Cluster‐analysis attack against a PRivAte Web solution (PRAW)

Yuval Elovici, Bracha Shapira, Adlay Meshiach

Online Information Review 30 (6), 624-643, 2006

The purpose of this paper is to prove the ability of PRivAte Web (PRAW) – a system for private web browsing – to stand possible attacks.Attacks on the systems were simulated, manipulating systems variables. A privacy measure was defined to evaluate the capability of the systems to stand the attacks. Analysis of results was performed.It was shown that, even if the attack is optimised to provide the attacker’s highest utility, the similarity between the user profile and the approximated profile is pretty low and does not enable the eavesdropper to derive an accurate estimation of the user profile.One limitation is the “cold start” problem – in the current version, an observer might detect the first transaction, which is always a real user transaction. As a remedy for this problem, the first transaction will be randomly delayed and a random …