pith. sign in

arxiv: 2606.17462 · v1 · pith:QJUDIFJVnew · submitted 2026-06-16 · 💻 cs.LG · cs.NI

ResAware: Cross-Environment Website Fingerprinting via Resource-Privileged Distillation

Chongru Fan , Wei Wang , Wentao Huang , Zhenquan Ding , Jinqiao Shi , Lei Cui , Zhiyu Hao , Xiaochun Yun This is my paper

Pith reviewed 2026-06-27 01:34 UTC · model grok-4.3

classification 💻 cs.LG cs.NI
keywords website fingerprintingknowledge distillationcross-environment robustnessresource featuresencrypted traffictemporal driftadversarial robustness
0
0 comments X

The pith

Distilling knowledge from resource-level features into a traffic-only model makes website fingerprinting more robust to real-world drifts and browser differences.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

Website fingerprinting attacks work well in controlled settings but lose accuracy in practice because low-level encrypted traffic features are noisy and shift with time, location, browser, and proxies. ResAware trains a teacher model on richer resource-level features collected during data gathering, then transfers that knowledge to a student model through heterogeneous distillation. The student model at inference time sees only the encrypted traffic and incurs no extra cost. Evaluated on over 160,000 paired samples gathered across five months and six global vantage points, the method raises accuracy of multiple baseline attacks under temporal drift.

Core claim

ResAware trains a teacher model on resource-level features and distills the privileged knowledge into a student model via heterogeneous knowledge distillation. At deployment the student uses only encrypted traffic. On a five-month dataset from six vantage points with over 160,000 samples, this raises Var-CNN F1-score from 72.77% to 81.49% under 150-day drift and open-world TPR@1%FPR from 22.40% to 27.20%.

What carries the argument

Heterogeneous knowledge distillation from a teacher trained on resource-level features to a student limited to encrypted traffic features.

If this is right

  • Resource supervision improves robustness of existing WF baselines without changing their inference input.
  • Performance gains hold under 150-day temporal drift and across global vantage points.
  • The method requires no additional observation capabilities at attack time.
  • Results generalize across multiple WF architectures including Var-CNN.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • Similar distillation from rich auxiliary features could help other traffic-analysis tasks that suffer from distribution shift.
  • Collecting paired resource-traffic datasets might become a standard preprocessing step for training detectors meant to survive real deployment.
  • Testing on additional obfuscation layers such as proxies would show how far the transferred knowledge survives.

Load-bearing premise

Resource-level features contain transferable information that improves predictions made from encrypted traffic alone even when environments change.

What would settle it

Apply the same training and distillation procedure to a fresh paired dataset collected after another 150 days and check whether the student still outperforms the non-distilled baseline on the new drifted traffic.

Figures

Figures reproduced from arXiv: 2606.17462 by Chongru Fan, Jinqiao Shi, Lei Cui, Wei Wang, Wentao Huang, Xiaochun Yun, Zhenquan Ding, Zhiyu Hao.

Figure 1
Figure 1. Figure 1: A website’s identity is reflected in its architecture [PITH_FULL_IMAGE:figures/full_fig_p001_1.png] view at source ↗
Figure 2
Figure 2. Figure 2: The training-rich / inference-poor asymmetric [PITH_FULL_IMAGE:figures/full_fig_p003_2.png] view at source ↗
Figure 4
Figure 4. Figure 4: Overview of the ResAware framework. Offline training first trains a resource-only teacher, then distills its knowledge [PITH_FULL_IMAGE:figures/full_fig_p005_4.png] view at source ↗
Figure 5
Figure 5. Figure 5: Closed-world F1-score (%) with and without ResAware over five temporal test snapshots (Day 30–150) for WF backbones. [PITH_FULL_IMAGE:figures/full_fig_p008_5.png] view at source ↗
Figure 6
Figure 6. Figure 6: Few-shot adaptation F1-score (%) of Var-CNN with [PITH_FULL_IMAGE:figures/full_fig_p009_6.png] view at source ↗
Figure 7
Figure 7. Figure 7: Per-channel ablation F1-score (%) for the resource [PITH_FULL_IMAGE:figures/full_fig_p010_7.png] view at source ↗
Figure 8
Figure 8. Figure 8: Calibration and confidence distributions of Var [PITH_FULL_IMAGE:figures/full_fig_p011_8.png] view at source ↗
Figure 9
Figure 9. Figure 9: Performance gain Δ (%) over the 𝛼 = 0 baseline as a function of distillation weight 𝛼 for six backbones. The best￾performing 𝛼 range remains largely stable for each backbone, indicating that the distillation weight is mainly coupled to student capacity rather than to a particular source training window. F Sensitivity Analysis of 𝛼 This appendix provides the complete sensitivity analysis of the dis￾tillatio… view at source ↗
read the original abstract

