Towards Effective and Efficient Padding Machines for Tor

Tor recently integrated a circuit padding framework for creating padding machines: defenses that work by defining state machines that inject dummy traffic to protect against traffic analysis attacks like Website Fingerprinting (WF) attacks. In this paper, we explore the design of effective and efficient padding machines to defend against WF attacks. Through the use of carefully crafted datasets, a circuit padding simulator, genetic programming, and manual tuning of padding machines we explore different aspects of what makes padding machines effective and efficient defenses. Our final machine, named Interspace, is probabilistically-defined with a tweakable trade-off between efficiency and effectiveness against the state-of-the-art deep-learning WF attack Deep Fingerprinting by Sirinam et al. We show that Interspace can be both more effective and efficient than WTF-PAD by Juarez et al. the padding machine that inspired the design of Tor's circuit padding framework. We end this paper by showing how Interspace can be made less effective, identifying the promising tactic of probabilistically defined padding machines, and highlighting the need to further explore this tactic in more complex defenses.