Confusing Traffic against Intra-domain Webpage Fingerprinting Attacks.

The website fingerprinting attack is one of the threats that disclosing user web visiting privacy even the visiting traffic is encrypted. It can appear in two types, the inter-domain website fingerprinting and the intra-domain webpage fingerprinting. For the intra-domain webpages, they often generated from some predefined templates based on user inputs and may introduce more private details about user-concerned contents. To protect against intra-domain webpage fingerprinting, we adopt two web traffic generating methods to confuse traffic analyzers. The LRSO-Pad disrupts traffic analysis by padding random noise, and the DeOS performs traffic camouflage by sending decoy objects. We also test the fingerprinting and protecting influences imposed by the additional CDN traffic bursts. The conducted experiments validate our adopted methods.