{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,14]],"date-time":"2026-05-14T01:15:14Z","timestamp":1778721314635,"version":"3.51.4"},"publisher-location":"New York, NY, USA","reference-count":56,"publisher":"ACM","content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2026,4,13]]},"DOI":"10.1145\/3774904.3792288","type":"proceedings-article","created":{"date-parts":[[2026,4,9]],"date-time":"2026-04-09T21:54:34Z","timestamp":1775771674000},"page":"2800-2811","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["Robust LLM-Based Website Fingerprinting under Dynamic Real-World Conditions"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0005-6347-7011","authenticated-orcid":false,"given":"Xiyuan","family":"Zhao","sequence":"first","affiliation":[{"name":"Tsinghua University, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4366-4777","authenticated-orcid":false,"given":"Xinhao","family":"Deng","sequence":"additional","affiliation":[{"name":"Ant Group, Hangzhou, China and Tsinghua University, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4467-2760","authenticated-orcid":false,"given":"Tianyu","family":"Cui","sequence":"additional","affiliation":[{"name":"Zhongguancun Laboratory, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0006-4501-0167","authenticated-orcid":false,"given":"Yixiang","family":"Zhang","sequence":"additional","affiliation":[{"name":"Tsinghua University, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2587-8517","authenticated-orcid":false,"given":"Ke","family":"Xu","sequence":"additional","affiliation":[{"name":"Tsinghua University, Beijing, China and Zhongguancun Laboratory, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8776-8730","authenticated-orcid":false,"given":"Qi","family":"Li","sequence":"additional","affiliation":[{"name":"Tsinghua University, Beijing, China and Zhongguancun Laboratory, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2026,4,12]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/3576915.3616639"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.2478\/popets-2019-0070"},{"key":"e_1_3_2_1_3_1","unstructured":"Tom B. Brown Benjamin Mann Nick Ryder et al. 2020. Language Models are Few-Shot Learners. arXiv:2005.14165 [cs.CL] https:\/\/arxiv.org\/abs\/2005.14165"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/2665943.2665949"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660362"},{"key":"e_1_3_2_1_6_1","first-page":"753","volume-title":"31st USENIX Security Symposium (USENIX Security 22)","author":"Cherubin Giovanni","year":"2022","unstructured":"Giovanni Cherubin, Rob Jansen, and Carmela Troncoso. 2022. Online website fingerprinting: Evaluating website fingerprinting attacks on Tor in the real world. In 31st USENIX Security Symposium (USENIX Security 22). 753-770."},{"key":"e_1_3_2_1_7_1","unstructured":"Tianyu Cui Xinjie Lin Sijia Li Miao Chen Qilei Yin Qi Li and Ke Xu. 2025. TrafficLLM: Enhancing Large Language Models for Network Traffic Analysis with Generic Traffic Representation. arXiv:2504.04222 [cs.LG] https:\/\/arxiv.org\/abs\/2504.04222"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/3321705.3329802"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3423351"},{"key":"e_1_3_2_1_10_1","unstructured":"Xinhao Deng Jingyou Chen Linxiao Yu Yixiang Zhang Zhongyi Gu Changhao Qiu Xiyuan Zhao Ke Xu and Qi Li. 2025a. Beyond a Single Perspective: Towards a Realistic Evaluation of Website Fingerprinting Attacks. arXiv:2510.14283 [cs.CR] https:\/\/arxiv.org\/abs\/2510.14283"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/3658644.3670272"},{"key":"e_1_3_2_1_12_1","volume-title":"Robust Multi-tab Website Fingerprinting Attacks in the Wild. In IEEE Symposium on Security and Privacy (SP).","author":"Deng Xinhao","year":"2023","unstructured":"Xinhao Deng, Qilei Yin, Zhuotao Liu, Xiyuan Zhao, Qi Li, Mingwei Xu, Ke Xu, and Jianping Wu. 2023. Robust Multi-tab Website Fingerprinting Attacks in the Wild. In IEEE Symposium on Security and Privacy (SP)."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP61157.2025.00154"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/N19-1423"},{"key":"e_1_3_2_1_15_1","volume-title":"Tor: The Second-Generation Onion Router. In 13th USENIX Security Symposium (USENIX Security 04)","author":"Dingledine Roger","year":"2004","unstructured":"Roger Dingledine, Nick Mathewson, and Paul Syverson. 