Alibi Routing. D. Levin, Y. Lee, L. Valenta Z. Li, V. Lai, C. Lumezanu N. Spring, B. Bhattacharjee SIGCOMM 2015
|
|
- Alannah Wood
- 5 years ago
- Views:
Transcription
1 Alibi Routing D. Levin, Y. Lee, L. Valenta Z. Li, V. Lai, C. Lumezanu N. Spring, B. Bhattacharjee SIGCOMM 2015
2 Sniff sniff State agencies censor and log citizens internet traffic Abundant in certain regions China Syria North Korea Saudi Arabia Bahrain Iran Vietnam
3 Censor-avoidance Censorship and Surveillance Dropping packets Injecting data into packets Logging packets Routing protocols often don t consider intermediate nodes Traffic can route through geographic region which might inject data into packet Data integrity Nations may log routing info + drop packets
4 Users lack control over routing Mostly relegated to destination-based routing Send to 4
5 Users lack control over routing Collateral damage of censorship Send to Censor-free Censor-free Censoring country Encryption (HTTPS) Anonymity (Tor) Hide info, but are still subject to censorship 5
6 This paper Provable avoidance routing Send to but avoid Censor-free Censor-free Censoring country 6
7 Probably route avoidance goals Flexibility Users request their traffic to avoid transiting arbitrary geographic regions Without having to know underlying routes Proof Provide proofs of avoidance Goal: proof that it did not traverse Non-goal: proof that it cannot traverse Unadulterated roundtrip of communication Assurance of reliable communication, just a proof that it didn t enter the region AFTER transmission 7
8 Past Approaches BGP Poisoning (avoidance) Failure prone regions blacklisted in BGP Tor (other overlay systems) Anonymized Internet usage May pass through censored region when going between hops Geographical routing Greedy routing, no avoidance Some systems provide means to monitor regions visited, but no insurance/proof that certain places were not visited
9 Proof of avoidance Proving something did not happen is difficult Proving something related cannot possibly happen is less difficult How do you prove packet did not go through forbidden region? Consider event X depicting a situation in which a packet traverses through a forbidden region Consider event A depicting a situation where a packet does not traverse through a forbidden region A and X are mutually exclusive Showing X is impossible, authors show A is true
10 Mutually exclusive routing events The event X we wish to prove impossible A packet and its response from s to d transited forbidden region F We need To know a subset of the path that the packet took Forward a packet through a relay node r - r signs the packet and thus if r can be trusted not to have shared its key, then this proves that the packet must have gone through r For any possible path that includes s, r and d, the packets could not have also gone through F Key idea choose a relay that is so distant from F that transmitting both would induce noticeable high delays
11 Relay Guarantees Given path s è r èd with an RTT rtt_time Calculate RTT through s, r, and d AND the closest possible f to be rtt_forbidden If rtt_time is a factor of delta smaller than rtt_forbidden, initial path could not have possibly traversed f R(s,r)+R(r, d) R(s,r)+min f2f R(s, r) min f2f {R(r, f)+r(f,d)} {R(s, f)+r(f,r)} (1) d d f F F f s r s r
12 Assumptions All non-forbidden nodes are trustworthy Nodes cannot lie about smaller RTTs Based on various signing schemes, returned packet will show all (trustworthy) nodes it traversed
13 Terminology and definitions Forbidden Region Geographical location that should not be entered Represented by a list of <lat, long> coordinates depicting a geopolygon Alibi Relay that can be safely used to divert traffic around forbidden region Picked such that passing through Alibi AND forbidden region will cause noticeable delay increase Target regions Regions in which Alibis might reside Aid in locating Alibi δ (delta) Coefficient to ensure safety under latency fluctuations Used to determine target regions
14 Targeting the target region Alibi Routing consists of an overlay network of P2P nodes, each with coarse GPS coords Target region contains Alibi node A node at GPS coordinate g is included in target region if it satisfies the alibi conditions discussed (1 + ) D(s, g) < min f2f (1 + ) D(g, d) < min f2f {D(s, f)+d(f,g)}, and {D(g, f)+d(f,d)} (2) Authors partition world into grid of points For each point, consider it as g, calculate δ threshold All calculations based on greater-circle distance
15 Target region based on δ Example target regions, with end-hosts in Italy and Norway who seek to avoid Germany Contours represent different values of δ
16 Alibi, where art thou? When a source node s wishes to find alibis, it constructs and forwards a query message, <s, d, F, T> Each node keeps an active peer list and a neighbor list Occasionally sends out random nonces to get neighbors GPS coords Ping responses come with correct RTT as nonce is random and thus response cannot be preconstructed Each hop from source tries to minimize distance to target region
17 Security Concerns Time/distance calculations prevent underselling of RTT from malicious nodes Eclipse attack: surround node with all malicious nodes Requires attack nodes to be physically close to trustworthy nodes Algorithm should route hops away from forbidden regions Sending data copies to attackers End to end encryption can solve this, otherwise, nothing would effectively prevent this Laundering traffic: using relays to attack hosts Similar approach as to other systems, whitelisting, solutions exist
18 Evaluation Authors simulated deployment of 20,000 nodes and PlanetLab simulation of 245 hosts Enemies of the Internet labeled as forbidden regions + countries with most Internet users (USA, India, Japan) Most source-destination pairs successful 100 percent Path exists to a relay in the target region Source is in target region No path to target region No hosts in target region No target region China India Japan PR Korea Saudi Arabia Syria USA
19 Evaluation Protocol success using simulation and PlanetLab deployment showed almost 100% success in most δ value cases Due to limited PlanetLab deployment, at most 2 hops were needed to find relay. Around 40 in simulation.
