Leaked-Web: Accurate and Efficient Machine Learning-Based Website Fingerprinting Attack through Hardware Performance Counters

Users' website browsing history contains sensitive information, like health conditions, political interests, financial situations, etc. Some recent studies have demonstrated the possibility of inferring website fingerprints based on important usage information such as traffic, cache usage, memory usage, CPU activity, power consumption, and hardware performance counters information. However, existing website fingerprinting attacks demand a high sampling rate which causes high performance overheads and large network traffic, and/or they require launching an additional malicious website by the user, which is not guaranteed. As a result, such drawbacks make the existing attacks more noticeable to users and corresponding fingerprinting detection mechanisms. In response, in this work, we propose Leaked-Web, a novel accurate and efficient machine learning-based website fingerprinting attack through processor's Hardware Performance Counters (HPCs). Leaked-Web efficiently collects hardware performance counters in users' computer systems at a significantly low granularity monitoring rate and sends the samples to the remote attack's server for further classification. Leaked-Web examines the web browsers' microarchitectural features using various advanced machine learning algorithms ranging from classical, boosting, deep learning, and time-series models. Our experimental results indicate that Leaked-Web based on a LogitBoost ML classifier using only the top 4 HPC features achieves 91% classification accuracy outperforming the state-of-the-art attacks by nearly 5%. Furthermore, our proposed attack obtains a negligible performance overhead (only <1%), around 12% lower than the existing hardware-assisted website fingerprinting attacks.