Website Fingerprinting Through the Cache Occupancy Channel and its Real World Practicality
Venue: IEEE Transactions on Dependable and Secure Computing
Website fingerprinting attacks use statistical analysis on network traffic to compromise user privacy. The classical attack model used to evaluate website fingerprinting attacks assumes an on-path adversary, who observes traffic traveling between the user’s computer and the network.
To protect against cache-based website fingerprinting, new defense mechanisms must be introduced to privacy-sensitive browsers and websites. We investigate one such mechanism, and show that it reduces the effectiveness of the attack and completely eliminates it when used in the Tor Browser.
Note: This is the extended version of our Usenix Security 2019 paper, which adds a real-world evaluation.
The dataset used in this paper is publicly available under a CC-BY license on IEEE DataPort.