REMOVING THE MASK: VIDEO FINGERPRINTING ATTACKS OVER TOR
Loading...
Authors
Duhe', Paul H., III
Subjects
machine learning
video fingerprinting
website fingerprinting
deep learning
convolutional neural networks
attack
defense
adversarial
internet
cyber
dark web
Tor network
The Onion Router
video fingerprinting
website fingerprinting
deep learning
convolutional neural networks
attack
defense
adversarial
internet
cyber
dark web
Tor network
The Onion Router
Advisors
Barton, Armon C.
Date of Issue
2023-03
Date
Publisher
Monterey, CA; Naval Postgraduate School
Language
Abstract
The Onion Router (Tor) is used by adversaries and warfighters alike to encrypt session information and gain anonymity on the internet. Since its creation in 2002, Tor has gained popularity by terrorist organizations, human traffickers, and illegal drug distributors who wish to use Tor services to mask their identity while engaging in illegal activities. Fingerprinting attacks assist in thwarting these attempts. Website fingerprinting (WF) attacks have been proven successful at linking a user to the website they have viewed over an encrypted Tor connection. With consumer video streaming traffic making up a large majority of internet traffic and sites like YouTube remaining in the top visited sites in the world, it is just as likely that adversaries are using videos to spread misinformation, illegal content, and terrorist propaganda. Video fingerprinting (VF) attacks look to use encrypted network traffic to predict the content of encrypted video sessions in closed- and open-world scenarios. This research builds upon an existing dataset of encrypted video session data and use statistical analysis to train a machine-learning classifier, using deep fingerprinting (DF), to predict videos viewed over Tor. DF is a machine learning technique that relies on the use of convolutional neural networks (CNN) and can be used to conduct VF attacks against Tor. By analyzing the results of these experiments, we can more accurately identify malicious video streaming activity over Tor.
Type
Thesis
Description
Series/Report No
Department
Computer Science (CS)
Organization
Identifiers
NPS Report Number
Sponsors
Funder
Format
Citation
Distribution Statement
Approved for public release. Distribution is unlimited.
Rights
Copyright is reserved by the copyright owner.