|
Scheme | Method | Innovation points | Authors | Drawbacks |
|
Flow correlation attack | Watermark attacks | Modified the packet flows to “fingerprint” them. | Shmatikov et al. [5] | Require high privileges and break the original communication easily. |
Timing based | Use the traffic patterns to correlate flows. | Paxson and Zhang [6] | Low accuracy. |
Bayesian traffic analysis | Developed Bayesian traffic analysis techniques to process sampled data. | Murdoch and Zieliński [8] | Cannot correlate lots of short-lived connections. |
Fine-grained level detection | Correlated the aggregate sizes of network packets over time. | Blum et al. [7] | Low accuracy. |
Asymmetric traffic analysis | Further combined the asymmetric traffic analysis and BGP hijacking to deanonymize users | Sun et al. [9] | Only useful for BGP hijacking. |
Deep learning based | Use CNNs models to learn a flow correlation function and achieve drastically higher accuracies. | Nasr et al. [10] | Require hardware support. |
|
Flow correlation defense | Counter-RAPTOR | Reduced the chance of adversary observed network traffic. | Sun et al. [11] | Only useful for defending BGP hijacking. |
Obfs4 | Randomly obfuscate packets time and size. | Tor project. [12] | Unacceptable bandwidth overhead. |
ScrambleSuit | Use morphing techniques. | Winter et al. [43] | Unacceptable bandwidth overhead. |
|
Website fingerprint defense | Application layer defense | Changed the routing algorithm or confused HTTP requests. | Wladimir et al. [13] Giovanni et al. [14] Henri et al. [15] | Hard to implement in real world. |
Network layer defense | Fool the classification model by inserting dummy packets. | Juarez et al. [19] Wang et al. [20] | Cannot defend the deep-learning-based attack. |
|