The web browser factor in traffic analysis attacks

Website fingerprinting is a known type of traffic analysis attacks that aims to identify which websites are visited in encrypted traffic traces. Recent work showed that some classifiers can successfully identify 90% of visited websites. Because web browsers use different rendering engines and networking application program interfaces (APIs), they tend to resist differently to website fingerprinting attacks. In this paper, we study to which extent popular web browsers can resist such attacks by analyzing the shape of their network traffic when fetching websites. To this end, five fine‐grained measures are used to point out very subtle differences in the network traffic of each web browser. Empirical analysis showed that, among six studied web browsers (Chrome, Firefox, Internet Explorer, Safari, Opera, and Tor Browser), Opera and Safari offer the highest resistance to website fingerprinting. Because most of existing fingerprinting techniques have been evaluated using Firefox web browser, we expect the accuracy results of existing work to be reduced in case Opera or Safari browser is used. Copyright © 2015 John Wiley & Sons, Ltd.