Website Fingerprinting in the Age of QUIC

• Main Authors: Smith Jean-Pierre, Mittal Prateek, Perrig Adrian
• Format: Article
• Language: English
• Published: Sciendo 2021-04-01
• Series: Proceedings on Privacy Enhancing Technologies
• Subjects: traffic analysis; website fingerprinting; quic; wireguard
• Online Access: https://doi.org/10.2478/popets-2021-0017

With the meteoric rise of the QUIC protocol, the supremacy of TCP as the de facto transport protocol underlying web traffic will soon cease. HTTP/3, the next version of the HTTP protocol, will not support TCP. Current website-fingerprinting literature has ignored the introduction of this new protocol to all modern browsers. In this work, we investigate whether classifiers trained in the TCP setting generalise to QUIC traces, whether QUIC is inherently more difficult to fingerprint than TCP, how feature importance changes between these protocols, and how to jointly classify QUIC and TCP traces. Experiments using four state-of-theart website-fingerprinting classifiers and our combined QUIC-TCP dataset of ~117,000 traces show that while QUIC is not inherently more difficult to fingerprint than TCP, TCP-trained classifiers may fail to detect up to 96% of QUIC visits to monitored URLs. Furthermore, classifiers that take advantage of the common information between QUIC and TCP traces for the same URL may outperform ensembles of protocol-specific classifiers in limited data settings.