Adversarial attacks against profile HMM website fingerprinting detection model

Xiaolei Liu, Zhongliu Zhuo, Xiaojiang Du, Xiaosong Zhang, Qingxin Zhu, Mohsen Guizani

Research output: Contribution to journalArticlepeer-review

11 Scopus citations

Abstract

People are accustomed to using an anonymous network to protect their private information. The Profile HMM (Hidden Markov Model) Website Fingerprinting Detection algorithm can detect the website that the data stream accesses by pattern matching the captured data traffic. This makes the anonymous network lose its effect. In order to bypass the detection of this model, we propose a method based on genetic algorithm to generate adversarial samples. By migrating the problem of adversarial samples in deep learning, our approach is used for the broader machine learning detection model to do traffic confusion, and then achieves the purpose of bypassing the Profile HMM model detection. The key challenge is how to construct a suitable fitness function to generate an effective adversarial sample at minimal cost. The experimental results show that the success rate of our traffic confusion method is as high as 97%. At the same time, we only need to add less perturbation traffic than the traditional traffic confusion method.

Original languageEnglish
Pages (from-to)83-89
Number of pages7
JournalCognitive Systems Research
Volume54
DOIs
StatePublished - May 2019

Keywords

  • Adversarial samples
  • PHMM
  • Traffic confusion

Fingerprint

Dive into the research topics of 'Adversarial attacks against profile HMM website fingerprinting detection model'. Together they form a unique fingerprint.

Cite this