{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,17]],"date-time":"2025-11-17T12:07:52Z","timestamp":1763381272377,"version":"3.45.0"},"publisher-location":"New York, NY, USA","reference-count":58,"publisher":"ACM","content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2025,11,17]]},"DOI":"10.1145\/3772356.3772428","type":"proceedings-article","created":{"date-parts":[[2025,11,17]],"date-time":"2025-11-17T12:02:48Z","timestamp":1763380968000},"page":"254-262","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["Rethinking the Role of Network Stacks for Website Fingerprinting Defenses"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0001-6317-5890","authenticated-orcid":false,"given":"Elisaveta","family":"Lavrentieva","sequence":"first","affiliation":[{"name":"University of Edinburgh, Edinburgh, United Kingdom"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7657-9934","authenticated-orcid":false,"given":"Marc","family":"Juarez","sequence":"additional","affiliation":[{"name":"University of Edinburgh, Edinburgh, United Kingdom"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1895-5318","authenticated-orcid":false,"given":"Michio","family":"Honda","sequence":"additional","affiliation":[{"name":"University of Edinburgh, Edinburgh, United Kingdom"}]}],"member":"320","published-online":{"date-parts":[[2025,11,17]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Joao Taveira Araujo Lorenzo Saino Lennert Buytenhek and Raul Landa. 2018. Balancing on the edge: transport affinity without network state. USENIX NSDI."},{"key":"e_1_3_2_1_2_1","volume-title":"A longitudinal analysis of internet rate limitations","author":"Ara\u00fajo Jo\u00e3o Taveira","unstructured":"Jo\u00e3o Taveira Ara\u00fajo, Ra\u00fal Landa, Richard G Clegg, George Pavlou, and Kensuke Fukuda. 2014. A longitudinal analysis of internet rate limitations. IEEE Infocom."},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"crossref","unstructured":"Venkat Arun and Hari Balakrishnan. 2018. Copa: practical Delay-Based congestion control for the internet. USENIX NSDI.","DOI":"10.1145\/3232755.3232783"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"crossref","unstructured":"Sanjit Bhat David Lu Albert Kwon and Srinivas Devadas. 2019. Var-cnn: a data-efficient website fingerprinting attack based on deep learning. PETS.","DOI":"10.2478\/popets-2019-0070"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"crossref","unstructured":"Sanjit Bhat David Lu Albert Kwon and Srinivas Devadas. 2018. Var-cnn: a data-efficient website fingerprinting attack based on deep learning.","DOI":"10.2478\/popets-2019-0070"},{"key":"e_1_3_2_1_6_1","unstructured":"Andrea Bittau Michael Hamburg Mark Handley David Mazieres and Dan Boneh. 2010. The case for ubiquitous transport-level encryption. USENIX Security."},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"crossref","unstructured":"Xiang Cai Rishab Nithyanand and Rob Johnson. 2014. CS-BuFLO: A congestion sensitive website fingerprinting defense.","DOI":"10.1145\/2665943.2665949"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"crossref","unstructured":"Xiang Cai Rishab Nithyanand Tao Wang Rob Johnson and Ian Goldberg. 2014. A systematic approach to developing and evaluating website fingerprinting defenses. ACM CCS.","DOI":"10.1145\/2660267.2660362"},{"key":"e_1_3_2_1_9_1","volume-title":"Side-channel leaks in web applications: a reality today, a challenge tomorrow","author":"Chen Shuo","unstructured":"Shuo Chen, Rui Wang, XiaoFeng Wang, and Kehuan Zhang. 2010. Side-channel leaks in web applications: a reality today, a challenge tomorrow. IEEE S&P."},{"key":"e_1_3_2_1_10_1","volume-title":"Traffic Analysis of SSL Encrypted Web Browsing. Project paper","author":"Cheng Heyning","unstructured":"Heyning Cheng and Ron Avnur. 1998. Traffic Analysis of SSL Encrypted Web Browsing. Project paper, University of Berkeley."},{"key":"e_1_3_2_1_11_1","volume-title":"Netdev conference.","author":"Cheng Yuchung","year":"2016","unstructured":"Yuchung Cheng and Neal Cardwell. 2016. Making linux tcp fast. Netdev conference."