Impact of replacing TCP by QUIC in Tor on website fingerprinting resistance

Master thesis (2023)

Authors

C.H. Trap Electrical Engineering, Mathematics and Computer Science

Contributors

S. Roos Data-Intensive Systems - EEMCS (mentor)
G. Smaragdakis Cyber Security - EEMCS (graduation committee member)
Jérémie Decouchant Data-Intensive Systems - EEMCS (graduation committee member)
Faculty
Electrical Engineering, Mathematics and Computer Science, Electrical Engineering, Mathematics and Computer Science
Copyright: © 2023 Cyril Trap
More Info
expand_more

Published Date

24-07-2023

Language

English

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Faculty

Electrical Engineering, Mathematics and Computer Science

Abstract

Privacy is a human right, yet, people’s behavior on the web is constantly tracked. Tor, an anonymity network, is an effective defence against tracking. However, Tor’s multiplexing of logically independent data streams into a single TCP connection causes issues. Tor with QUIC has been implemented as an alternative with better performance but it has not been studied whether and by how much QUIC increases the vulnerability to timing-based attacks.
The most threatening attacks are website fingerprinting attacks, which can track a Tor user by only controlling the guard node, first of the relays that forward traffic in Tor. In this work, Tor with QUIC is evaluated against website fingerprinting attacks with various levels of defences active. Without defences, Tor is vulnerable to website fingerprinting for both TCP and QUIC but the attacks are more effective on QUIC. On the positive side, defences against website fingerprinting remain effective for QUIC in that they decrease the effectiveness of the attack by a
similar fraction as for TCP.

Files

Thesis.pdf
(pdf | 1.76 Mb)