Empirical Analysis of Remote Keystroke Inference Attacks and Defenses on Incremental Search

Incremental search provides real-time suggestions as users type their queries. However, recent studies demonstrate that its encrypted search traffic can disclose privacy-sensitive data through side channels. Specifically, attackers can derive information about user keystrokes from observable traffic features, like packet sizes, timings, and directions, thereby inferring the victim's entered search query. This vulnerability is known as a remote keystroke inference attack. While various attacks leveraging different traffic features have been developed, accompanied by obfuscation-based countermeasures, there is still a lack of overall and in-depth understanding regarding these attacks and defenses. To fill this gap, we conduct the first comprehensive evaluation of existing remote keystroke inference attacks and defenses. We carry out extensive experiments on five well-known incremental search websites, all listed in Alexa's top 50, to evaluate and compare their real-world performance. The results demonstrate that attacks utilizing multidimensional request features pose the greatest risk to user privacy, and random padding is currently considered the optimal defense balancing both efficacy and resource demands. Our work sheds light on the real-world implications of remote keystroke inference attacks and provides developers with guidelines to enhance privacy protection strategies.