20 Proximity effects on target regions Number of nodes in target region (b) China is the forbidden region. Number of nodes in target region Effect of source/destination distance on the number of nodes deployment in the target region nodes.) in the target region. (Simulated of 20, δ = 0.0 δ = 0.5 δ = China is forbidden region ) Min distance between src to F and dst to F (103 km) China when is the forbidden region. Failure is(b)likely source or destination areinvery close to the forbidden regionof the mber of nodes the target region. The x-axis is the minimum 20
21 Other results Routes through alibis incur little increase in latency Sometimes even lower latencies Alibi Routing incurs little communication overhead Countries with higher routing centrality are harder, but not impossible, to avoid Provable avoidance is possible safely and efficiently 21
22 Summary Provable avoidance routing Users to specify where they want their packets not to go Proof by alibi makes it possible to provably avoid arbitrary geographic regions without ISP/BGP support Alibi Routing finds potential alibis Successfully, so long as src/dst not too close At low cost in terms of latency inflation Code and data: alibi.cs.umd.edu 22
23 Other comments Current implementation has to be manually configured Does not tackle various downsides of the algorithm, for example being surrounded by forbidden region or having several forbidden regions, or failure cases where alibis incur too much of a latency to be effective Authors mention Alibi routing can be used in tandem with Tor, which should be very beneficial to both technologies P2P design requires lots of nodes to be online/active
DeTor: Provably Avoiding Geographic Regions in Tor
DeTor: Provably Avoiding Geographic Regions in Tor Zhihao Li, Stephen Herwig, and Dave Levin University of Maryland Abstract Large, routing-capable adversaries such as nationstates have the ability to
More informationProving the Impossible with Alibi Protocols
Proving the Impossible with Alibi Protocols Dave Levin Victoria Lai, Cristian Lumezanu, Neil Spring, Bobby Bhattacharjee, Bo Han, John Douceur, Jacob Lorch, Thomas Moscibroda Uncooperative behavior Cooperation
More informationInternet Anycast: Performance, Problems and Potential
Internet Anycast: Performance, Problems and Potential Zhihao Li, Dave Levin, Neil Spring, Bobby Bhattacharjee University of Maryland 1 Anycast is increasingly used DNS root servers: All 13 DNS root servers
More informationWireless Network Security Spring 2014
Wireless Network Security 14-814 Spring 2014 Patrick Tague Class #16 Network Privacy & Anonymity 2014 Patrick Tague 1 Network Privacy Issues Network layer interactions in wireless networks often expose
More informationPort-Scanning Resistance in Tor Anonymity Network. Presented By: Shane Pope Dec 04, 2009
Port-Scanning Resistance in Tor Anonymity Network Presented By: Shane Pope (Shane.M.Pope@gmail.com) Dec 04, 2009 In partial fulfillment of the requirements for graduation with the Dean's Scholars Honors
More informationWireless Network Security Spring 2013
Wireless Network Security 14-814 Spring 2013 Patrick Tague Class #19 Location Privacy & Tracking Agenda Location privacy and tracking Implications / risks of location information Location privacy and anonymity
More informationInterdomain Routing Design for MobilityFirst
Interdomain Routing Design for MobilityFirst October 6, 2011 Z. Morley Mao, University of Michigan In collaboration with Mike Reiter s group 1 Interdomain routing design requirements Mobility support Network
More informationVivaldi: : A Decentralized Network Coordinate System
Vivaldi: : A Decentralized Network Coordinate System Frank Dabek, Russ Cox, Frans Kaashoek, Robert Morris MIT CSAIL Presenter: Yi-Chao Chen 1 Introduction Design Issues Idea Algorithm Evaluation Model
More informationLecture 13: Routing in multihop wireless networks. Mythili Vutukuru CS 653 Spring 2014 March 3, Monday
Lecture 13: Routing in multihop wireless networks Mythili Vutukuru CS 653 Spring 2014 March 3, Monday Routing in multihop networks Figure out a path from source to destination. Basic techniques of routing
More informationanonymous routing and mix nets (Tor) Yongdae Kim
anonymous routing and mix nets (Tor) Yongdae Kim Significant fraction of these slides are borrowed from CS155 at Stanford 1 q Why? Anonymous web browsing 1. Discuss health issues or financial matters anonymously
More informationthis security is provided by the administrative authority (AA) of a network, on behalf of itself, its customers, and its legal authorities
INFRASTRUCTURE SECURITY this security is provided by the administrative authority (AA) of a network, on behalf of itself, its customers, and its legal authorities Goals * prevent or mitigate resource attacks