While Website Fingerprinting (WF) attacks achieve high accuracy in controlled laboratory settings, they often degrade substantially in real-world environments due to spatio-temporal drift, browser heterogeneity, proxy obfuscation and etc. This limitation stems from their sole reliance on low-level traffic features that are noisy and highly sensitive to environmental perturbations. To address this problem, we propose \textbf{ResAware}, a cross-environment resource-aware distillation framework under a \textit{training-rich/inference-poor} asymmetric setting. Specifically, ResAware trains a teacher model on resource-level features, and then distills the resulting privileged knowledge into a student model through heterogeneous knowledge distillation. At deployment time, the student model performs inference using only encrypted traffic, incurring zero additional cost. We evaluate ResAware on a large-scale dataset collected over five months from six globally distributed vantage points, comprising more than $160{,}000$ paired samples. The results show that ResAware significantly enhances the cross-environment robustness of diverse WF baselines. Under a 150-day temporal drift, for example, ResAware improves the F1-score of Var-CNN from $72.77\%$ to $81.49\%$ and the open-world $TPR@1\%FPR$ from $22.40\%$ to $27.20\%$. Our results demonstrate that resource-level supervision improves WF robustness without expanding online observation capabilities.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

0 major / 1 minor

Summary. The paper proposes ResAware, a cross-environment resource-aware distillation framework for website fingerprinting under a training-rich/inference-poor asymmetric setting. A teacher model is trained on resource-level features and its privileged knowledge is distilled into a student model that performs inference using only encrypted traffic. The approach is evaluated on a large-scale dataset of over 160,000 paired samples collected over five months from six globally distributed vantage points, with reported gains including an F1-score increase for Var-CNN from 72.77% to 81.49% and open-world TPR@1%FPR from 22.40% to 27.20% under 150-day temporal drift.

Significance. If the results hold, the work demonstrates that resource-level supervision can be transferred via heterogeneous distillation to improve WF robustness to spatio-temporal drift, browser heterogeneity, and related factors without any additional inference-time cost or expanded observation capabilities. The scale of the paired dataset spanning multiple locations and months, together with the concrete numeric improvements on established baselines, would constitute a meaningful empirical contribution to practical WF research.

minor comments (1)
  1. Abstract: the phrasing 'and etc.' is informal; replace with an explicit enumeration of the environmental factors considered or remove the clause.

Simulated Author's Rebuttal

0 responses · 0 unresolved

We thank the referee for the detailed summary of our work and for acknowledging its potential significance if the results hold. No specific major comments were listed in the report, so we have no point-by-point responses to provide at this time. We remain available to supply any additional details on the dataset collection, distillation procedure, or evaluation protocol that would help resolve the uncertainty in the recommendation.

Circularity Check

0 steps flagged

No significant circularity

full rationale

The paper presents an empirical distillation framework (teacher trained on resource features, student on traffic only) and reports concrete performance gains on an independently collected multi-month, multi-location dataset. No equations, fitted parameters, or derivation steps are described that reduce a claimed result to its own inputs by construction; the improvements are measured outcomes rather than self-referential predictions. The method follows standard asymmetric knowledge distillation without invoking self-citations for uniqueness theorems or smuggling ansatzes. The central claim remains externally falsifiable via the reported experiments.

