Website fingerprinting attack on Psiphon and its forensic analysis

Tekachew Gobena Ejeta; Hyong Joong Kim

doi:10.1007/978-3-319-64185-0_4

Website fingerprinting attack on Psiphon and its forensic analysis

Tekachew Gobena Ejeta, Hyong Joong Kim

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

8 Citations (Scopus)

Abstract

Internet circumvention applications – such as Psiphon – are widely used to bypass control mechanisms, and each of such anti-censorship application uses a unique mechanism to bypass internet censorship. Although anti-censorship applications provide a unique means to ensure internet freedom, some applications severely degrade network performance and possibly open the door for network security breaches. Anti-censorship applications such as Psiphon can be used as cover for hacking attempts and can assist in many criminal activities. In this paper, we analyze the Psiphon service and perform a passive traffic analysis to detect Psiphon traffic. Moreover, we profile the top 100 websites based on their Alexa rankings according to five different categories under Psiphon and perform an effective website fingerprinting attack. Our analysis uses the well-known k-nearest neighbors for website fingerprinting and support vector machine classifier to detect Psiphon traffic.

Original language	English
Title of host publication	Digital Forensics and Watermarking - 16th International Workshop, IWDW 2017, Proceedings
Publisher	Springer Verlag
Pages	42-51
Number of pages	10
Volume	10431 LNCS
ISBN (Print)	9783319641843
DOIs	https://doi.org/10.1007/978-3-319-64185-0_4
Publication status	Published - 2017
Event	16th International Workshop on Digital Forensics and Watermarking, IWDW 2017 - Magdeburg, Germany Duration: 2017 Aug 23 → 2017 Aug 25

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	10431 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Other

Other	16th International Workshop on Digital Forensics and Watermarking, IWDW 2017
Country/Territory	Germany
City	Magdeburg
Period	17/8/23 → 17/8/25

Keywords

Digital forensics
Fingerprinting attack
Internet censorship
Psiphon

ASJC Scopus subject areas

Theoretical Computer Science
General Computer Science

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

Access to Document

10.1007/978-3-319-64185-0_4

Cite this

Ejeta, T. G., & Kim, H. J. (2017). Website fingerprinting attack on Psiphon and its forensic analysis. In Digital Forensics and Watermarking - 16th International Workshop, IWDW 2017, Proceedings (Vol. 10431 LNCS, pp. 42-51). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10431 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-319-64185-0_4

Website fingerprinting attack on Psiphon and its forensic analysis. / Ejeta, Tekachew Gobena; Kim, Hyong Joong.
Digital Forensics and Watermarking - 16th International Workshop, IWDW 2017, Proceedings. Vol. 10431 LNCS Springer Verlag, 2017. p. 42-51 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10431 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Ejeta, TG & Kim, HJ 2017, Website fingerprinting attack on Psiphon and its forensic analysis. in Digital Forensics and Watermarking - 16th International Workshop, IWDW 2017, Proceedings. vol. 10431 LNCS, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 10431 LNCS, Springer Verlag, pp. 42-51, 16th International Workshop on Digital Forensics and Watermarking, IWDW 2017, Magdeburg, Germany, 17/8/23. https://doi.org/10.1007/978-3-319-64185-0_4

Ejeta TG, Kim HJ. Website fingerprinting attack on Psiphon and its forensic analysis. In Digital Forensics and Watermarking - 16th International Workshop, IWDW 2017, Proceedings. Vol. 10431 LNCS. Springer Verlag. 2017. p. 42-51. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-319-64185-0_4