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"crossref","unstructured":"Giovanni Cherubin Jamie Hayes and Marc Ju\u00e1rez. 2017. Website fingerprinting defenses at the application layer. PETS.","DOI":"10.1515\/popets-2017-0023"},{"key":"e_1_3_2_1_13_1","volume-title":"I still see you: Why efficient traffic analysis countermeasures fail","author":"Dyer Kevin P.","unstructured":"Kevin P. Dyer, Scott E. Coull, Thomas Ristenpart, and Thomas Shrimpton. 2012. Peek-a-Boo, I still see you: Why efficient traffic analysis countermeasures fail. IEEE S&P."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"crossref","unstructured":"Ellis Fenske and Aaron Johnson. 2024. Bytes to schlep? use a fep: hiding protocol metadata with fully encrypted protocols. arXiv preprint arXiv:2405.13310.","DOI":"10.1145\/3658644.3690198"},{"key":"e_1_3_2_1_15_1","volume-title":"Designing transport-level encryption for datacenter networks","author":"Gao Tianyi","unstructured":"Tianyi Gao, Xinshu Ma, Suhas Narreddy, Eugenio Luo, Steven W. D. Chien, and Michio Honda. 2026. Designing transport-level encryption for datacenter networks. IEEE S&P."},{"key":"e_1_3_2_1_16_1","unstructured":"Jiajun Gong and Tao Wang. 2020. Zero-delay lightweight defenses against website fingerprinting. USENIX Security."},{"key":"e_1_3_2_1_17_1","volume-title":"Surakav: generating realistic traces for a strong website fingerprinting defense","author":"Gong Jiajun","unstructured":"Jiajun Gong, Wuqi Zhang, Charles Zhang, and Tao Wang. 2022. Surakav: generating realistic traces for a strong website fingerprinting defense. IEEE S&P. IEEE."},{"key":"e_1_3_2_1_18_1","volume-title":"Network Traffic Measurement and Analysis Conference.","author":"Gong Sishuai","year":"2020","unstructured":"Sishuai Gong, Usama Naseer, and Theophilus A Benson. 2020. Inspector gadget: a framework for inferring tcp congestion control algorithms and protocol configurations. Network Traffic Measurement and Analysis Conference."},{"key":"e_1_3_2_1_19_1","volume-title":"Linux Plumbers Conference, https:\/\/lpc.events\/event\/17\/contributions\/1592\/.","author":"Gospodarek Andy","year":"2023","unstructured":"Andy Gospodarek. 2023. Offloading quic encryption to enabled nics. Linux Plumbers Conference, https:\/\/lpc.events\/event\/17\/contributions\/1592\/. (2023)."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"crossref","unstructured":"Stewart Grant Anil Yelam Maxwell Bland and Alex C Snoeren. 2020. Smartnic performance isolation with fairnic: programmable networking for the cloud. ACM SIGCOMM.","DOI":"10.1145\/3387514.3405895"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"crossref","unstructured":"David Hasselquist Ethan Witwer August Carlson Niklas Johansson and Niklas Carlsson. 2024. Raising the bar: improved fingerprinting attacks and defenses for video streaming traffic. PETS.","DOI":"10.56553\/popets-2024-0112"},{"key":"e_1_3_2_1_22_1","unstructured":"Jamie Hayes and George Danezis. [n. d.] K-fingerprinting: A Robust Scalable Website Fingerprinting Technique. en."},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"crossref","unstructured":"James K Holland and Nicholas Hopper. 2022. Regulator: a straightforward website fingerprinting defense. PETS.","DOI":"10.2478\/popets-2022-0049"},{"key":"e_1_3_2_1_24_1","unstructured":"Pranay Jain Andrew C Reed and Michael K Reiter. 2024. Near-optimal constrained padding for object retrievals with dependencies. USENIX Security."},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"crossref","unstructured":"Marc Juarez Sadia Afroz Gunes Acar Claudia Diaz and Rachel Greenstadt. 2014. A critical evaluation of website fingerprinting attacks.","DOI":"10.1145\/2660267.2660368"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"crossref","unstructured":"Marc Juarez Mohsen Imani Mike Perry Claudia Diaz and Matthew Wright. 2016. Toward an efficient website fingerprinting defense.","DOI":"10.1007\/978-3-319-45744-4_2"},{"key":"e_1_3_2_1_27_1","unstructured":"[n. d.] Kernel tls offload. https:\/\/www.kernel.org\/doc\/html\/latest\/networking\/tls-offload.html. ()."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"crossref","unstructured":"Platon Kotzias Abbas Razaghpanah Johanna Amann Kenneth G Paterson Narseo Vallina-Rodriguez and Juan Caballero. 