Efficient Fingerprinting Attack on Web Applications: An Adaptive Symbolization Approach
-
Published:2023-07-04
Issue:13
Volume:12
Page:2948
-
ISSN:2079-9292
-
Container-title:Electronics
-
language:en
-
Short-container-title:Electronics
Author:
Yang Xue1, Xu Jian2, Li Guojun3
Affiliation:
1. Computer and Information Security Department, Zhejiang Police College, Hangzhou 310053, China 2. Computer Application Technology Department, School of Computer Science, Hangzhou Dianzi University, Hangzhou 310018, China 3. Basic Courses Department, Zhejiang Police College, Hangzhou 310053, China
Abstract
Website fingerprinting is valuable for many security solutions as it provides insights into applications that are active on the network. Unfortunately, the existing techniques primarily focus on fingerprinting individual webpages instead of webpage transitions. However, it is a common scenario for users to follow hyperlinks to carry out their actions. In this paper, an adaptive symbolization method based on packet distribution information is proposed to represent network traffic. The Profile Hidden Markov Model (PHMM exploits positional information contained in network traffic sequences and is sensitive to webpage transitional information) is used to construct users’ action patterns. We also construct user role models to represent different kinds of users and apply them to our web application identification framework to uncover more information. The experimental results demonstrate that compared to the equal interval and K-means symbolization algorithms, the adaptive symbolization method retains the maximum amount of information and is less time-consuming. The PHMM-based user action identification method has higher accuracy than the existing traditional classifiers do.
Funder
Zhejiang Provincial Natural Science Foundation of China
Subject
Electrical and Electronic Engineering,Computer Networks and Communications,Hardware and Architecture,Signal Processing,Control and Systems Engineering
Reference43 articles.
1. Ionescu, P., Keirstead, J., Onut, I., and Wilson, D. (2020). Automatic Traffic Classification of Web Applications and Services Based on Dynamic analysis. (No. 10,542,025), U.S. Patent. 2. Tayor, V.F., Conti, R., and Martinovic, I. (2016, January 21–24). Appscanner: Automatic fingerprinting of smartphone Apps from encrypted network traffic. Proceedings of the 1st IEEE European Symposium on Security and Privacy, Saarbruecken, Germany. 3. Faik, A.H., and Jasleen, K. (2016, January 18–20). Can Android applications be identified using only TCP/IP headers of their launch time traffic. Proceedings of the 9th ACM Conference on Security & Privacy in Wireless and Mobile Networks, Darmstadt, Germany. 4. van Ede, T., Bortolameotti, R., Continella, A., Ren, J., Dubois, D.J., Lindorfer, M., Choffnes, D., van Steen, M., and Peter, A. (2020, January 23–26). FLOWPRINT: Semi-supervised mobile-app fingerprinting on encrypted network traffic. Proceedings of the 27th Network and Distributed Systems Security (NDSS) Symposium, San Diego, CA, USA. 5. Wang, T., Cai, X., Nithyanand, R., Johnson, R., and Goldberg, I. (2014, January 20–22). Effective attacks and provable defenses for website fingerprinting. Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, USA.
|
|