More informationTelex Anticensorship in the Network Infrastructure
Telex Anticensorship in the Network Infrastructure Eric Wustrow Scott Wolchok Ian Goldberg * J. Alex Halderman University of Michigan *University of Waterloo In Proceedings of the 20 th USENIX Security
More informationData Communication. Guaranteed Delivery Based on Memorization
Data Communication Guaranteed Delivery Based on Memorization Motivation Many greedy routing schemes perform well in dense networks Greedy routing has a small communication overhead Desirable to run Greedy
More informationAnonymous Communication and Internet Freedom
Anonymous Communication and Internet Freedom CS 161: Computer Security Prof. David Wagner May 2, 2013 Goals For Today State-sponsored adversaries Anonymous communication Internet censorship State-Sponsored
More informationAnonymous Communication and Internet Freedom
Anonymous Communication and Internet Freedom CS 161: Computer Security Prof. David Wagner April 29, 2016 Announcements Final exam in RSF Fieldhouse, 5/10, arrive by 7PM HW4 due Monday, 5/2, 11:59pm Review
More informationApproximately Uniform Random Sampling in Sensor Networks
Approximately Uniform Random Sampling in Sensor Networks Boulat A. Bash, John W. Byers and Jeffrey Considine Motivation Data aggregation Approximations to COUNT, SUM, AVG, MEDIAN Existing work does not
More informationChallenges in building overlay networks: a case study of Tor. Steven Murdoch Principal Research Fellow University College London
Challenges in building overlay networks: a case study of Steven Murdoch Principal Research Fellow University College London Who uses? Ordinary people e.g. to avoid unscrupulous marketers, protect children,
More informationCarnegie Mellon Computer Science Department Spring 2015 Midterm Exam
Carnegie Mellon Computer Science Department. 15-744 Spring 2015 Midterm Exam Name: Andrew ID: INSTRUCTIONS: There are 7 pages (numbered at the bottom). Make sure you have all of them. Please write your
More informationTopic 3 part 2 Traffic analysis; Routing Attacks &Traffic Redirection Fourth Stage
3-2 Routing attack To understand hoe the router works, click on http://www.mustbegeek.com/types-of-router-attacks/ Types of Router Attacks 1. Denial of Service attacks: The DoS attack is done by the attacker
More informationVeracity: Practical Secure Network Coordinates via Vote-Based Agreements
Veracity: Practical Secure Network Coordinates via Vote-Based Agreements Micah Sherr, Matt Blaze, and Boon Thau Loo University of Pennsylvania USENIX Technical June 18th, 2009 1 Network Coordinate Systems
More informationTelex Anticensorship in the
Telex Anticensorship in the Network Infrastructure Eric Wustrow Ian Goldberg * Scott Wolchok J. Alex Halderman University of Michigan University of Michigan * University of Waterloo Background Internet
More informationMobile ad hoc networks Various problems and some solutions
Mobile ad hoc networks Various problems and some solutions Humayun Bakht School of Computingand Mathematical Sciences Liverpool John Mores University Email:humayunbakht@yahoo.co.uk Main Focus Problems
More informationVirtual Multi-homing: On the Feasibility of Combining Overlay Routing with BGP Routing
Virtual Multi-homing: On the Feasibility of Combining Overlay Routing with BGP Routing Zhi Li, Prasant Mohapatra, and Chen-Nee Chuah University of California, Davis, CA 95616, USA {lizhi, prasant}@cs.ucdavis.edu,
More informationXbox360 matchmaking & predictions
Sharad Agarwal Chris Butcher (bungie) Youngki Lee (intern) Jitu Padhye (microsoft research) (microsoft research) Xbox360 matchmaking & predictions Xbox360 Internet games most games P2P Xbox Live server
More informationCS4450. Computer Networks: Architecture and Protocols. Lecture 15 BGP. Spring 2018 Rachit Agarwal
CS4450 Computer Networks: Architecture and Protocols Lecture 15 BGP Spring 2018 Rachit Agarwal Autonomous System (AS) or Domain Region of a network under a single administrative entity Border Routers Interior
More informationAn Extensive Evaluation of the Internet s Open Proxies
An Extensive Evaluation of the Internet s Open Proxies Akshaya Mani Georgetown University Tavish Vaidya Georgetown University David Dworken Northeastern University Micah Sherr Georgetown University *Co-first
More informationCSE 123: Computer Networks
CSE 123: Computer Networks Homework 3 Out: 11/19 Due: 11/26 Instructions 1. Turn in a physical copy at the beginning of the class on 11/26 2. Ensure the HW cover page has the following information clearly
More informationProtocol for Tetherless Computing
Protocol for Tetherless Computing S. Keshav P. Darragh A. Seth S. Fung School of Computer Science University of Waterloo Waterloo, Canada, N2L 3G1 1. Introduction Tetherless computing involves asynchronous
More informationPeer-to-peer computing research a fad?