2018. Coming of age: a longitudinal study of tls deployment. ACM IMC.","DOI":"10.1145\/3278532.3278568"},{"key":"e_1_3_2_1_29_1","volume-title":"FOAP: FineGrained Open-World android app fingerprinting. USENIX Security.","author":"Li Jianfeng","year":"2022","unstructured":"Jianfeng Li, Hao Zhou, Shuohan Wu, Xiapu Luo, Ting Wang, Xian Zhan, and Xiaobo Ma. 2022. FOAP: FineGrained Open-World android app fingerprinting. USENIX Security."},{"key":"e_1_3_2_1_30_1","volume-title":"Wenke Lee, Rocky KC Chang, Roberto Perdisci, et al.","author":"Luo Xiapu","year":"2011","unstructured":"Xiapu Luo, Peng Zhou, Edmond WW Chan, Wenke Lee, Rocky KC Chang, Roberto Perdisci, et al. 2011. Httpos: sealing information leaks with browser-side obfuscation of encrypted flows. NDSS."},{"key":"e_1_3_2_1_31_1","volume-title":"Mohammad Saidur Rahman, Nicholas Hopper, and Matthew Wright.","author":"Mathews Nate","year":"2023","unstructured":"Nate Mathews, James K Holland, Se Eun Oh, Mohammad Saidur Rahman, Nicholas Hopper, and Matthew Wright. 2023. Sok: a critical evaluation of efficient website fingerprinting defenses. IEEE S&P."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"crossref","unstructured":"Brad Miller et al. 2014. I know why you went to the clinic: risks and realization of https traffic analysis. PETS.","DOI":"10.1007\/978-3-319-08506-7_8"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/3366693"},{"key":"e_1_3_2_1_34_1","unstructured":"Milad Nasr Alireza Bahramali and Amir Houmansadr. 2021. Defeating DNN-Based traffic analysis systems in Real-Time with blind adversarial perturbations. USENIX Security."},{"key":"e_1_3_2_1_35_1","volume-title":"Transport layer obscurity: circumventing sni censorship on the tls-layer","author":"Niere Niklas","unstructured":"Niklas Niere, Felix Lange, Robert Merget, and Juraj Somorovsky. 2025. Transport layer obscurity: circumventing sni censorship on the tls-layer. IEEE S&P."},{"key":"e_1_3_2_1_36_1","unstructured":"Mike Perry. 2011. Experimental defense for website traffic fingerprinting. Tor Project Blog. https:\/\/blog.torproject.org\/blog\/experimental-defense-website-traffic-fingerprinting. (2011)."},{"key":"e_1_3_2_1_37_1","unstructured":"Mike Perry. 2015. Padding negotiation. Tor Protocol Specification Proposal. https:\/\/github.com\/torproject\/torspec\/blob\/main\/proposals\/254-padding-negotiation.txt. (2015)."},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"crossref","unstructured":"Boris Pismenny Haggai Eran Aviad Yehezkel Liran Liss Adam Morrison and Dan Tsafrir. 2021. Autonomous nic offloads. ACM ASPLOS.","DOI":"10.1145\/3445814.3446732"},{"key":"e_1_3_2_1_39_1","volume-title":"Samaneh Tajalizadehkhoob, Maciej Korczy\u0144ski, and Wouter Joosen.","author":"Pochat Victor Le","year":"2018","unstructured":"Victor Le Pochat, Tom Van Goethem, Samaneh Tajalizadehkhoob, Maciej Korczy\u0144ski, and Wouter Joosen. 2018. Tranco: a research-oriented top sites ranking hardened against manipulation. arXiv preprint arXiv:1806.01156."},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/3603216.3624953"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"crossref","unstructured":"Vera Rimmer Davy Preuveners Marc Juarez et al. 2018. Automated website fingerprinting through deep learning.","DOI":"10.14722\/ndss.2018.23105"},{"key":"e_1_3_2_1_42_1","unstructured":"Amir Sabzi Rut Vora Swati Goswami Margo Seltzer Mathias L\u00e9cuyer and Aastha Mehta. 2024. NetShaper: a differentially private network Side-Channel mitigation system. USENIX Security."},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"crossref","unstructured":"Paul Schmitt Jana Iyengar Christopher Wood and Barath Raghavan. 2022. The decoupling principle: a practical privacy framework. ACM HotNets.","DOI":"10.1145\/3563766.3564112"},{"key":"e_1_3_2_1_44_1","volume-title":"Real-time website fingerprinting defense via traffic cluster anonymization","author":"Shen Meng","unstructured":"Meng Shen, Kexin Ji, Jinhe Wu, Qi Li, Xiangdong Kong, Ke Xu, and Liehuang Zhu. 2024. Real-time website fingerprinting defense via traffic cluster anonymization. IEEE S&P."},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"crossref","unstructured":"Vishal Shrivastav. 