Axiom & Free-Parameter Ledger

0 free parameters · 1 axioms · 0 invented entities

Only abstract available; ledger populated from stated premises in the abstract.

axioms (1)
  • domain assumption Resource-level features contain transferable privileged knowledge that can be distilled to improve traffic-only inference under environmental drift.
    Core premise of the teacher-student setup described in the abstract.

pith-pipeline@v0.9.1-grok · 5800 in / 1125 out tokens · 30129 ms · 2026-06-27T01:34:10.453870+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Reference graph

Works this paper leans on

56 extracted references · 23 canonical work pages

  1. [1]

    Alireza Bahramali, Ardavan Bozorgi, and Amir Houmansadr. 2023. Realistic Website Fingerprinting By Augmenting Network Traces. InProceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, CCS 2023, Copenhagen, Denmark, November 26-30, 2023, Weizhi Meng, Christian Damsgaard Jensen, Cas Cremers, and Engin Kirda (Eds.). ACM, New Yo...

    2023

  2. [2]

    doi:10.1145/3576915.3616639

    work page doi:10.1145/3576915.3616639

  3. [3]

    Berndt and James Clifford

    Donald J. Berndt and James Clifford. 1994. Using dynamic time warping to find patterns in time series. InProceedings of the 3rd International Conference on Knowledge Discovery and Data Mining(Seattle, WA)(AAAIWS’94). AAAI Press, 359–370

    1994

  4. [4]

    Sanjit Bhat, David Lu, Albert Kwon, and Srinivas Devadas. 2019. Var-CNN: A Data-Efficient Website Fingerprinting Attack Based on Deep Learning.Proc. Priv. Enhancing Technol.2019, 4 (2019), 292–310. doi:10.2478/POPETS-2019-0070

    work page doi:10.2478/popets-2019-0070 2019

  5. [5]

    Mantun Chen, Yongjun Wang, Hongzuo Xu, and Xiatian Zhu. 2021. Few-shot website fingerprinting attack.Comput. Netw.198, C (Oct. 2021), 12 pages. doi:10. 1016/j.comnet.2021.108298

    arXiv 2021

  6. [6]

    Yifei Cheng, Yujia Zhu, Baiyang Li, Xinhao Deng, Yitong Cai, Yaochen Ren, and Qingyun Liu. 2025. STAR: Semantic-Traffic Alignment and Retrieval for Zero-Shot HTTPS Website Fingerprinting.CoRRabs/2512.17667 (2025). arXiv:2512.17667 doi:10.48550/ARXIV.2512.17667

    work page doi:10.48550/arxiv.2512.17667 2025

  7. [7]

    Yifei Cheng, Yujia Zhu, Baiyang Li, Peishuai Sun, Yong Ding, Xinhao Deng, and Qingyun Liu. 2025. HOLMES & WATSON: A Robust and Lightweight HTTPS Website Fingerprinting through HTTP Version Parallelism. InProceedings of the ACM on Web Conference 2025, WWW 2025, Sydney, NSW, Australia, 28 April 2025- 2 May 2025, Guodong Long, Michale Blumestein, Yi Chang, L...

    work page doi:10.1145/3696410 2025

  8. [8]

    Giovanni Cherubin, Rob Jansen, and Carmela Troncoso. 2022. Online Website Fingerprinting: Evaluating Website Fingerprinting Attacks on Tor in the Real World. In31st USENIX Security Symposium, USENIX Security 2022, Boston, MA, USA, August 10-12, 2022, Kevin R. B. Butler and Kurt Thomas (Eds.). USENIX Association, 753–770. https://www.usenix.org/conference/...

    2022

  9. [9]

    Xinhao Deng, Jingyou Chen, Linxiao Yu, Yixiang Zhang, Zhongyi Gu, Changhao Qiu, Xiyuan Zhao, Ke Xu, and Qi Li. 2025. Beyond a Single Perspective: Towards a Realistic Evaluation of Website Fingerprinting Attacks.CoRRabs/2510.14283 (2025). arXiv:2510.14283 doi:10.48550/ARXIV.2510.14283

    work page doi:10.48550/arxiv.2510.14283 2025

  10. [10]

    Xinhao Deng, Yixiang Zhang, Qi Li, Zhuotao Liu, Yabo Wang, and Ke Xu. 2026. Enhancing Website Fingerprinting Attacks against Traffic Drift. InNetwork and Distributed System Security (NDSS) Symposium. Internet Society. https://www.ndss-symposium.org/ndss-paper/enhancing-website- fingerprinting-attacks-against-traffic-drift/

    2026

  11. [11]

