Fingerprinting Attacks and Encrypted Traffic Analysis

David Hasselquist and Niklas Carlsson

Our online activity can reveal much about our thoughts, opinions, and interests. Privacy aware groups have long pushed for the use of HTTPS (encrypted end-to-end communication). With the increased reliance on online information sources, many entities are dedicating significant effort trying to learn as much as they can about the users' online activities. An adversary capable of determining users' activity therefore presents a significant privacy threat. In our research, we show that even encrypted data can reveal information. By identifying browsed news articles and live streams from encrypted network traffic, we demonstrate that the naive use of HTTPS is not sufficient to prevent attackers monitoring a user's connections from extracting sensitive information. We also study and evaluate various countermeasures and show that while the use of VPN decreases the classification accuracy, the reduction is far from large enough to mitigate the attack. The insights that we provide are valuable for both the service providers and users to better protect their privacy.