Scaling website fingerprinting

Research output: Chapter in Book/Conference proceedings/Edited volumeConference contributionScientificpeer-review

2 Citations (Scopus)


Website fingerprinting aims to identify the web page visited by a victim through the analysis of metadata generated by the encrypted flow between web server and victim. A fingerprinting attack can be performed at several locations and scales, ranging from local adversaries such as employers monitoring their employees browsing behavior to state sponsored actors monitoring civilians to uncover their political views. In this paper we show the feasibility of an attacker performing web page fingerprinting at a large scale by introducing a new twostage fingerprinting method. We evaluate our proposed method using a Wikipedia clone consisting of 828, 907 pages, allowing us to show that attackers are not only able to fingerprint pages from different websites but are also able to fingerprint similar pages belonging to the same website. More so, we show that, even though HTTP2 reduces the available metadata compared to HTTP, attackers using our method can achieve an accuracy of 62.21% when fingerprinting pages from our Wikipedia clone. Finally, we show that an attacker can, when taking browsing behavior into consideration, identify victims searching for specific information with an accuracy of 87.4%.

Original languageEnglish
Title of host publication2020 IFIP Networking Conference (Networking)
Subtitle of host publicationProceedings
Number of pages9
ISBN (Electronic)978-3-903176-28-7
ISBN (Print)978-1-7281-6710-7
Publication statusPublished - 2020
Event2020 IFIP Networking Conference and Workshops, Networking 2020 - Paris, France
Duration: 22 Jun 202025 Jun 2020


Conference2020 IFIP Networking Conference and Workshops, Networking 2020


  • large scale
  • LSH
  • MinHash
  • Website fingerprinting

Cite this