2019. Fast scalable and programmable packet scheduler in hardware. ACM SIGCOMM.","DOI":"10.1145\/3341302.3342090"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"crossref","unstructured":"Sandra Siby Ludovic Barman Christopher Wood Marwan Fayed Nick Sullivan and Carmela Troncoso. 2023. Evaluating practical quic website fingerprinting defenses for the masses. PETS.","DOI":"10.56553\/popets-2023-0099"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"crossref","unstructured":"Sandra Siby Marc Juarez Claudia Diaz Narseo Vallina-Rodriguez and Carmela Troncoso. 2020. Encrypted dns privacy? a traffic analysis perspective. NDSS.","DOI":"10.14722\/ndss.2020.24301"},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"crossref","unstructured":"Payap Sirinam Mohsen Imani Marc Juarez et al. 2018. Deep fingerprinting: undermining website fingerprinting defenses with deep learning.","DOI":"10.1145\/3243734.3243768"},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"crossref","unstructured":"J Smith P Mittal and A Perrig. 2021. Website fingerprinting in the age of quic. PETS.","DOI":"10.2478\/popets-2021-0017"},{"key":"e_1_3_2_1_50_1","unstructured":"Jean-Pierre Smith Luca Dolfi Prateek Mittal and Adrian Perrig. 2022. Qcsd: a quic client-side website-fingerprinting defence framework. USENIX Security."},{"key":"e_1_3_2_1_51_1","unstructured":"Brent Stephens Aditya Akella and Michael Swift. 2019. Loom: flexible and efficient nic packet scheduling. USENIX NSDI."},{"key":"e_1_3_2_1_52_1","volume-title":"Appscanner: automatic fingerprinting of smartphone apps from encrypted network traffic","author":"Taylor Vincent F","unstructured":"Vincent F Taylor, Riccardo Spolaor, Mauro Conti, and Ivan Martinovic. 2016. Appscanner: automatic fingerprinting of smartphone apps from encrypted network traffic. IEEE EuroSP."},{"key":"e_1_3_2_1_53_1","unstructured":"1983. The TCP Maximum Segment Size and Related Topics. Request for Comments RFC 879. Retrieved 10\/22\/2025 from."},{"key":"e_1_3_2_1_54_1","volume-title":"Nicholas Hungria, Yash Kothari, Justine Sherry, and Srinivasan Seshan.","author":"Ware Ranysha","year":"2024","unstructured":"Ranysha Ware, Adithya Abraham Philip, Nicholas Hungria, Yash Kothari, Justine Sherry, and Srinivasan Seshan. 2024. Ccanalyzer: an efficient and nearly-passive congestion control classifier. ACM SIGCOMM."},{"key":"e_1_3_2_1_55_1","unstructured":"Charles V Wright Scott E Coull and Fabian Monrose. 2009. Traffic morphing: an efficient defense against statistical traffic analysis. NDSS."},{"key":"e_1_3_2_1_56_1","article-title":"Cactus: obfuscating bidirectional encrypted tcp traffic at client side","author":"Renjie Xie","year":"2024","unstructured":"Renjie Xie et al. 2024. Cactus: obfuscating bidirectional encrypted tcp traffic at client side. IEEE Transactions on Information Forensics and Security.","journal-title":"IEEE Transactions on Information Forensics and Security."},{"key":"e_1_3_2_1_57_1","unstructured":"Gina Yuan Thea Rossman and Keith Winstein. 2025. Internet connection splitting: what's old is new again. USENIX ATC."},{"key":"e_1_3_2_1_58_1","doi-asserted-by":"crossref","unstructured":"Pengwei Zhan Liming Wang and Yi Tang. 2021. Website fingerprinting on early quic traffic. Computer Networks.","DOI":"10.1016\/j.comnet.2021.108538"}],"event":{"name":"HotNets '25: 24th ACM Workshop on Hot Topics in Networks","location":"UMD Campus College Park MD USA","acronym":"HotNets '25","sponsor":["SIGCOMM ACM Special Interest Group on Data Communication"]},"container-title":["Proceedings of the 24th ACM Workshop on Hot Topics in Networks"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3772356.3772428","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,11,17]],"date-time":"2025-11-17T12:03:05Z","timestamp":1763380985000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3772356.3772428"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,11,17]]},"references-count":58,"alternative-id":["10.1145\/3772356.3772428","10.1145\/3772356"],"URL":"https:\/\/doi.org\/10.1145\/3772356.3772428","relation":{},"subject":[],"published":{"date-parts":[[2025,11,17]]},"assertion":[{"value":"2025-11-17","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}