2ch-TCN: A Website Fingerprinting Attack over Tor Using 2-channel Temporal Convolutional Networks

In a website fingerprinting attack, an eavesdropper analyses the traffic between the Tor user and entry node of the Tor network to infer which websites the user has visited. Some recent work apply deep learning algorithms, however, most of them do not fully exploit the packet timing information. In this work, we propose a novel website fingerprinting attack based on a two-channel Temporal Convolutional Networks model that extracts features from both the packet sequences and packet timing information. Our attack is proved to perform better compared to the state-of-the-art attacks. Experiment results also show that the timing information is very useful for classification. Furthermore, we collect our own traffic traces between client and entry node, and transform them into three extraction layers: TCP, TLS and Tor cell layer, and meanwhile record Tor’s cell log at the entry node. The experimental results show that the data of the cell layer is the most divisible among the three layers. Based on the experimental results, we conclude that the adversary at the entry node has an advantage over the one who just listens to traffic between client and entry node.