Peer-to-peer computing research a fad? Frans Kaashoek kaashoek@lcs.mit.edu NSF Project IRIS http://www.project-iris.net Berkeley, ICSI, MIT, NYU, Rice What is a P2P system? Node Node Node Internet Node
More informationModule: Routing Security. Professor Patrick McDaniel Spring CMPSC443 - Introduction to Computer and Network Security
CMPSC443 - Introduction to Computer and Network Security Module: Routing Security Professor Patrick McDaniel Spring 2009 1 Routing 101 Network routing exists to provide hosts desirable paths from the source
More informationLECTURE 9. Ad hoc Networks and Routing
1 LECTURE 9 Ad hoc Networks and Routing Ad hoc Networks 2 Ad Hoc Networks consist of peer to peer communicating nodes (possibly mobile) no infrastructure. Topology of the network changes dynamically links
More informationDifferentiating Link State Advertizements to Optimize Control Overhead in Overlay Networks
Differentiating Link State Advertizements to Optimize Control Overhead in Overlay Networks Mathieu Bouet, Julien Boite, Jérémie Leguay and Vania Conan Thales Communications & Security, Paris, France Abstract
More informationSDN-based Network Obfuscation. Roland Meier PhD Student ETH Zürich
SDN-based Network Obfuscation Roland Meier PhD Student ETH Zürich This Talk This thesis vs. existing solutions Alice Bob source: Alice destination: Bob Hi Bob, Hi Bob, Payload encryption ǾǼōĦ
More informationVivaldi Practical, Distributed Internet Coordinates
Vivaldi Practical, Distributed Internet Coordinates Frank Dabek Russ Cox Robert Morris Frans Kaashoek Computer Science and Artificial Intelligence Lab Massachusetts Institute of Technology ACM SIGCOMM
More informationImpact of Network Topology on Anonymity and Overhead in Low-Latency Anonymity Networks
Impact of Network Topology on Anonymity and Overhead in Low-Latency Anonymity Networks Claudia Diaz 1, Steven J. Murdoch 2, Carmela Troncoso 1 1 K.U.Leuven, ESAT/COSIC 2 University of Cambridge / The Tor
More informationPractical Anonymity for the Masses with MorphMix
Practical Anonymity for the Masses with MorphMix Marc Rennhard, Bernhard Plattner () Financial Cryptography 2004 12 th February 2004 http://www.tik.ee.ethz.ch/~morphmix Overview Circuit-based mix networks
More informationSybil Attack Detection in Mobile Adhoc Network
Sybil Attack Detection in Mobile Adhoc Network 469 1 Yamini D. Malkhede, 2 Purnima Selokar 1 Department of CSE, G. H. Raisoni Institute of Engineering &Technology for Women, Nagpur, Maharashtra, India
More informationDetecting and Blocking Encrypted Anonymous Traffic using Deep Packet Inspection
Detecting and Blocking Encrypted Anonymous Traffic using Deep Packet Inspection Parita Chandrakant Parekh 1, Prof. Jayshree Upadhyay 2 1 PG Scholar, ITSNS, GTU PG SCHOOL, Gujarat, India 2 Assistant Professor,
More informationFrom Routing to Traffic Engineering
1 From Routing to Traffic Engineering Robert Soulé Advanced Networking Fall 2016 2 In the beginning B Goal: pair-wise connectivity (get packets from A to B) Approach: configure static rules in routers
More informationRouting Security* CSE598K/CSE545 - Advanced Network Security Prof. McDaniel - Spring * Thanks to Steve Bellovin for slide source material.
