STAP: Leveraging State-Transition Adversarial Perturbations for Asymmetric Website Fingerprinting Defenses

Web services, as the most ubiquitous form of online services, have consistently attracted research attention due to privacy concerns. Although VPNs and anonymous communication methods can partially protect users’ online privacy, advancements in website fingerprinting (WF) attacks still exploit the spatio-temporal characteristics of web resource transmission to identify web services. The challenge lies in defending against WF attacks efficiently, with limited bandwidth costs. Server-side WF defenses, deployed on web servers, can achieve end-to-end obfuscation across both clients and servers. However, existing defenses often consume significant bandwidth and require additional removal operations on the client side. Given the growing use of QUIC with HTTP/3 and the need for robust privacy protections, this paper introduces an asymmetric server-side WF defense scheme using State-Transition Adversarial Perturbations (STAP). STAP introduces the concept of latent resource-state transitions, which represent hidden patterns in resource transmission. Utilizing perturbation models containing these transitions, STAP subtly alters traffic through packet padding and insertion, with inherent transport layer encryption enhancing the concealment. STAP can operate independently, removing the necessity for user involvement. Experimental results demonstrate that STAP outperforms other schemes, achieving reductions in True Positive Rate (TPR) by up to 22% and reductions in bandwidth overhead by up to 30%.