On 29/07/18 15:42, George Kadianakis wrote:
- They also told me of research by Tobias Pulls which eliminates the needs for histograms in WTF-PAD and instead it samples from the probability distribution directly. They think that this can simplify things somewhat. Any thoughts on this?
Yes this is actually exactly what I want to do with the next iteration of WTF-PAD! The question is what form/model to use for these probability distributions. Right now we're encoding inter-burst and inter-packet timings with some weird geometric distribution determining how long these bursts should go on for, when it might be more natural to encode and sample from length-based distributions/histograms.
(Histograms vs distribution is not the problem -- its what they encode and how they encode it that matters).
I don't see this paper on Tobias's website. Is it up anywhere yet?
Hmm. Looking at the README of wtfpad (see the APE section), I think this blog post is the best resource we have on this: https://www.cs.kau.se/pulls/hot/thebasketcase-ape/
Hi George and Mike,
You found the main writeup of the hasty work I did in this direction a while back, also some comments in the source [0]. Unfortunately my funding took me in other directions and I didn't want to publish any paper without spending more time on it. As written on the blog post it looks like a promising direction, but please also note that the attack implementation of Wa-kNN used has some rough edges for example when it comes to time-based features (so robustness of the naive distributions when moving around the PT server far from a given). If someone wants to collaborate on this I'd be more than happy to contribute, got funding to work on Tor-related things again starting August.
Best, Tobias
[0]: https://github.com/pylls/basket2/blob/master/padding_ape.go