Routing Security* CSE598K/CSE545 - Advanced Network Security Prof. McDaniel - Spring 2008 * Thanks to Steve Bellovin for slide source material. 1 Routing 101 Network routing exists to provide hosts desirable
More informationVivaldi: A Decentralized Network Coordinate System. Authors: Frank Dabek, Russ Cox, Frans Kaashoek, Robert Morris MIT. Published at SIGCOMM 04
Vivaldi: A Decentralized Network Coordinate System Authors: Frank Dabek, Russ Cox, Frans Kaashoek, Robert Morris MIT Published at SIGCOMM 04 Presented by: Emmanouel Kyriakakis Key tool: Synthetic Coordinates
More informationANONYMOUS CONNECTIONS AND ONION ROUTING
I J C I T A E Serials Publications 6(1) 2012 : 31-37 ANONYMOUS CONNECTIONS AND ONION ROUTING NILESH MADHUKAR PATIL 1 AND CHELPA LINGAM 2 1 Lecturer, I. T. Dept., Rajiv Gandhi Institute of Technology, Mumbai
More informationENHANCED INTERIOR GATEWAY ROUTING PROTOCOL STUB ROUTER FUNCTIONALITY
APPLICATION NOTE ENHANCED INTERIOR GATEWAY ROUTING PROTOCOL STUB ROUTER FUNCTIONALITY OVERVIEW Enhanced Interior Gateway Routing Protocol (EIGRP).Stub Router functionality, which Cisco introduced in Cisco
More informationVivaldi Practical, Distributed Internet Coordinates
Vivaldi Practical, Distributed Internet Coordinates Russ Cox, Frank Dabek, Frans Kaashoek, Robert Morris, and many others rsc@mit.edu Computer Science and Artificial Intelligence Lab Massachusetts Institute
More informationThe Collateral Damage of Internet Censorship by DNS Injection
The Collateral Damage of Internet Censorship by DNS Injection Anonymous presented by Philip Levis 1 Basic Summary Great Firewall of China injects DNS responses to restrict access
More informationWhat's the buzz about HORNET?
1 What's the buzz about HORNET? 2 You've probably all seen the news "Internet-scale anonymity" "Without sacrificing security, the network supports data transfer speeds of up to 93GBps" "can be scaled at
More informationA Case For OneSwarm. Tom Anderson University of Washington.
A Case For OneSwarm Tom Anderson University of Washington http://oneswarm.cs.washington.edu/ With: Jarret Falkner, Tomas Isdal, Alex Jaffe, John P. John, Arvind Krishnamurthy, Harsha Madhyastha and Mike
More informationSecure Routing in Wireless Sensor Networks: Attacks and Countermeasures
Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures By Chris Karlof and David Wagner Lukas Wirne Anton Widera 23.11.2017 Table of content 1. Background 2. Sensor Networks vs. Ad-hoc
More informationThe State of Mobile Advertising Q2 2012
Q2 2012 Executive summary In our first edition of the State of Mobile Advertising report, we take an in-depth look at the monetization of mobile advertising from four perspectives within the ad delivery
More informationDNS Security. Ch 1: The Importance of DNS Security. Updated
DNS Security Ch 1: The Importance of DNS Security Updated 8-21-17 DNS is Essential Without DNS, no one can use domain names like ccsf.edu Almost every Internet communication begins with a DNS resolution
More informationArvind Krishnamurthy Fall 2003
Overlay Networks Arvind Krishnamurthy Fall 003 Internet Routing Internet routing is inefficient: Does not always pick the lowest latency paths Does not always pick paths with low drop rates Experimental
More informationRAPTOR: Routing Attacks on Privacy in Tor. Yixin Sun. Princeton University. Acknowledgment for Slides. Joint work with
RAPTOR: Routing Attacks on Privacy in Tor Yixin Sun Princeton University Joint work with Annie Edmundson, Laurent Vanbever, Oscar Li, Jennifer Rexford, Mung Chiang, Prateek Mittal Acknowledgment for Slides
More informationCE693: Adv. Computer Networking
CE693: Adv. Computer Networking L-10 Wireless Broadcast Fall 1390 Acknowledgments: Lecture slides are from the graduate level Computer Networks course thought by Srinivasan Seshan at CMU. When slides are
More informationRealtime Multimedia in Presence of Firewalls and Network Address Translation
Realtime Multimedia in Presence of Firewalls and Network Address Translation Knut Omang Ifi/Oracle 9 Oct, 2017 1 Overview Real-time multimedia and connectivity Mobile users (roaming between devices) or
More informationOverlay Networks. Behnam Momeni Computer Engineering Department Sharif University of Technology
CE443 Computer Networks Overlay Networks Behnam Momeni Computer Engineering Department Sharif University of Technology Acknowledgments: Lecture slides are from Computer networks course thought by Jennifer
More informationAnonymity With Tor. The Onion Router. July 5, It s a series of tubes. Ted Stevens. Technische Universität München
