IDEAS home Printed from https://ideas.repec.org/a/gam/jmathe/v11y2023i19p4078-d1247942.html
   My bibliography  Save this article

A Practical Website Fingerprinting Attack via CNN-Based Transfer Learning

Author

Listed:
  • Tianyao Pan

    (School of Computer Science and Technology, Beijing Institute of Technology, Beijing 100081, China)

  • Zejia Tang

    (School of Cyberspace Science and Technology, Beijing Institute of Technology, Beijing 100081, China)

  • Dawei Xu

    (College of Cybersecurity, Changchun University, Changchun 130022, China)

Abstract

Website fingerprinting attacks attempt to apply deep learning technology to identify websites corresponding to encrypted traffic data. Unfortunately, to the best of our knowledge, once the total number of encrypted traffic data becomes insufficient, the identification accuracy in most existing works will drop dramatically. This phenomenon grows worse because the statistical features of the encrypted traffic data are not always stable but irregularly varying in different time periods. Even a deep learning model requires good performance to capture the statistical features, its accuracy usually diminishes in a short period of time because the changes of the statistical features technically put the training and testing data into two non-identical distributions. In this paper, we first propose a convolutional neural network-based website fingerprinting attack (CWFA) scheme. This scheme integrates packet direction with the timing sequence from the encrypted traffic data to improve the accuracy of analysis as much as possible on few data samples. We then design a new fine-tuning mechanism for the CWFA (FM-CWFA) scheme based on transfer learning. This mechanism enables the proposed FM-CWFA scheme to support the changes in the statistical patterns. The experimental results in closed-world and open-world settings show that the effectiveness of the CWFA scheme is better than previous researches, with the slowest performance degradation when the number of data decreases, and the FM-CWFA scheme can remain effective when the statistical features change.

Suggested Citation

  • Tianyao Pan & Zejia Tang & Dawei Xu, 2023. "A Practical Website Fingerprinting Attack via CNN-Based Transfer Learning," Mathematics, MDPI, vol. 11(19), pages 1-19, September.
  • Handle: RePEc:gam:jmathe:v:11:y:2023:i:19:p:4078-:d:1247942
    as

    Download full text from publisher

    File URL: https://www.mdpi.com/2227-7390/11/19/4078/pdf
    Download Restriction: no

    File URL: https://www.mdpi.com/2227-7390/11/19/4078/
    Download Restriction: no
    ---><---

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jmathe:v:11:y:2023:i:19:p:4078-:d:1247942. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.