Snoopy: A Webpage Fingerprinting Framework with Finite Query Model for Mass-Surveillance

Internet users are vulnerable to privacy attacks despite the use of encryption. Webpage fingerprinting, an attack that analyzes encrypted traffic, can identify the webpages visited by a user. The key challenges in performing mass-scale webpage fingerprinting arise from (i) the sheer number of combinations of user behavior and preferences to account for, and; (ii) the bound on the number of website queries imposed by the defense mechanisms (e.g., DDoS defense) deployed at the website. These constraints preclude the use of conventional data-intensive ML-based techniques. In this work, we propose Snoopy, a first-of-its-kind framework, that performs webpage fingerprinting for a large number of users visiting a website. Snoopy caters to the generalization requirements of mass-surveillance while complying with a bound on the number of website accesses (finite query model) for traffic sample collection. We show that Snoopy achieves <inline-formula><tex-math notation="LaTeX">$\approx 90\%$</tex-math></inline-formula> accuracy when evaluated on most websites, across various browsing contexts. A simple ensemble of Snoopy and an ML-based technique achieves <inline-formula><tex-math notation="LaTeX">$\approx 97\%$</tex-math></inline-formula> accuracy while adhering to the finite query model, in cases when Snoopy alone does not perform well.