online ISSN
1745-1361
DOI
10.1587/transinf.2021EDP7179
Type of Manuscript
PAPER
Category
Information Network

Authors

Ding LI
  State Key Laboratory of Mathematical Engineering and Advanced Computing
Chunxiang GU
  State Key Laboratory of Mathematical Engineering and Advanced Computing
Yuefei ZHU
  State Key Laboratory of Mathematical Engineering and Advanced Computing

Keyword