University of Cambridge > Talks.cam > Computer Laboratory Security Seminar > Bayes, not Naïve: Security Bounds on Website Fingerprinting Defenses

Bayes, not Naïve: Security Bounds on Website Fingerprinting Defenses

Add to your list(s) Download to your calendar using vCal

If you have a question about this talk, please contact Alexander Vetterl.

Website Fingerprinting attacks allow an adversary to predict which web pages a victim visits, even when she browses through Tor/VPN, by using Machine Learning classification techniques on the encrypted traffic she produces. To date, the standard method for evaluating Website Fingerprinting defences is testing them against state-of-the-art attacks; this generated a 10 years-long arms race.

This talk presents a practical method for deriving security bounds for Website Fingerprinting defences, which is based on an original application of Machine Learning theory. The method gives, with respect to the set of features used by an adversary, a lower bound estimate of the smallest error the adversary can achieve, for any classifier he may use. This result i) allows practitioners to evaluate and compare defences in terms of their security, and ii) it favours the shift of WF research to a classifier-agnostic identification of optimal features.

This talk is part of the Computer Laboratory Security Seminar series.

Tell a friend about this talk:

This talk is included in these lists:

Note that ex-directory lists are not shown.

 

© 2006-2017 Talks.cam, University of Cambridge. Contact Us | Help and Documentation | Privacy and Publicity