{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,5,14]],"date-time":"2025-05-14T02:38:23Z","timestamp":1747190303366,"version":"3.40.5"},"reference-count":31,"publisher":"Wiley","license":[{"start":{"date-parts":[[2020,11,30]],"date-time":"2020-11-30T00:00:00Z","timestamp":1606694400000},"content-version":"unspecified","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"National Key R&D Program of China","award":["2019QY1302","2019QY1305"],"award-info":[{"award-number":["2019QY1302","2019QY1305"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Security and Communication Networks"],"published-print":{"date-parts":[[2020,11,30]]},"abstract":"<jats:p>It has been shown that website fingerprinting attacks are capable of destroying the anonymity of the communicator at the traffic level. This enables local attackers to infer the website contents of the encrypted traffic by using packet statistics. Previous researches on hidden service attacks tend to focus on active attacks; therefore, the reliability of attack conditions and validity of test results cannot be fully verified. Hence, it is necessary to reexamine hidden service attacks from the perspective of fingerprinting attacks. In this paper, we propose a novel Website Response Fingerprinting (WRFP) Attack based on response time feature and extremely randomized tree algorithm to analyze the hidden information of the response fingerprint. The objective is to monitor hidden service website pages, service types, and mounted servers. WRFP relies on the hidden service response fingerprinting dataset. In addition to simulated website mirroring, two different mounting modes are taken into account, the same-source server and multisource server. A total of 300,000 page instances within 30,000 domain sites are collected, and we comprehensively evaluate the classification performance of the proposed WRFP. Our results show that the TPR of webpages and server classification remain greater than 93% in the small-scale closed-world performance test, and it is capable of tolerating up to 10% fluctuations in response time. WRFP also provides a higher accuracy and computational efficiency than traditional website fingerprinting classifiers in the challenging open-world performance test. This also indicates the importance of response time feature. Our results also suggest that monitoring website types improves the judgment effect of the classifier on subpages.<\/jats:p>","DOI":"10.1155\/2020\/8850472","type":"journal-article","created":{"date-parts":[[2020,12,1]],"date-time":"2020-12-01T15:51:09Z","timestamp":1606837869000},"page":"1-21","source":"Crossref","is-referenced-by-count":3,"title":["Hidden Service Website Response Fingerprinting Attacks Based on Response Time Feature"],"prefix":"10.1155","volume":"2020","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-2736-232X","authenticated-orcid":true,"given":"Yitong","family":"Meng","sequence":"first","affiliation":[{"name":"State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou 450001, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8499-9402","authenticated-orcid":true,"given":"Jinlong","family":"Fei","sequence":"additional","affiliation":[{"name":"State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou 450001, China"}]}],"member":"311","reference":[{"author":"R. Dingledine","first-page":"303","article-title":"Tor: the second-generation onion router","key":"1"},{"author":"B. Zantout","first-page":"401","article-title":"I2P data communication system","key":"2"},{"author":"J. A. Elices","first-page":"385","article-title":"Locating Tor hidden services through an interval-based traffic-correlation attack","key":"3"},{"author":"A. Biryukov","first-page":"80","article-title":"Trawling for tor hidden services: detection, measurement, deanonymization","key":"4"},{"author":"Z. Ling","first-page":"1043","article-title":"Protocol-level hidden server discovery","key":"5"},{"author":"S. Matic","first-page":"1455","article-title":"CARONTE: Detecting location leaks for deanonymizing tor hidden services","key":"6"},{"author":"T. Wang","first-page":"143","article-title":"Effective attacks and provable defenses for website