2004. Tor: The Second-Generation Onion Router. In 13th USENIX Security Symposium (USENIX Security 04). USENIX Association, San Diego, CA. https:\/\/www.usenix.org\/conference\/13th-usenix-security-symposium\/tor-second-generation-onion-router"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.28"},{"key":"e_1_3_2_1_17_1","volume-title":"WFCAT: Augmenting Website Fingerprinting with Channel-wise Attention on Timing Features. arXiv preprint arXiv:2412.11487","author":"Gong Jiajun","year":"2024","unstructured":"Jiajun Gong, Wei Cai, Siyuan Liang, Zhong Guan, Tao Wang, and Ee-Chien Chang. 2024. WFCAT: Augmenting Website Fingerprinting with Channel-wise Attention on Timing Features. arXiv preprint arXiv:2412.11487 (2024)."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.5555\/3489212.3489253"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP46214.2022.9833722"},{"key":"e_1_3_2_1_20_1","unstructured":"Aaron Grattafiori Abhimanyu Dubey Abhinav Jauhri et al. 2024. The Llama 3 Herd of Models. arXiv:2407.21783 [cs.AI] https:\/\/arxiv.org\/abs\/2407.21783"},{"key":"e_1_3_2_1_21_1","volume-title":"BAPM: Block Attention Profiling Model for Multi-tab Website Fingerprinting Attacks on Tor. In Annual Computer Security Applications Conference. 248-259","author":"Guan Zhong","year":"2021","unstructured":"Zhong Guan, Gang Xiong, Gaopeng Gou, Zhen Li, Mingxin Cui, and Chang Liu. 2021. BAPM: Block Attention Profiling Model for Multi-tab Website Fingerprinting Attacks on Tor. In Annual Computer Security Applications Conference. 248-259."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/3607199.3607206"},{"key":"e_1_3_2_1_23_1","unstructured":"Jamie Hayes George Danezis et al. 2016. k-fingerprinting: A Robust Scalable Website Fingerprinting Technique. In USENIX security symposium. 1187-1203."},{"key":"e_1_3_2_1_24_1","unstructured":"Edward J. Hu Yelong Shen Phillip Wallis Zeyuan Allen-Zhu Yuanzhi Li Shean Wang Lu Wang and Weizhu Chen. 2021. LoRA: Low-Rank Adaptation of Large Language Models. arXiv:2106.09685 [cs.CL] https:\/\/arxiv.org\/abs\/2106.09685"},{"key":"e_1_3_2_1_25_1","unstructured":"Rob Jansen. [n.d.]. CELLSHIFT: RTT-Aware Trace Transduction for Real-World Website Fingerprinting. ([n.d.])."},{"key":"e_1_3_2_1_26_1","volume-title":"A measurement of genuine tor traces for realistic website fingerprinting. arXiv preprint arXiv:2404.07892","author":"Jansen Rob","year":"2024","unstructured":"Rob Jansen, Ryan Wails, and Aaron Johnson. 2024a. A measurement of genuine tor traces for realistic website fingerprinting. arXiv preprint arXiv:2404.07892 (2024)."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/3689943.3695047"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/3576915.3623107"},{"key":"e_1_3_2_1_29_1","volume-title":"WTF-PAD: toward an efficient website fingerprinting defense for tor. CoRR, abs\/1512.00524","author":"Ju\u00e1rez Marc","year":"2015","unstructured":"Marc Ju\u00e1rez, Mohsen Imani, Mike Perry, Claudia Diaz, and Matthew Wright. 2015. WTF-PAD: toward an efficient website fingerprinting defense for tor. CoRR, abs\/1512.00524 (2015)."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1109\/tifs.2025.3574971"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/3485447.3512217"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/3267323.3268960"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP46215.2023.10179289"},{"key":"e_1_3_2_1_34_1","unstructured":"Xuying Meng Chungang Lin Yequan Wang and Yujun Zhang. 2025. NetGPT: Generative Pretrained Transformer for Network Traffic. arXiv:2304.09513 [cs.NI] https:\/\/arxiv.org\/abs\/2304.09513"},{"key":"e_1_3_2_1_35_1","volume-title":"Matthew Wright, and Nicholas Hopper.","author":"Oh Se Eun","year":"2021","unstructured":"Se Eun Oh, Nate Mathews, Mohammad Saidur Rahman, Matthew Wright, and Nicholas Hopper. 2021. GANDaLF: GAN for data-limited fingerprinting. Proceedings on privacy enhancing technologies, Vol. 2021, 2 (2021)."},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"crossref","unstructured":"Andriy Panchenko Fabian Lanze Jan Pennekamp Thomas Engel Andreas Zinnen Martin Henze and Klaus Wehrle. 2016. Website Fingerprinting at Internet Scale. In NDSS.","DOI":"10.14722\/ndss.2016.23477"},{"key":"e_1_3_2_1_37_1","volume-title":"Ptu: Pre-Trained Model for Network Traffic Understanding. In 2024 IEEE 32nd International Conference on Network Protocols (ICNP). IEEE, 1-12","author":"Peng Lingfeng","year":"2024","unstructured":"Lingfeng Peng, Xiaohui Xie, Sijiang Huang, Ziyi Wang, and Yong Cui. 2024. Ptu: Pre-Trained Model for Network Traffic Understanding. In 2024 IEEE 32nd International Conference on Network Protocols (ICNP). IEEE, 1-12."