Practical and lightweight defense against website fingerprinting

Website fingerprinting is a passive network traffic analysis technique that enables an adversary to identify the website visited by a user despite encryption and the use of privacy services such as Tor. Several website fingerprinting defenses built on top of Tor have been proposed to guarantee a user's privacy by concealing trace features that are important to classification. However, some of the best defenses incur a high bandwidth and/or latency overhead. To combat this, new defenses have sought to be both lightweight — i.e., introduce a small amount of bandwidth overhead — and zero-delay to real network traffic. This work introduces a novel zero-delay and lightweight website fingerprinting defense, called BRO, which conceals the feature-rich beginning of a trace while still enabling the obfuscation of features deeper into the trace without spreading the padding budget thin. BRO schedules padding with a randomized beta distribution that can skew to both the extreme left and right, keeping the applied padding clustered to a finite portion of a trace. This work specifically targets deep learning attacks, which continue to be among the most accurate website fingerprinting attacks. Results show that BRO outperforms other well-known website fingerprinting defenses, such as FRONT, with similar bandwidth overhead.