Website fingerprinting attack is an extensively studied technique used in a web browser to analyze traffic patterns and thus infer confidential information about users. Several website fingerprinting attacks based on machine learning and deep learning tend to use the most typical features to achieve a satisfactory performance of attacking rate. However, these attacks suffer from several practical implementation factors, such as a skillfully pre-processing step or a clean dataset. To defend against such attacks, random packet defense (RPD) with a high cost of excessive network overhead is usually applied. In this work, we first propose a practical filter-assisted attack against RPD, which can filter out the injected noises using the statistical characteristics of TCP/IP traffic. Then, we propose a list-assisted defensive mechanism to defend the proposed attack method. To achieve a configurable trade-off between the defense and the network overhead, we further improve the list-based defense by a traffic splitting mechanism, which can combat the mentioned attacks as well as save a considerable amount of network overhead. In the experiments, we collect real-life traffic patterns using three mainstream browsers, i.e., Microsoft Edge, Google Chrome, and Mozilla Firefox, and extensive results conducted on the closed and open-world datasets show the effectiveness of the proposed algorithms in terms of defense accuracy and network efficiency.

翻译：网站指纹攻击是一种在网页浏览器中广泛研究的技术，通过分析流量模式来推断用户的机密信息。基于机器学习和深度学习的多种网站指纹攻击方法，通常利用最具代表性的特征来实现令人满意的攻击率性能。然而，这些攻击面临若干实际部署因素的限制，例如需要精巧的预处理步骤或纯净的数据集。为抵御此类攻击，通常采用高成本、高网络开销的随机数据包防御（RPD）技术。本研究首先提出一种实用的滤波器辅助攻击方法，能够利用TCP/IP流量的统计特性滤除注入的噪声，从而突破RPD防御。随后我们提出列表辅助防御机制来对抗所提出的攻击方法。为实现防御效果与网络开销之间可配置的权衡，进一步通过流量分割机制改进基于列表的防御策略，该机制既能有效抵抗上述攻击，又能显著降低网络开销。实验中，我们使用Microsoft Edge、Google Chrome和Mozilla Firefox三种主流浏览器采集真实流量模式，并在封闭与开放世界数据集上开展大量实验，结果证明了所提算法在防御准确率和网络效率方面的有效性。