Attacking anonymous web browsing at local area networks through browsing dynamics

Yu, Shui, Zhou, Wanlei, Jia, Weijia and Hu, Jiankun 2012, Attacking anonymous web browsing at local area networks through browsing dynamics, Computer journal, vol. 55, no. 4, pp. 410-421.

Attached Files
Name Description MIMEType Size Downloads

Title Attacking anonymous web browsing at local area networks through browsing dynamics
Author(s) Yu, Shui
Zhou, Wanlei
Jia, Weijia
Hu, Jiankun
Journal name Computer journal
Volume number 55
Issue number 4
Start page 410
End page 421
Total pages 12
Publisher Oxford University Press
Place of publication Oxford, England
Publication date 2012-04
ISSN 0010-4620
1460-2067
Keyword(s) anonymity
attack
web browsing
hidden Markov Chain
Summary The majority of current anonymous systems focus on improving anonymity at the network and website level in order to defend against traffic analysis attacks. However, the vulnerability of the connections between end users and the anonymous network do not attract any attention yet. For the first time, we reveal an end user browsing dynamics based attack on anonymous browsing systems at the LAN where the victim locates. This new attack method is fundamentally different from existing attack methodologies. In general, web surfers browse the web following certain patterns, such as requesting a web page, viewing it and requesting another page. The browsing pattern of a victim can be clearly observed by a local adversary when the victim is viewing the web without protection. Unfortunately, browsing dynamics releases rich information for attacking even though the web page content is encrypted. In order to show how a local eavesdropper can decipher which pages have been viewed with the knowledge of user browsing dynamics and the public information of a given website, we established a specific hidden Markov model to represent browsing dynamics for the website. By using this model, we can then identify the optimal of the accessed pages using the Viterbi algorithm. In order to confirm the effectiveness of the revealed attack method, we have conducted extensive experiments on a real data set. The results demonstrated that the attack accuracy can be more than 80%. A few possible counter-attack strategies are discussed at the end of the paper.
Language eng
Field of Research 080503 Networking and Communications
Socio Economic Objective 890101 Fixed Line Data Networks and Services
HERDC Research category C1 Refereed article in a scholarly journal
Copyright notice ©2011, The Author
Persistent URL http://hdl.handle.net/10536/DRO/DU:30040540

Document type: Journal Article
Collection: School of Information Technology
Connect to link resolver
 
Unless expressly stated otherwise, the copyright for items in DRO is owned by the author, with all rights reserved.

Versions
Version Filter Type
Citation counts: TR Web of Science Citation Count  Cited 4 times in TR Web of Science
Scopus Citation Count Cited 3 times in Scopus
Google Scholar Search Google Scholar
Access Statistics: 87 Abstract Views, 7 File Downloads  -  Detailed Statistics
Created: Mon, 05 Dec 2011, 12:45:47 EST

Every reasonable effort has been made to ensure that permission has been obtained for items included in DRO. If you believe that your rights have been infringed by this repository, please contact drosupport@deakin.edu.au.