fingerprinting","key":"7"},{"author":"A. Panchenko","first-page":"1","article-title":"Website fingerprinting at internet scale","key":"8"},{"author":"J. Hayes","first-page":"1187","article-title":"K-fingerprinting: a robust scalable website fingerprinting technique","key":"9"},{"author":"X. Cai","first-page":"121","article-title":"CS-BuFLO: a congestion sensitive website fingerprinting defense","key":"10"},{"author":"X. Cai","first-page":"227","article-title":"A systematic approach to developing and evaluating website fingerprinting defenses","key":"11"},{"key":"12","first-page":"27","article-title":"Toward an efficient website fingerprinting defense","volume-title":"Computer Security","author":"M. Juarez","year":"2016"},{"doi-asserted-by":"publisher","key":"13","DOI":"10.1515\/popets-2017-0023"},{"author":"M. Juarez","first-page":"263","article-title":"A critical evaluation of website fingerprinting attacks","key":"14"},{"doi-asserted-by":"publisher","key":"15","DOI":"10.1515\/popets-2016-0027"},{"author":"D. Herrmann","first-page":"31","article-title":"Website fingerprinting: attacking popular privacy enhancing technologies with the multinomial Na\u00efve-Bayes classifier","key":"16"},{"key":"17","first-page":"605","article-title":"Touching from a distance: website fingerprinting attacks and defenses","volume-title":"y","author":"X. Cai"},{"author":"A. H. Lashkari","first-page":"253","article-title":"Characterization of tor traffic using time based features","key":"18"},{"key":"19","first-page":"15","article-title":"Fingerprinting attack on tor anonymity using deep learning","author":"A. Kota","year":"2016","journal-title":"Proceedings of the Asia-Pacific Advanced Network"},{"author":"V. Rimmer","doi-asserted-by":"crossref","article-title":"Automated website fingerprinting through deep learning","key":"20","DOI":"10.14722\/ndss.2018.23105"},{"author":"P. Sirinam","first-page":"1928","article-title":"Deep fingerprinting: undermining website fingerprinting defenses with deep learning","key":"21"},{"doi-asserted-by":"publisher","key":"22","DOI":"10.2478\/popets-2019-0070"},{"doi-asserted-by":"publisher","key":"23","DOI":"10.2478\/popets-2020-0013"},{"author":"S. Zander","first-page":"211","article-title":"An improved clockskew measurement technique for revealing hidden services","key":"24"},{"author":"Q. Tan","first-page":"1","article-title":"A closer look at Eclipse attacks against Tor hidden services","key":"25"},{"author":"A. Kwon","first-page":"287","article-title":"Circuit fingerprinting attacks: passive deanonymization of tor hidden services","key":"26"},{"volume-title":"Tor: Hidden Service Intelligence Extraction","year":"2018","author":"J. Marques","key":"27"},{"issue":"2","key":"28","doi-asserted-by":"crossref","first-page":"373","DOI":"10.1093\/biomet\/81.2.373","article-title":"Statistical properties of Winsorized means for skewed distributions","volume":"81","author":"R. Louis-Paul","year":"1994","journal-title":"Biometrika"},{"doi-asserted-by":"publisher","key":"29","DOI":"10.1515\/popets-2018-0039"},{"author":"G. Louppe","first-page":"431","article-title":"Understanding variable importances in forests of randomized trees","key":"30"},{"doi-asserted-by":"publisher","key":"31","DOI":"10.1007\/s10994-006-6226-1"}],"container-title":["Security and Communication Networks"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2020\/8850472.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2020\/8850472.xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2020\/8850472.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,12,1]],"date-time":"2020-12-01T15:51:16Z","timestamp":1606837876000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.hindawi.com\/journals\/scn\/2020\/8850472\/"}},"subtitle":[],"editor":[{"given":"Zhe-Li","family":"Liu","sequence":"additional","affiliation":[]}],"short-title":[],"issued":{"date-parts":[[2020,11,30]]},"references-count":31,"alternative-id":["8850472","8850472"],"URL":"https:\/\/doi.org\/10.1155\/2020\/8850472","relation":{},"ISSN":["1939-0122","1939-0114"],"issn-type":[{"type":"electronic","value":"1939-0122"},{"type":"print","value":"1939-0114"}],"subject":[],"published":{"date-parts":[[2020,11,30]]}}}