Anonymity With Tor The Onion Router Nathan S. Evans Christian Grothoff Technische Universität München July 5, 2012 It s a series of tubes. Ted Stevens Overview What is Tor? Motivation Background Material
More informationSpecification-based Intrusion Detection. Michael May CIS-700 Fall 2004
Specification-based Intrusion Detection Michael May CIS-700 Fall 2004 Overview Mobile ad hoc networking (MANET) new area of protocols Some old networking solutions work (TCP/IP) but things change with
More informationRealtime Multimedia in Presence of Firewalls and Network Address Translation. Knut Omang Ifi/Oracle 9 Nov, 2015
Realtime Multimedia in Presence of Firewalls and Network Address Translation Knut Omang Ifi/Oracle 9 Nov, 2015 1 Overview Real-time multimedia and connectivity Mobile users (roaming between devices) or
More informationPrivCount: A Distributed System for Safely Measuring Tor
PrivCount: A Distributed System for Safely Measuring Tor Rob Jansen Center for High Assurance Computer Systems Invited Talk, October 4 th, 2016 University of Oregon Department of Computer and Information
More informationTDTS04 Computer networks and distributed systems Final Exam: 14:00-18:00, Thursday, March 20, 2014
(TEN1) Final Examination: 14:00-18:00, Thursday, August 20, 2014 Time: 240 minutes Total Marks: 40 Grade Requirements: three (20/40); four (28/40); and five (36/40). Assistance: None (closed book, closed
More informationKoNKS: Konsensus-style Network Koordinate System
KoNKS: Konsensus-style Network Koordinate System Eric Chan-Tin Oklahoma State University 218 MSCS, Stillwater, OK 74074 chantin@cs.okstate.edu Nicholas Hopper University of Minnesota 200 Union Street SE,
More informationHiding Amongst the Clouds
Hiding Amongst the Clouds A Proposal for Cloud-based Onion Routing Nicholas Jones Matvey Arye Jacopo Cesareo Michael J. Freedman Princeton University https://www.torproject.org/about/overview.html We and
More informationFeatures of a proxy server: - Nowadays, by using TCP/IP within local area networks, the relaying role that the proxy
Que: -Proxy server Introduction: Proxy simply means acting on someone other s behalf. A Proxy acts on behalf of the client or user to provide access to a network service, and it shields each side from
More informationTor. Tor Anonymity Network. Tor Basics. Tor Basics. Free software that helps people surf on the Web anonymously and dodge censorship.
Tor Tor Anonymity Network Free software that helps people surf on the Web anonymously and dodge censorship. CS 470 Introduction to Applied Cryptography Ali Aydın Selçuk Initially developed at the U.S.
More informationEZR: Enhanced Zone Based Routing In Manet
EZR: Enhanced Zone Based Routing In Manet Bency Wilson 1, Geethu Bastian 2, Vinitha Ann Regi 3, Arun Soman 4 Department of Information Technology, Rajagiri School of Engineering and Technology, Rajagiri
More informationAnonymity With Tor. The Onion Router. July 21, Technische Universität München
The Onion Router Nathan S. Evans Christian Grothoff Technische Universität München July 21, 2011 Overview What is Tor? Motivation Background Material How Tor Works Hidden Services Attacks Specific Attack
More informationNamed Data Networking (NDN) CLASS WEB SITE: NDN. Introduction to NDN. Updated with Lecture Notes. Data-centric addressing
CLASS WEB SITE: http://upmcsms.weebly.com/ Updated with Lecture Notes Named Data Networking (NDN) Introduction to NDN Named Data Networking (NDN) IP NDN Host-centric addressing Data-centric addressing
More informationSafely Measuring Tor. Rob Jansen U.S. Naval Research Laboratory Center for High Assurance Computer Systems
Safely Measuring Tor Safely Measuring Tor, Rob Jansen and Aaron Johnson, In the Proceedings of the 23rd ACM Conference on Computer and Communication Security (CCS 2016). Rob Jansen Center for High Assurance
More informationScaling All-Pairs Overlay Routing
Scaling All-Pairs Overlay Routing David Sontag, Yang Zhang, Amar Phanishayee, David G. Andersen, David Karger Massachusetts Institute of Technology, Carnegie Mellon University ABSTRACT This paper presents
More informationAnonymity and Privacy
Computer Security Spring 2008 Anonymity and Privacy Aggelos Kiayias University of Connecticut Anonymity in networks Anonymous Credentials Anonymous Payments Anonymous E-mail and Routing E-voting Group,
More informationIntroduction to Tor. January 20, Secure Web Browsing and Anonymity. Tor Mumbai Meetup, Sukhbir Singh
Introduction to Tor Secure Web Browsing and Anonymity Tor Mumbai Meetup, 2018 Sukhbir Singh sukhbir@torproject.org January 20, 2018 Before We Begin... 2 / 18 Before We Begin... Understand your threat model