},{"key":"e_1_3_2_1_38_1","volume-title":"Towards effective and efficient padding machines for Tor. arXiv preprint arXiv:2011.13471","author":"Pulls Tobias","year":"2020","unstructured":"Tobias Pulls. 2020. Towards effective and efficient padding machines for Tor. arXiv preprint arXiv:2011.13471 (2020)."},{"key":"e_1_3_2_1_39_1","unstructured":"Jian Qu Xiaobo Ma and Jianfeng Li. 2024. TrafficGPT: Breaking the Token Barrier for Efficient Long Traffic Analysis and Generation. arXiv:2403.05822 [cs.LG] https:\/\/arxiv.org\/abs\/2403.05822"},{"key":"e_1_3_2_1_40_1","unstructured":"Alec Radford Jeff Wu Rewon Child David Luan Dario Amodei and Ilya Sutskever. 2019. Language Models are Unsupervised Multitask Learners. https:\/\/api.semanticscholar.org\/CorpusID:160025533"},{"key":"e_1_3_2_1_41_1","volume-title":"Kantha Girish Gangadhara, and Matthew Wright","author":"Rahman Mohammad Saidur","year":"2019","unstructured":"Mohammad Saidur Rahman, Payap Sirinam, Nate Mathews, Kantha Girish Gangadhara, and Matthew Wright. 2019. Tik-Tok: The utility of packet timing in website fingerprinting attacks. arXiv preprint arXiv:1902.06421 (2019)."},{"key":"e_1_3_2_1_42_1","volume-title":"Tom Van Goethem, and Wouter Joosen","author":"Rimmer Vera","year":"2017","unstructured":"Vera Rimmer, Davy Preuveneers, Marc Juarez, Tom Van Goethem, and Wouter Joosen. 2017. Automated website fingerprinting through deep learning. arXiv preprint arXiv:1708.06376 (2017)."},{"key":"e_1_3_2_1_43_1","first-page":"607","volume-title":"32nd USENIX Security Symposium (USENIX Security 23)","author":"Shen Meng","year":"2023","unstructured":"Meng Shen, Kexin Ji, Zhenbo Gao, Qi Li, Liehuang Zhu, and Ke Xu. 2023. Subverting website fingerprinting defenses with robust traffic representation. In 32nd USENIX Security Symposium (USENIX Security 23). 607-624."},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243768"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3354217"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00015"},{"key":"e_1_3_2_1_47_1","first-page":"143","volume-title":"23rd USENIX Security Symposium (USENIX Security 14)","author":"Wang Tao","year":"2014","unstructured":"Tao Wang, Xiang Cai, Rishab Nithyanand, Rob Johnson, and Ian Goldberg. 2014. Effective attacks and provable defenses for website fingerprinting. In 23rd USENIX Security Symposium (USENIX Security 14). 143-157."},{"key":"e_1_3_2_1_48_1","volume-title":"Walkie-Talkie: An Efficient Defense Against Passive Website Fingerprinting Attacks. In USENIX Security Symposium. 1375-1390","author":"Wang Tao","year":"2017","unstructured":"Tao Wang, Ian Goldberg, et al., 2017. Walkie-Talkie: An Efficient Defense Against Passive Website Fingerprinting Attacks. In USENIX Security Symposium. 1375-1390."},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2022.3158086"},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1145\/3651890.3672268"},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1145\/3274694.3274697"},{"key":"e_1_3_2_1_52_1","unstructured":"An Yang Anfeng Li Baosong Yang et al. 2025. Qwen3 Technical Report. arXiv:2505.09388 [cs.CL] https:\/\/arxiv.org\/abs\/2505.09388"},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2021.3104869"},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1609\/aaai.v37i4.25674"},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1145\/3658644.3690211"},{"key":"e_1_3_2_1_56_1","volume-title":"2025 IEEE Symposium on Security and Privacy (SP). IEEE Computer Society, 102-102","author":"Zhou Guangmeng","year":"2024","unstructured":"Guangmeng Zhou, Xiongwen Guo, Zhuotao Liu, Tong Li, Qi Li, and Ke Xu. 2024. Trafficformer: an efficient pre-trained model for traffic data. In 2025 IEEE Symposium on Security and Privacy (SP). IEEE Computer Society, 102-102."}],"event":{"name":"WWW '26: The ACM Web Conference 2026","location":"Dubai United Arab Emirates","sponsor":["SIGWEB ACM Special Interest Group on Hypertext, Hypermedia, and Web"]},"container-title":["Proceedings of the ACM Web Conference 2026"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3774904.3792288","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,5,14]],"date-time":"2026-05-14T01:06:10Z","timestamp":1778720770000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3774904.3792288"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,4,12]]},"references-count":56,"alternative-id":["10.1145\/3774904.3792288","10.1145\/3774904"],"URL":"https:\/\/doi.org\/10.1145\/3774904.3792288","relation":{},"subject":[],"published":{"date-parts":[[2026,4,12]]},"assertion":[{"value":"2026-04-12","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}