Ejeta, Tekachew Gobena ; Kim, Hyong Joong. / Website fingerprinting attack on Psiphon and its forensic analysis. Digital Forensics and Watermarking - 16th International Workshop, IWDW 2017, Proceedings. Vol. 10431 LNCS Springer Verlag, 2017. pp. 42-51 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{5c4fc5218fef4652a14e915944d1aa57,

title = "Website fingerprinting attack on Psiphon and its forensic analysis",

abstract = "Internet circumvention applications – such as Psiphon – are widely used to bypass control mechanisms, and each of such anti-censorship application uses a unique mechanism to bypass internet censorship. Although anti-censorship applications provide a unique means to ensure internet freedom, some applications severely degrade network performance and possibly open the door for network security breaches. Anti-censorship applications such as Psiphon can be used as cover for hacking attempts and can assist in many criminal activities. In this paper, we analyze the Psiphon service and perform a passive traffic analysis to detect Psiphon traffic. Moreover, we profile the top 100 websites based on their Alexa rankings according to five different categories under Psiphon and perform an effective website fingerprinting attack. Our analysis uses the well-known k-nearest neighbors for website fingerprinting and support vector machine classifier to detect Psiphon traffic.",

keywords = "Digital forensics, Fingerprinting attack, Internet censorship, Psiphon",

author = "Ejeta, {Tekachew Gobena} and Kim, {Hyong Joong}",

year = "2017",

doi = "10.1007/978-3-319-64185-0_4",

language = "English",

isbn = "9783319641843",

volume = "10431 LNCS",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "42--51",

booktitle = "Digital Forensics and Watermarking - 16th International Workshop, IWDW 2017, Proceedings",

note = "16th International Workshop on Digital Forensics and Watermarking, IWDW 2017 ; Conference date: 23-08-2017 Through 25-08-2017",

}

TY - GEN

T1 - Website fingerprinting attack on Psiphon and its forensic analysis

AU - Ejeta, Tekachew Gobena

AU - Kim, Hyong Joong

PY - 2017

Y1 - 2017

N2 - Internet circumvention applications – such as Psiphon – are widely used to bypass control mechanisms, and each of such anti-censorship application uses a unique mechanism to bypass internet censorship. Although anti-censorship applications provide a unique means to ensure internet freedom, some applications severely degrade network performance and possibly open the door for network security breaches. Anti-censorship applications such as Psiphon can be used as cover for hacking attempts and can assist in many criminal activities. In this paper, we analyze the Psiphon service and perform a passive traffic analysis to detect Psiphon traffic. Moreover, we profile the top 100 websites based on their Alexa rankings according to five different categories under Psiphon and perform an effective website fingerprinting attack. Our analysis uses the well-known k-nearest neighbors for website fingerprinting and support vector machine classifier to detect Psiphon traffic.

AB - Internet circumvention applications – such as Psiphon – are widely used to bypass control mechanisms, and each of such anti-censorship application uses a unique mechanism to bypass internet censorship. Although anti-censorship applications provide a unique means to ensure internet freedom, some applications severely degrade network performance and possibly open the door for network security breaches. Anti-censorship applications such as Psiphon can be used as cover for hacking attempts and can assist in many criminal activities. In this paper, we analyze the Psiphon service and perform a passive traffic analysis to detect Psiphon traffic. Moreover, we profile the top 100 websites based on their Alexa rankings according to five different categories under Psiphon and perform an effective website fingerprinting attack. Our analysis uses the well-known k-nearest neighbors for website fingerprinting and support vector machine classifier to detect Psiphon traffic.

KW - Digital forensics

KW - Fingerprinting attack

KW - Internet censorship

KW - Psiphon

UR - http://www.scopus.com/inward/record.url?scp=85028453336&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85028453336&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-64185-0_4

DO - 10.1007/978-3-319-64185-0_4

M3 - Conference contribution

AN - SCOPUS:85028453336

SN - 9783319641843

VL - 10431 LNCS

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 42

EP - 51

BT - Digital Forensics and Watermarking - 16th International Workshop, IWDW 2017, Proceedings

PB - Springer Verlag

T2 - 16th International Workshop on Digital Forensics and Watermarking, IWDW 2017

Y2 - 23 August 2017 through 25 August 2017

ER -

Website fingerprinting attack on Psiphon and its forensic analysis

Abstract

Publication series

Other

Keywords

ASJC Scopus subject areas

UN SDGs

Access to Document

Other files and links

Fingerprint

Cite this