QCSD: A QUIC Client-Side Website-Fingerprinting Defence Framework presented at USENIX Security 2022

by Jean-pierre Dolfi,

Tags: Web Security II: Fingerprinting

URL : https://www.usenix.org/system/files/sec22-smith.pdf

Summary : Website fingerprinting attacks, which analyse the metadata of encrypted network communication to identify visited websites, have been shown to be effective on privacy-enhancing technologies including virtual private networks (VPNs) and encrypted proxies. Despite this, VPNs are still undefended against these attacks, leaving millions of users vulnerable. Proposed defences against website fingerprinting require cooperation between the client and a remote endpoint to reshape the network traffic, thereby hindering deployment.