Attacks and Defenses for Website Fingerprinting

Speaker:        Dr. Tao Wang
                University of Waterloo

Title:          "Attacks and Defenses for Website Fingerprinting"

Date:           Monday, 22 February 2016

Time:           4:00pm - 5:00pm

Venue:          Lecture Theater F (near lifts 25 & 26), HKUST

Abstract:

Website fingerprinting attacks allow a local, passive eavesdropper to
determine a client's web activity by leveraging features from her packet
sequence. These attacks break the privacy expected by users of privacy
technologies, including proxies and VPNs. They are invisible to the victim
and difficult to defend against. As a discipline, website fingerprinting
is an application of machine learning techniques to the diverse field of
privacy.

In this talk, I will describe my new algorithms for both website
fingerprinting attacks and defenses. I will show that website
fingerprinting poses a realistic threat to internet users, and demonstrate
that my attacks are successful in breaking the current defenses on Tor. I
will then give a construction of the first website fingerprinting defense
that is both effective and efficient.


***********************
Biography:

Tao Wang has recently completed his PhD at the University of Waterloo. He
studied computer security and privacy, specializing in usable
privacy-enhancing technologies. He has published pioneering research on
the topic of traffic analysis on privacy-enhancing technologies, and he is
looking to continue his work as a faculty member at HKUST.