![[2412.11471] TrapFlow: Controllable Website Fingerprinting Defense via Dynamic Backdoor Learning](https://arxiv.org/static/browse/0.3.4/images/arxiv-logo-fb.png){kind=logo}
[2412.11471] TrapFlow: Controllable Website Fingerprinting Defense via Dynamic Backdoor Learning
Summary
The paper presents TrapFlow, a novel defense mechanism against website fingerprinting attacks using dynamic backdoor learning to enhance user privacy.
Why It Matters
Website fingerprinting poses a significant threat to user privacy by identifying web pages visited through traffic analysis. TrapFlow offers a new approach to mitigate this risk effectively, addressing limitations of existing defenses and demonstrating practical applicability in real-world scenarios.
Key Takeaways
- TrapFlow significantly reduces the accuracy of website fingerprinting attacks from 99% to 6%.
- The method utilizes backdoor learning to inject trigger sequences into traffic, confusing attackers.
- TrapFlow shows practical effectiveness in real Tor network environments.
- The approach balances learnability and distinctiveness of triggers to maximize defense efficiency.
- Compared to existing defenses, TrapFlow offers superior accuracy reduction with manageable overhead.
Computer Science > Cryptography and Security arXiv:2412.11471 (cs) [Submitted on 16 Dec 2024 (v1), last revised 20 Feb 2026 (this version, v2)] Title:TrapFlow: Controllable Website Fingerprinting Defense via Dynamic Backdoor Learning Authors:Siyuan Liang, Jiajun Gong, Tianmeng Fang, Aishan Liu, Tao Wang, Xiaochun Cao, Dacheng Tao, Ee-Chien Chang View a PDF of the paper titled TrapFlow: Controllable Website Fingerprinting Defense via Dynamic Backdoor Learning, by Siyuan Liang and 6 other authors View PDF HTML (experimental) Abstract:Website fingerprinting (WF) attacks, which covertly monitor user communications to identify the web pages they visit, pose a serious threat to user privacy. Existing WF defenses attempt to reduce attack accuracy by disrupting traffic patterns, but attackers can retrain their models to adapt, making these defenses ineffective. Meanwhile, their high overhead limits deployability. To overcome these limitations, we introduce a novel controllable website fingerprinting defense called TrapFlow based on backdoor learning. TrapFlow exploits the tendency of neural networks to memorize subtle patterns by injecting crafted trigger sequences into targeted website traffic, causing the attacker model to build incorrect associations during training. If the attacker attempts to adapt by training on such noisy data, TrapFlow ensures that the model internalizes the trigger as a dominant feature, leading to widespread misclassification across unrelated websites. C...