In webpage fingerprinting, an on-path adversary infers the specific webpage loaded by a victim user by analysing the patterns in the encrypted TLS traffic exchanged between the user's browser and the website's servers. This work studies modern webpage fingerprinting adversaries against the TLS protocol; aiming to shed light on their capabilities and inform potential defences. Despite the importance of this research area (the majority of global Internet users rely on standard web browsing with TLS) and the potential real-life impact, most past works have focused on attacks specific to anonymity networks (e.g., Tor). We introduce a TLS-specific model that: 1) scales to an unprecedented number of target webpages, 2) can accurately classify thousands of classes it never encountered during training, and 3) has low operational costs even in scenarios of frequent page updates. Based on these findings, we then discuss TLS-specific countermeasures and evaluate the effectiveness of the existing padding capabilities provided by TLS 1.3.

翻译：在网页指纹识别中，路径上的攻击者通过分析用户浏览器与网站服务器之间加密TLS流量中的模式，推断受害用户所加载的具体网页。本研究针对TLS协议下的现代网页指纹识别攻击者展开研究，旨在阐明其攻击能力并为潜在防御措施提供依据。尽管该研究领域具有重要价值（全球大多数互联网用户依赖标准TLS网页浏览）且可能产生重大现实影响，但以往研究主要集中在针对匿名网络（如Tor）的攻击上。我们提出了一种特定于TLS的模型，该模型能够：1）扩展至前所未有的目标网页数量规模，2）准确分类数千个训练期间未曾见过的类别，3）在页面频繁更新的场景中仍保持较低运营成本。基于这些发现，我们进一步讨论了针对TLS的防御措施，并评估了TLS 1.3现有填充功能的有效性。