While anonymity networks like Tor aim to protect the privacy of their users, they are vulnerable to traffic analysis attacks such as Website Fingerprinting (WF) and Flow Correlation (FC). Recent implementations of WF and FC attacks, such as Tik-Tok and DeepCoFFEA, have shown that the attacks can be effectively carried out, threatening user privacy. Consequently, there is a need for effective traffic analysis defense. There are a variety of existing defenses, but most are either ineffective, incur high latency and bandwidth overhead, or require additional infrastructure. As a result, we aim to design a traffic analysis defense that is efficient and highly resistant to both WF and FC attacks. We propose DeTorrent, which uses competing neural networks to generate and evaluate traffic analysis defenses that insert 'dummy' traffic into real traffic flows. DeTorrent operates with moderate overhead and without delaying traffic. In a closed-world WF setting, it reduces an attacker's accuracy by 60.5%, a reduction 9.5% better than the next-best padding-only defense. Against the state-of-the-art FC attacker, DeTorrent reduces the true positive rate for a $10^{-4}$ false positive rate to about .30, which is less than half that of the next-best defense. We also demonstrate DeTorrent's practicality by deploying it alongside the Tor network and find that it maintains its performance when applied to live traffic.
翻译:虽然Tor等匿名网络的目的是保护用户的隐私,但它们很容易受到诸如网站指纹和流程关联(FC)等交通分析攻击的伤害。最近对WF和FC攻击(如Tik-Tok和DeepCoFFEA)的实施表明,袭击可以有效进行,威胁用户隐私。因此,需要有效的交通分析防御。现有防御系统有多种,但大多数防御系统不是无效的,是高延时和带宽管理,或需要更多基础设施。因此,我们的目标是设计高效和高度抵抗FFFFF和FC攻击的交通分析防御系统。我们建议DeTorrent使用相互竞争的神经网络来生成和评估交通分析防御系统,这些网络在实际交通流量中插入“虚构”的交通。DeTorrent以中和不延误的交通流量进行操作。在封闭的WFFF的环境下,攻击的准确度降低60.5%,比下个最佳的防线减少9.5%。相对于FC攻击和FC攻击的状态,我们建议使用相互竞争的交通网络的运行率降低10-4。