论文名:A Critical Evaluation of Website Fingerprinting Attacks (CCS2014)
URL: https://nymity.ch/tor-dns/pdf/Juarez2014a.pdf
摘要:
Recent studies on Website Fingerprinting (WF) claim to have found highly effective attacks on Tor. However, these studies make assumptions about user settings, adversary capabilities, and the nature of the Web that do not necessarily hold in practical scenarios. The following study critically evaluates these assumptions by conducting the attack where the assumptions do not hold. We show that certain variables, for example, user’s browsing habits, differences in location and version of Tor Browser Bundle, that are usually omitted from the current WF model have a significant impact on the efficacy of the attack. We also empirically show how prior work succumbs to the base rate fallacy in the open-world scenario. We address this problem by augmenting our classification method with a verification step. We conclude that even though this approach reduces the number of false positives over 63%, it does not completely solve the problem, which remains an open issue for WF attacks.
分句解析:
Recent studies on Website Fingerprinting (WF) claim to have found highly effective attacks on Tor. (Website fingerprinting 这个研究点很火热)
However, these studies make assumptions about user settings, adversary capabilities, and the nature of the Web that do not necessarily hold in practical scenarios. (但是这些工作对于用户的行为习惯、攻击者的能力的假设不合理)
The following study critically evaluates these assumptions by conducting the attack where the assumptions do not hold. We show that certain variables, for example, user’s browsing habits, differences in location and version of Tor Browser Bundle, that are usually omitted from the current WF model have a significant impact on the efficacy of the attack. We also empirically show how prior work succumbs to the base rate fallacy in the open-world scenario. (这种不合理的假设,在现实中会有那些实际的不合理,会受那些影响,这些我们做实验做了验证)
We address this problem by augmenting our classification method with a verification step. We conclude that even though this approach reduces the number of false positives over 63%, it does not completely solve the problem, which remains an open issue for WF attacks.(我们提出什么方法来解决这个问题,得到了什么样的效果)
欣赏:
这篇论文是对网站指纹攻击这个研究点的实验假设做了放松,提出放松假设后目前这些研究有很大的问题,继而提出自己的一些解决这个问题的想法。
从这个摘要基本上就知道这篇论文在说什么了。这个摘要写的特别好。它的套路可以归纳如下:
- 目前的这个研究点是什么,它很popular
- 这个研究点的工作的假设有什么明显的不足
- 这种不足又会什么缺点,我们在论文中做实验验证了
- 我们提出什么方法去解决这个问题,效果怎么样,有百分百