Website Fingerprinting (WF) attacks can extract side channel information from encrypted traffic to form a fingerprint that identifies the victim’s destination website, even if traffic is sophisticatedly anonymized by Tor. Many offline defenses have been proposed and claimed to have achieved good effectiveness. However, such work is more of a theoretical optimization study than a technology that can be applied to real-time traffic in the practical scenario. Because defenders generate optimized defense schemes only if the complete traffic traces are obtained. The practicality and effectiveness are doubtful. In this paper, we provide an in-depth analysis of the difficulties faced in porting existing offline defenses to the online scenarios. And then the online WF defense based on the non-targeted adversarial patch is proposed. To reduce the overhead, we use the Gradient-weighted Class Activation Mapping (Grad-CAM) algorithm to identify critical segments that have high contribution to the classification. In addition, we optimize the adversarial patch generation process by splitting patches and limiting the values, so that the pre-trained patches can be injected and discarded in real-time traffic. Extensive experiments are carried out to evaluate the effectiveness of our defense. When bandwidth overhead is set to 20%, the accuracies of the two state-of-the-art attacks, DF and Var-CNN, drop to 10.83% and 15.49%, respectively. Furthermore, we implement the real-time patch traffic injection based on WFPadTools framework in the online scenario, and achieve a defense accuracy of 95.50% with 12.57% time overhead.

With the rapid development of the Internet of Things (IoT), wireless technology has become an indispensable part of modern computing platforms and embedded systems. Wireless device fingerprint identification is deemed as a promising solution towards enhancing the security of device access authentication and communication process in the IoT scenario. However, the extraction of features from the network layer and its upper layers often confront restrictions from specific devices: the association with a certain wireless network and the access to the plaintext of the payload. Meanwhile, Bluetooth Low Energy (BLE) packets have been encrypted above the link layer, which makes those features difficult to extract. To tackle these problems, we introduce a novel method to identify BLE devices based on the fingerprint features in the data link layer. Initially, the BLE packets are collected through a receiver based on software-defined radio technology. Then, fields that reflect device differences in BLE broadcast packets are extracted through traffic analysis. Finally, a MultiLayer Perceptron (MLP) model is employed to recognize the category of BLE devices. An experimental result on a dataset with 15 types of BLE devices shows that the identification accuracy of the proposed method can reach 99.8%, which accomplishes better performance over previous work.

Tor is pervasively used to conceal target websites that users are visiting. A de-anonymization technique against Tor, referred to as website fingerprinting attack, aims to infer the websites accessed by Tor clients by passively analyzing the patterns of encrypted traffic at the Tor client side. However, HTTP pipeline and Tor circuit multiplexing techniques can affect the accuracy of the attack by mixing the traffic that carries web objects in a single TCP connection. In this paper, we propose a novel active website fingerprinting attack by identifying and delaying the HTTP requests at the first hop Tor node. Then, we can separate the traffic that carries distinct web objects to derive a more distinguishable traffic pattern. To fulfill this goal, two algorithms based on statistical analysis and objective function optimization are proposed to construct a general packet delay scheme. We evaluate our active attack against Tor in empirical experiments and obtain the highest accuracy of 98.64%, compared with 85.95% of passive attack. We also perform experiments in the open-world scenario. When the parameter $k$ of $k$-NN classifier is set to 5, then we can obtain a true positive rate of 90.96% with a false positive rate of 3.9%.