Currently, people around the world daily use the Internet to access various services, such as e-mail and online shopping. However, the behavior-based tracking attacks have posed a considerable threat to users' privacy. Relying on characteristic patterns within the Internet activities, this attack can link a user's multiple sessions. In this paper, we investigate the behavior-based tracking attack and propose some countermeasures to mitigate the threat. We preprocess the raw traffic data and then extract features ranging from lower layer network packets to high-level application-related traffic. Specifically, we focus on four types of application-level traffic to infer users' habits, including HTTP, IM, e-mail, and P2P. In addition, we extract the web queries entered into shopping websites and classify them to infer users' preferences. Then, we construct the preference models and propose an improved method. For evaluation, we collect traffic in the real-world environment to construct a large-scale dataset. Five hundred and nine users are selected in terms of the user's active degree. When the term frequency-inverse document frequency transformation is used, the improved method can identify an average of 93.79% instances correctly. Our extensive empirical experiments demonstrate the effectiveness and efficiency of our approaches. Finally, we discuss and evaluate several countermeasures.

• 出版日期2017-3-25
• 单位东南大学