With the proliferation of deep learning, various encrypted traffic identification methods have been adopted by attackers, and traffic eavesdropping, a passive attack method, has seriously violated user privacy. Consequently, devising effective countermeasures against traffic identification attacks has emerged as a focal area of research. Existing methods face significant limitations regarding effectiveness and usability. Effectiveness-wise, they fail to perform across various scenarios and overlook the diversity of perturbations. From a usability perspective, they encounter obstacles such as uncontrollable bandwidth overhead (BWO), lack of real-time applicability, and reliance on overly optimistic assumptions—they often need as input the information of the traffic identification models used by eavesdroppers or which websites are accessed by users. To address these limitations, we propose a traffic adversarial sample generation method, Tarnhelm, to protect user privacy. Specifically, Tarnhelm uses the Transformer architecture and introduces randomness of perturbation to solve the effectiveness issue; meanwhile, specific loss function, model training, and application methods are designed to ensure usability. Extensive experiments show that Tarnhelm provides promising privacy protection against three traffic identification methods in three data scenarios. Tarnhelm achieves a Defense Success Rate (DSR) of over 86%, surpassing five state-of-the-art methods, and maintains resilience with over 80% DSR against adversarial training. Additionally, Tarnhelm generates adversarial samples that closely resemble the original samples with minimal bandwidth consumption, and strictly comply with traffic constraints.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Tarnhelm: Using Adversarial Samples to Protect User Privacy Against Traffic Identification

  • Yuwei Xu,
  • Yunpeng Bai,
  • Jie Cao,
  • Yuanyuan Xu,
  • Liang He,
  • Guang Cheng

摘要

With the proliferation of deep learning, various encrypted traffic identification methods have been adopted by attackers, and traffic eavesdropping, a passive attack method, has seriously violated user privacy. Consequently, devising effective countermeasures against traffic identification attacks has emerged as a focal area of research. Existing methods face significant limitations regarding effectiveness and usability. Effectiveness-wise, they fail to perform across various scenarios and overlook the diversity of perturbations. From a usability perspective, they encounter obstacles such as uncontrollable bandwidth overhead (BWO), lack of real-time applicability, and reliance on overly optimistic assumptions—they often need as input the information of the traffic identification models used by eavesdroppers or which websites are accessed by users. To address these limitations, we propose a traffic adversarial sample generation method, Tarnhelm, to protect user privacy. Specifically, Tarnhelm uses the Transformer architecture and introduces randomness of perturbation to solve the effectiveness issue; meanwhile, specific loss function, model training, and application methods are designed to ensure usability. Extensive experiments show that Tarnhelm provides promising privacy protection against three traffic identification methods in three data scenarios. Tarnhelm achieves a Defense Success Rate (DSR) of over 86%, surpassing five state-of-the-art methods, and maintains resilience with over 80% DSR against adversarial training. Additionally, Tarnhelm generates adversarial samples that closely resemble the original samples with minimal bandwidth consumption, and strictly comply with traffic constraints.