Gene Fingerprinting: Cracking Encrypted Tunnel with Zero-Shot Learning

Abstract

Website Fingerprinting (WF) enables a passive attacker to identify which website a user is visiting over an encrypted tunnel. Current WF attacks have two strong assumptions: (i) specific tunnel, i.e., the attacker can train on traffic samples collected in a simulated tunnel with the same tunnel settings as the user, and (ii) pseudo-open-world, where the attacker has access to training samples of unmonitored sites and treats them as a separate class. These assumptions, while experimentally feasible, render WF attacks less usable in practice. In this paper, we present Gene Fingerprinting (GF), a new WF attack that achieves cross-tunnel transferability by generating fingerprints that reflect the intrinsic profile of a website. The attack leverages Zero-shot Learning — a machine learning technique not requiring training samples to identify a given class — to reduce the effort to collect data from different tunnels and achieve a real open-world. We demonstrate the attack performance using three popular tunneling tools: OpenSSH, Shadowsocks, and OpenVPN. The GF attack attains over 94% accuracy on each tunnel, far better than existing CUMUL, DF, and DDTW attacks. In the more realistic open-world scenario, the attack still obtains 88% TPR and 9% FPR, outperforming the state-of-the-art attacks. These results highlight the danger of our attack in various scenarios where gathering and training on a tunnel-specific dataset would be impractical.