    Xianwen Deng, Ruijie Zhao, Yanhao Wang, Mingwei Zhan, Zhi Xue, and Yijun Wang. 2025. Countmamba: A Generalized Website Fingerprinting Attack via Coarse-Grained Representation and Fine-Grained Prediction. In2025 IEEE Sym- posium on Security and Privacy (SP). 1419–1437. doi:10.1109/SP61157.2025.00154

    work page doi:10.1109/sp61157.2025.00154 2025

  12. [12]

    Fielding, Mark Nottingham, and Julian Reschke

    Roy T. Fielding, Mark Nottingham, and Julian Reschke. 2022. HTTP Semantics. RFC 9110. doi:10.17487/RFC9110

    work page doi:10.17487/rfc9110 2022

  13. [13]

    Bo Gao, Weiwei Liu, Guangjie Liu, Fengyuan Nie, and Jianan Huang. 2025. Multi- Level Resource-Coherented Graph Learning for Website Fingerprinting Attacks. IEEE Trans. Inf. Forensics Secur.20 (2025), 693–708. doi:10.1109/TIFS.2024.3520014

    work page doi:10.1109/tifs.2024.3520014 2025

  14. [14]

    Jamie Hayes and George Danezis. 2016. k-fingerprinting: A Robust Scalable Website Fingerprinting Technique. In25th USENIX Security Symposium, USENIX Security 16, Austin, TX, USA, August 10-12, 2016, Thorsten Holz and Stefan Savage (Eds.). USENIX Association, 1187–1203. https://www.usenix.org/conference/ usenixsecurity16/technical-sessions/presentation/hayes

    2016

  15. [15]

    Hinton, Oriol Vinyals, and Jeffrey Dean

    Geoffrey E. Hinton, Oriol Vinyals, and Jeffrey Dean. 2015. Distilling the Knowl- edge in a Neural Network.CoRRabs/1503.02531 (2015). arXiv:1503.02531 http://arxiv.org/abs/1503.02531

    Pith/arXiv arXiv 2015

  16. [16]

    Andrew Hintz. 2002. Fingerprinting websites using traffic analysis. InProceed- ings of the 2nd International Conference on Privacy Enhancing Technologies(San Francisco, CA, USA)(PET’02). Springer-Verlag, Berlin, Heidelberg, 171–178

    2002

  17. [17]

    DNS Queries over HTTPS (DoH),

    Paul E. Hoffman and Patrick McManus. 2018. DNS Queries over HTTPS (DoH). RFC 8484. doi:10.17487/RFC8484

    work page doi:10.17487/rfc8484 2018

  18. [18]

    Guodong Huang, Chuan Ma, Ming Ding, Yuwen Qian, Chunpeng Ge, Liming Fang, and Zhe Liu. 2023. Efficient and Low Overhead Website Fingerprinting Attacks and Defenses based on TCP/IP Traffic. InProceedings of the ACM Web Conference 2023(Austin, TX, USA)(WWW ’23). Association for Computing Machinery, New York, NY, USA, 1991–1999. doi:10.1145/3543507.3583200

    work page doi:10.1145/3543507.3583200 2023

  19. [19]

    Tao Huang, Shan You, Fei Wang, Chen Qian, and Chang Xu. 2022. Knowledge distillation from a stronger teacher. InProceedings of the 36th International Con- ference on Neural Information Processing Systems(New Orleans, LA, USA)(NIPS ’22). Curran Associates Inc., Red Hook, NY, USA, Article 2443, 12 pages

    2022

  20. [20]

    Marc Juarez, Sadia Afroz, Gunes Acar, Claudia Diaz, and Rachel Greenstadt

  21. [21]

    InProceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security (Scottsdale, Arizona, USA)(CCS ’14)

    A Critical Evaluation of Website Fingerprinting Attacks. InProceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security (Scottsdale, Arizona, USA)(CCS ’14). Association for Computing Machinery, New York, NY, USA, 263–274. doi:10.1145/2660267.2660368

    work page doi:10.1145/2660267.2660368 2014

  22. [22]

    Changzhi Li, Lihai Nie, Laiping Zhao, and Keqiu Li. 2023. Robust website fin- gerprinting through resource loading sequence.World Wide Web (WWW)26, 5 (2023), 2329–2349. doi:10.1007/S11280-023-01138-2

    work page doi:10.1007/s11280-023-01138-2 2023

  23. [23]

