TG-PSM: Tunable Greedy Packet Sequence Morphing Based on Trace Clustering

Common privacy enhancing technologies fail to effectively hide certain statistical aspects of encrypted traffic, namely individual packets length, packets direction and, packets timing. Recent researches have shown that using such attributes, an adversary is able to extract various information from the encrypted traffic such as the visited website and used protocol. Such attacks are called traffic analysis. Proposed countermeasures attempt to change the distribution of such features. however, either they fail to effectively reduce attacker's accuracy or do so while enforcing high bandwidth overhead and timing delay. In this paper, through the use of a predefined set of clustered traces of websites and a greedy packet morphing algorithm, we introduce a website fingerprinting countermeasure called TG-PSM. Firstly, this method clusters websites based on their behavior in different phases of loading. Secondly, it finds a suitable target site for any visiting website based on user indicated importance degree; thus providing dynamic tunability. Thirdly, this method morphs the given website to the target website using a greedy algorithm considering the distance and the resulted overhead. Our evaluations show that TG-PSM outperforms previous countermeasures regarding attacker accuracy reduction and enforced bandwidth, e.g., reducing bandwidth overhead over 40% while maintaining attacker's accuracy.