We gratefully acknowledge support from
the Simons Foundation and member institutions.
Full-text links:

Download:

Current browse context:

cs.AR

Change to browse by:

References & Citations

DBLP - CS Bibliography

Bookmark

(what is this?)
CiteULike logo BibSonomy logo Mendeley logo del.icio.us logo Digg logo Reddit logo ScienceWISE logo

Computer Science > Cryptography and Security

Title: Leaked-Web: Accurate and Efficient Machine Learning-Based Website Fingerprinting Attack through Hardware Performance Counters

Authors: Han Wang
Abstract: Users' website browsing history contains sensitive information, like health conditions, political interests, financial situations, etc. Some recent studies have demonstrated the possibility of inferring website fingerprints based on important usage information such as traffic, cache usage, memory usage, CPU activity, power consumption, and hardware performance counters information. However, existing website fingerprinting attacks demand a high sampling rate which causes high performance overheads and large network traffic, and/or they require launching an additional malicious website by the user, which is not guaranteed. As a result, such drawbacks make the existing attacks more noticeable to users and corresponding fingerprinting detection mechanisms. In response, in this work, we propose Leaked-Web, a novel accurate and efficient machine learning-based website fingerprinting attack through processor's Hardware Performance Counters (HPCs). Leaked-Web efficiently collects hardware performance counters in users' computer systems at a significantly low granularity monitoring rate and sends the samples to the remote attack's server for further classification. Leaked-Web examines the web browsers' microarchitectural features using various advanced machine learning algorithms ranging from classical, boosting, deep learning, and time-series models. Our experimental results indicate that Leaked-Web based on a LogitBoost ML classifier using only the top 4 HPC features achieves 91% classification accuracy outperforming the state-of-the-art attacks by nearly 5%. Furthermore, our proposed attack obtains a negligible performance overhead (only <1%), around 12% lower than the existing hardware-assisted website fingerprinting attacks.
Subjects: Cryptography and Security (cs.CR); Hardware Architecture (cs.AR)
Cite as: arXiv:2110.01202 [cs.CR]
  (or arXiv:2110.01202v1 [cs.CR] for this version)

Submission history

From: Han Wang [view email]
[v1] Mon, 4 Oct 2021 06:01:05 GMT (1539kb,D)

Link back to: arXiv, form interface, contact.