    Dongpu Li, Qifeng Yuan, Tan Li, Shuangwu Chen, and Jian Yang. 2020. Cross- domain Network Traffic Classification Using Unsupervised Domain Adaptation. In2020 International Conference on Information Networking (ICOIN). 245–250. doi:10.1109/ICOIN48656.2020.9016470

    work page doi:10.1109/icoin48656.2020.9016470 2020

  24. [24]

    Jianfeng Li, Dongliang Wang, Yixuan Liu, Yifei Gao, Xiaorong Zhang, Zheng Lin, Xiaobo Ma, Xiapu Luo, and Xiaohong Guan. 2025. Cross-Environmental Website Fingerprinting. InIEEE INFOCOM 2025 - IEEE Conference on Computer Communications, London, United Kingdom, May 19-22, 2025. IEEE, 1–10. doi:10. 1109/INFOCOM55648.2025.11044569

    arXiv 2025

  25. [25]

    David Lopez-Paz, Léon Bottou, Bernhard Schölkopf, and Vladimir Vapnik. 2016. Unifying distillation and privileged information. In4th International Conference on Learning Representations, ICLR 2016, San Juan, Puerto Rico, May 2-4, 2016, Conference Track Proceedings, Yoshua Bengio and Yann LeCun (Eds.). http: //arxiv.org/abs/1511.03643

    Pith/arXiv arXiv 2016

  26. [26]

    Matthias Minderer, Josip Djolonga, Rob Romijnders, Frances Hubis, Xiaohua Zhai, Neil Houlsby, Dustin Tran, and Mario Lucic. 2021. Revisiting the Cali- bration of Modern Neural Networks. InAdvances in Neural Information Pro- cessing Systems 34: Annual Conference on Neural Information Processing Sys- tems 2021, NeurIPS 2021, December 6-14, 2021, virtual, Ma...

    2021

  27. [27]

    Ravi Netravali, Ameesh Goyal, James Mickens, and Hari Balakrishnan. 2016. Polaris: Faster Page Loads Using Fine-grained Dependency Tracking. In13th USENIX Symposium on Networked Systems Design and Implementation, NSDI 2016, Santa Clara, CA, USA, March 16-18, 2016, Katerina J. Argyraki and Rebecca Isaacs (Eds.). USENIX Association, 123–136. https://www.use...

    2016

  28. [28]

    Quanbo Pan, Yang Yu, Hanbing Yan, Maoli Wang, and Bingzhi Qi. 2024. ETKD: A Semi-Supervised Learning-based Knowledge Distillation Model for Encrypted Traffic Classification. In2024 IEEE International Conference on Systems, Man, and Cybernetics (SMC). 4528–4533. doi:10.1109/SMC54092.2024.10831035

    work page doi:10.1109/smc54092.2024.10831035 2024

  29. [30]

    Andriy Panchenko, Fabian Lanze, Jan Pennekamp, Thomas Engel, Andreas Zin- nen, Martin Henze, and Klaus Wehrle. 2016. Website Fingerprinting at Inter- net Scale. In23rd Annual Network and Distributed System Security Symposium, NDSS 2016, San Diego, California, USA, February 21-24, 2016. The Internet Soci- ety. http://wp.internetsociety.org/ndss/wp-content/...

    2016

  30. [31]

    Victor Le Pochat, Tom van Goethem, Samaneh Tajalizadehkhoob, Maciej Korczyn- ski, and Wouter Joosen. 2019. Tranco: A Research-Oriented Top Sites Ranking Hardened Against Manipulation. In26th Annual Network and Distributed System Security Symposium, NDSS 2019, San Diego, California, USA, February 24-27, 2019. The Internet Society. https://www.ndss-symposiu...

