NB I'm copying the tor-dev mailing list on this message.
At CCS I saw Rishab present these papers:
"CS-BuFLO: A Congestion Sensitive Website Fingerprinting Defense" http://www3.cs.stonybrook.edu/~rnithyanand/pubs/wpes2014-csb.pdf "Glove: A Bespoke Website Fingerprinting Defense" http://www3.cs.stonybrook.edu/~rnithyanand/pubs/wpes2014-glove.pdf "A Systematic Approach to Developing and Evaluating Website Fingerprinting Defenses" http://www3.cs.stonybrook.edu/~rnithyanand/pubs/ccs2014.pdf
I spoke quite a lot to Rishab and suggested, since these schemes have source code, that they be wrapped in a pluggable transports interface so they can be easily used by tor clients. It is not super difficult to turn a network program into a pluggable transport, as there are libraries like pyptlib and liballium that implement the internal pluggable transports protocol. You might be familiar with wfpadtools (https://bitbucket.org/mjuarezm/obfsproxy-wfpadtools), which aims to make it easy to prototype fingerprinting defenses by specifying them in terms of (e.g. padding) primitives.
I looked for the source code mentioned in the papers and I wasn't sure what would be best to use. I found https://crysp.uwaterloo.ca/software/webfingerprint/ which links to some short Python files like https://crysp.uwaterloo.ca/software/webfingerprint/tamaraw.py There is also https://github.com/xiang-cai/CSBuFLO but it doesn't appear to be directly usable. It appears to be a modified OpenSSH, without a commit history showing what was modified.
What source code do you recommend for an implementation?
David Fifield