More informationShadow: Real Applications, Simulated Networks. Dr. Rob Jansen U.S. Naval Research Laboratory Center for High Assurance Computer Systems
Shadow: Real Applications, Simulated Networks Dr. Rob Jansen Center for High Assurance Computer Systems Cyber Modeling and Simulation Technical Working Group Mark Center, Alexandria, VA October 25 th,
More informationDeanonymizing Tor. Colorado Research Institute for Security and Privacy. University of Denver
Deanonymizing Tor Nathan S. Evans Nathan.S.Evans@du.edu Christian Grothoff christian@grothoff.org Colorado Research Institute for Security and Privacy University of Denver 1 Motivation Tor is probably
More informationSaaS Providers. ThousandEyes for. Summary
USE CASE ThousandEyes for SaaS Providers Summary With Software-as-a-Service (SaaS) applications rapidly replacing onpremise solutions, the onus of ensuring a great user experience for these applications
More informationTrisul Network Analytics - Traffic Analyzer
Trisul Network Analytics - Traffic Analyzer Using this information the Trisul Network Analytics Netfllow for ISP solution provides information to assist the following operation groups: Network Operations
More informationWireless Network Security Spring 2011
Wireless Network Security 14-814 Spring 2011 Patrick Tague Jan 18, 2011 Class #3 Wireless vulnerabilities and threats Announcement: Agenda 6 remaining survey slots, 12 students yet to sign up Vulnerabilities,
More informationNetwork Security - ISA 656 Routing Security
Network Security - ISA 656 Angelos Stavrou December 4, 2007 What is? What is Routing Security? History of Routing Security Why So Little Work? How is it Different? The Enemy s Goal? Bad guys play games
More informationPeer-to-Peer Systems and Security
Peer-to-Peer Systems and Security Attacks! Christian Grothoff Technische Universität München April 13, 2013 Salsa & AP3 Goal: eliminate trusted blender server Idea: Use DHT (AP3: Pastry, Salsa: custom
More informationCopyright 2004 OCCAID. All rights reserved.
Copyright 2004 OCCAID. All rights reserved. Basic overview of OCCAID (who we are and what we are doing with IPv6..). Today s problem with the IPv6 internet. OCCAID s approach to IPv6 BGP Policies OCCAID
More informationUDP NAT Traversal. CSCI-4220 Network Programming Spring 2015
UDP NAT Traversal CSCI-4220 Network Programming Spring 2015 What is NAT Traversal? NAT traversal means establishing a connection between two hosts when one or both is behind NAT. Many of today s network
More informationIntroduction to Peer-to-Peer Systems
Introduction Introduction to Peer-to-Peer Systems Peer-to-peer (PP) systems have become extremely popular and contribute to vast amounts of Internet traffic PP basic definition: A PP system is a distributed
More informationThousandEyes for. Application Delivery White Paper
ThousandEyes for Application Delivery White Paper White Paper Summary The rise of mobile applications, the shift from on-premises to Software-as-a-Service (SaaS), and the reliance on third-party services
More informationNetwork Security. Thierry Sans
Network Security Thierry Sans HTTP SMTP DNS BGP The Protocol Stack Application TCP UDP Transport IPv4 IPv6 ICMP Network ARP Link Ethernet WiFi The attacker is capable of confidentiality integrity availability
More informationIntroduction to Traffic Analysis. George Danezis University of Cambridge, Computer Laboratory
Introduction to Traffic Analysis George Danezis University of Cambridge, Computer Laboratory Outline Introduction to anonymous communications Macro-level Traffic Analysis Micro-level Traffic Analysis P2P
More informationProving the Impossible: Provable Route Avoidance using Alibi Routing
Proving the Impossible: Provable Route Avoidance using Alibi Routing Victoria Lai, Dave Levin University of Maryland CMSC499A May 8, 23 Abstract We introduce route avoidance using alibi routing, in which
More informationTBGP: A more scalable and functional BGP. Paul Francis Jan. 2004
TBGP: A more scalable and functional BGP Paul Francis Jan. 2004 BGP: Border Gateway Protocol BGP is the top-level routing protocol in the Internet It holds the Internet together BGP allows routers to tell
More informationA SIMPLE INTRODUCTION TO TOR
A SIMPLE INTRODUCTION TO TOR The Onion Router Fabrizio d'amore May 2015 Tor 2 Privacy on Public Networks Internet is designed as a public network Wi-Fi access points, network routers see all traffic that
More informationTor: Online anonymity, privacy, and security.