    2019

  31. [32]

    2020.Project X Xray-core

    Project X Community. 2020.Project X Xray-core. Accessed: 2026-04-28

    2020

  32. [33]

    Mohammad Saidur Rahman, Payap Sirinam, Nate Mathews, Kantha Girish Gan- gadhara, and Matthew Wright. 2020. Tik-Tok: The Utility of Packet Timing in Website Fingerprinting Attacks.Proc. Priv. Enhancing Technol.2020, 3 (2020), 5–24. doi:10.2478/POPETS-2020-0043

    work page doi:10.2478/popets-2020-0043 2020

  33. [34]

    Eric Rescorla, Kazuho Oku, Nick Sullivan, and Christopher A. Wood. 2025.TLS Encrypted Client Hello. Internet-Draft draft-ietf-tls-esni-25. Internet Engineering Task Force. https://datatracker.ietf.org/doc/draft-ietf-tls-esni/25/ Work in Progress

    2025

  34. [35]

    Vera Rimmer, Davy Preuveneers, Marc Juarez, Tom van Goethem, and Wouter Joosen. 2018. Automated Website Fingerprinting through Deep Learning. In25th Annual Network and Distributed System Security Symposium, NDSS 2018, San Diego, California, USA, February 18-21, 2018. The Internet Soci- ety. https://www.ndss-symposium.org/wp-content/uploads/2018/02/ndss201...

    2018

  35. [36]

    Mohammadhamed Shadbeh, Khashayar Khajavi, and Tao Wang. 2026. Reality Check for Tor Website Fingerprinting in the Open World.CoRRabs/2603.07412 (2026). arXiv:2603.07412 doi:10.48550/ARXIV.2603.07412

    work page doi:10.48550/arxiv.2603.07412 2026

  36. [37]

    2016.Shadowsocks — A fast tunnel proxy that helps you bypass firewalls

    shadowsocks.org. 2016.Shadowsocks — A fast tunnel proxy that helps you bypass firewalls. https://shadowsocks.org/

    2016

  37. [38]

    Meng Shen, Kexin Ji, Zhenbo Gao, Qi Li, Liehuang Zhu, and Ke Xu. 2023. Sub- verting Website Fingerprinting Defenses with Robust Traffic Representation. In 32nd USENIX Security Symposium (USENIX Security 23). USENIX Association, Anaheim, CA, 607–624. https://www.usenix.org/conference/usenixsecurity23/ presentation/shen-meng

    2023

  38. [39]

    Meng Shen, Jinhe Wu, Junyu Ai, Qi Li, Chenchen Ren, Ke Xu, and Liehuang Zhu. 2025. Swallow: A Transfer-Robust Website Fingerprinting Attack via Consistent Feature Learning. InProceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security, CCS 2025, Taipei, Taiwan, October 13-17, 2025, Chun-Ying Huang, Jyh-Cheng Chen, Shiuh-Pyng Shie...

    work page doi:10.1145/3719027.3744795 2025

  39. [40]

    Anatoly Shusterman, Roie David, and Yossi Oren. 2026. Understanding and addressing concept drift in website fingerprinting.Computer Networks275 (1 Feb. 2026). doi:10.1016/j.comnet.2025.111811 Publisher Copyright:©2025 The Author(s)

    work page doi:10.1016/j.comnet.2025.111811 2026

  40. [41]

    Payap Sirinam, Mohsen Imani, Marc Juarez, and Matthew Wright. 2018. Deep Fin- gerprinting: Undermining Website Fingerprinting Defenses with Deep Learning. InProceedings of the 2018 ACM SIGSAC Conference on Computer and Commu- nications Security, CCS 2018, Toronto, ON, Canada, October 15-19, 2018, David Lie, Mohammad Mannan, Michael Backes, and XiaoFeng Wa...

    work page doi:10.1145/3243734.3243768 2018

  41. [42]

    Payap Sirinam, Nate Mathews, Mohammad Saidur Rahman, and Matthew Wright

  42. [43]

    Triplet Fingerprinting: More Practical and Portable Website Fingerprinting with N-shot Learning. InProceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, CCS 2019, London, UK, November 11-15, 2019, Lorenzo Cavallaro, Johannes Kinder, XiaoFeng Wang, and Jonathan Katz (Eds.). ACM, 1131–1148. doi:10.1145/3319535.3354217

    work page doi:10.1145/3319535.3354217 2019

  43. [44]

    2023.Trojan Documentation — trojan-gfw.github.io

    trojan-gfw. 2023.Trojan Documentation — trojan-gfw.github.io. Accessed: 2026- 04-28

    2023

  44. [45]

