RUDOLF: An Efficient and Adaptive Defense Approach Against Website Fingerprinting Attacks Based on Soft Actor-Critic Algorithm

Research Areas: Human Centric Security

Principal Investigator: Bharat Bhargava

Although Tor is designed to provide anonymity, website fingerprinting (WF) attacks have posed significant threats to user privacy. In response, various defense approaches have been developed. Randomization and regularization-based defenses are criticized to be inefficient due to their bandwidth-consuming nature. Some adversarial learning-based defenses are impractical because the generation of perturbation depends on the complete traffic traces. Other adversarial learning-based defenses have weaknesses of lacking adaptability because their perturbations are input-agnostic. To overcome these shortcomings, we propose RUDOLF, an efficient and adaptive WF defense based on the soft actor-critic (SAC) algorithm of reinforcement learning (RL). We train the agent that can incrementally output perturbations synchronously following each burst of real-time traffic. Different from previous defenses, RUDOLF’s perturbation does not depend on the integrity of the traffic and concerns the actual real-time traffic, which ensures the practicality of implementation and adaptability. Besides, we take advantage of the exploratory characteristics of the SAC algorithm to obtain the optimal policy of adding perturbations that can efficiently balance defense effects and bandwidth consumption. Experiments on synthetic datasets show that with less than 30�ndwidth overhead (BWO), RUDOLF can reduce the average attack accuracy to around 15%–20%, which is superior to previous works. We also have implemented RUDOLF as a Tor pluggable transport. The performance in the real Tor network shows that RUDOLF can reduce the average accuracy of WF classifier to around 24% with about 25% BWO and almost no time delay.

Personnel

Other Faculty: Junsong Fu

Students: Meiyi Jiang; Baojiang Cui; Tao Wang; Lu Yao; Bharat K. Bhargava All Authors

Representative Publications

M. Jiang, B. Cui, J. Fu, T. Wang, L. Yao and B. K. Bhargava, "RUDOLF: An Efficient and Adaptive Defense Approach Against Website Fingerprinting Attacks Based on Soft Actor-Critic Algorithm," in IEEE Transactions on Information Forensics and Security, vol. 19, pp. 7794-7809, 2024, doi: 10.1109/TIFS.2024.3436818

Keywords: Perturbation methods;Real-time systems;Accuracy;Training;Fingerprint recognition;Bandwidth;Servers;Traffic analysis;website fingerprinting;reinforcement learning;anonymity network