Tor: Online anonymity, privacy, and security. Runa A. Sandvik runa@torproject.org 12 September 2011 Runa A. Sandvik runa@torproject.org () Tor: Online anonymity, privacy, and security. 12 September 2011
More informationNetwork Coordinates in the Wild
Network Coordinates in the Wild Jonathan Ledlie Margo Seltzer Paul Gardner Harvard University Aelitis / Azureus Hourglass Project http://www.eecs.harvard.edu/~syrah/hourglass Jonathan Ledlie - Harvard
More informationHighway Dimension and Provably Efficient Shortest Paths Algorithms
Highway Dimension and Provably Efficient Shortest Paths Algorithms Andrew V. Goldberg Microsoft Research Silicon Valley www.research.microsoft.com/ goldberg/ Joint with Ittai Abraham, Amos Fiat, and Renato
More informationDetection and Removal of Black Hole Attack in Mobile Ad hoc Network
Detection and Removal of Black Hole Attack in Mobile Ad hoc Network Harmandeep Kaur, Mr. Amarvir Singh Abstract A mobile ad hoc network consists of large number of inexpensive nodes which are geographically
More informationFBI Tor Overview. Andrew Lewman January 17, 2012
FBI Tor Overview Andrew Lewman andrew@torproject.org January 17, 2012 Andrew Lewman andrew@torproject.org () FBI Tor Overview January 17, 2012 1 / 28 What are we talking about? Crash course on anonymous
More informationAvailable Bandwidth Estimation. Probing Packet Train in Pathneck. Transmission of RPT. Choke Point Detection. Packet train probing
Measuring the Path Network Measurement: Measuring the Path Available Bandwidth/Bottleneck BFind,Pathchar,Cartouche Pathneck Link Capacity: Pathchar CapProbe Loss/Delay/Re-ording Tulip Joy Zhang Pathneck
More informationCisco Group Encrypted Transport VPN
Cisco Group Encrypted Transport VPN Q. What is Cisco Group Encrypted Transport VPN? A. Cisco Group Encrypted Transport is a next-generation WAN VPN solution that defines a new category of VPN, one that
More informationENEE 459-C Computer Security. Security protocols (continued)
ENEE 459-C Computer Security Security protocols (continued) Key Agreement: Diffie-Hellman Protocol Key agreement protocol, both A and B contribute to the key Setup: p prime and g generator of Z p *, p
More informationCIS 5373 Systems Security
CIS 5373 Systems Security Topic 4.1: Network Security Basics Endadul Hoque Slide Acknowledgment Contents are based on slides from Cristina Nita-Rotaru (Northeastern) 2 Network Security INTRODUCTION 3 What
More informationChallenges in Mobile Ad Hoc Network
American Journal of Engineering Research (AJER) e-issn: 2320-0847 p-issn : 2320-0936 Volume-5, Issue-5, pp-210-216 www.ajer.org Research Paper Challenges in Mobile Ad Hoc Network Reshma S. Patil 1, Dr.
More informationWireless Network Security Spring 2016
Wireless Network Security Spring 2016 Patrick Tague Class #11 - Identity Mgmt.; Routing Security 2016 Patrick Tague 1 Class #11 Identity threats and countermeasures Basics of routing in ad hoc networks
More informationLocalized and Incremental Monitoring of Reverse Nearest Neighbor Queries in Wireless Sensor Networks 1
Localized and Incremental Monitoring of Reverse Nearest Neighbor Queries in Wireless Sensor Networks 1 HAI THANH MAI AND MYOUNG HO KIM Department of Computer Science Korea Advanced Institute of Science
More informationLecture 6: Overlay Networks. CS 598: Advanced Internetworking Matthew Caesar February 15, 2011
Lecture 6: Overlay Networks CS 598: Advanced Internetworking Matthew Caesar February 15, 2011 1 Overlay networks: Motivations Protocol changes in the network happen very slowly Why? Internet is shared
More information