    Vladimir Vapnik and Rauf Izmailov. 2015. Learning using privileged information: similarity control and knowledge transfer.J. Mach. Learn. Res.16 (2015), 2023–

    2015

  45. [46]

    doi:10.5555/2789272.2886814

    work page doi:10.5555/2789272.2886814

  46. [47]

    Vladimir Vapnik and Akshay Vashist. 2009. A new learning paradigm: Learning using privileged information.Neural Networks22, 5-6 (2009), 544–557. doi:10. 1016/J.NEUNET.2009.06.042

    2009

  47. [48]

    Gomez, Łukasz Kaiser, and Illia Polosukhin

    Ashish Vaswani, Noam Shazeer, Niki Parmar, Jakob Uszkoreit, Llion Jones, Aidan N. Gomez, Łukasz Kaiser, and Illia Polosukhin. 2017. Attention is all you need. InProceedings of the 31st International Conference on Neural Information Processing Systems(Long Beach, California, USA)(NIPS’17). Curran Associates Inc., Red Hook, NY, USA, 6000–6010

    2017

  48. [49]

    Dequan Wang, Evan Shelhamer, Shaoteng Liu, Bruno Olshausen, and Trevor Darrell. 2021. Tent: Fully Test-Time Adaptation by Entropy Minimization. In International Conference on Learning Representations. https://openreview.net/ forum?id=uXl3bZLkr3c

    2021

  49. [50]

    Tao Wang, Xiang Cai, Rishab Nithyanand, Rob Johnson, and Ian Goldberg

  50. [51]

    In Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, USA, Au- gust 20-22, 2014, Kevin Fu and Jaeyeon Jung (Eds.)

    Effective Attacks and Provable Defenses for Website Fingerprinting. In Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, USA, Au- gust 20-22, 2014, Kevin Fu and Jaeyeon Jung (Eds.). USENIX Association, 143–

    2014

  51. [52]

    https://www.usenix.org/conference/usenixsecurity14/technical-sessions/ presentation/wang_tao

  52. [53]

    Xiao Sophia Wang, Aruna Balasubramanian, Arvind Krishnamurthy, and David Wetherall. 2013. Demystifying Page Load Performance with WProf. In10th USENIX Symposium on Networked Systems Design and Implementation (NSDI 13). USENIX Association, Lombard, IL, 473–485. https://www.usenix.org/conference/ nsdi13/technical-sessions/presentation/wang_xiao

    2013

  53. [54]

    Yi Xie, Jiahao Feng, Wenju Huang, Yixi Zhang, Xueliang Sun, Xiaochou Chen, and Xiapu Luo. 2024. Contrastive Fingerprinting: A Novel Website Fingerprinting Attack over Few-shot Traces. InProceedings of the ACM on Web Conference 2024, WWW 2024, Singapore, May 13-17, 2024, Tat-Seng Chua, Chong-Wah Ngo, Ravi Kumar, Hady W. Lauw, and Roy Ka-Wei Lee (Eds.). ACM...

    arXiv 2024

  54. [55]

    Chen Xu, Quan Li, Junfeng Ge, Jinyang Gao, Xiaoyong Yang, Changhua Pei, Fei Sun, Jian Wu, Hanxiao Sun, and Wenwu Ou. 2020. Privileged Features Distillation at Taobao Recommendations. InProceedings of the 26th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining(Virtual Event, CA, USA)(KDD ’20). Association for Computing Machinery, New ...

    work page doi:10.1145/3394486.3403309 2020

  55. [56]

    Guoqiang Zhang, Jiahao Cao, Mingwei Xu, and Xinhao Deng. 2023. Unsupervised and Adaptive Tor Website Fingerprinting. InInternational Conference on Security and Privacy in Communication Systems. Springer, 209–229

    2023

  56. [57]

    Hongcheng Zou, Jinshu Su, Ziling Wei, Shuhui Chen, and Baokang Zhao. 2022. An efficient cross-domain few-shot website fingerprinting attack with Brow- nian distance covariance.Comput. Networks219 (2022), 109461. doi:10.1016/J. COMNET.2022.109461 A Open Science Research artifacts have been de-identified for double-blind review and are hosted at: https://gi...

    work page doi:10.1016/j 2022