/website-fingerprinting

Code supporting "Peek-a-Boo, I Still See You: Why Efficient Traffic Analysis Countermeasures Fail"

Primary LanguagePythonOtherNOASSERTION

Traffic Analysis Framework

This is a Python framework to compliment "Peek-a-Boo, I Still See You: Why Efficient Traffic Analysis Countermeasures Fail" [1].

Contact details

Notes

  • Installed and tested on RHEL5
  • Caching (via memcache) is disabled by default. Toggle ENABLE_CACHE in Datastore.py at your own risk.

Requirements

Getting started

  1. Open config.py and set:
    • WEKA_ROOT to a directory that contains WEKA
    • PCAP_LOGS to the directory with extracted Liberatore and Levine pcap files
    • MYSQL_HOST/MYSQL_USER/MYSQL_PASSWD/MYSQL_DB settings for the Herrmann database
  2. Execute "python main.py -h" to get help for runtime parameters
  3. Output from main.py is placed the 'output' directory. Execute 'parseResultsFile.py' to interpret results.

References

  • [1] Dyer K.P., Coull S.E., Ristenpart T., Shrimpton T. Peek-a-Boo, I Still See You: Why Efficient Traffic Analysis Countermeasures Fail, To appear at IEEE Security and Privacy 2012
  • [2] Marc Liberatore and Brian Neil Levine, Inferring the Source of Encrypted HTTP Connections. Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS 2006)
  • [3] Dominik Herrmann, Rolf Wendolsky, and Hannes Federrath. Website Fingerprinting: Attacking Popular Privacy Enhancing Technologies with the Multinomial Naive-Bayes Classifier. In Proceedings of the ACM Workshop on Cloud Computing Security, pages 31–42, November 2009.