Our Use of RIPE Atlas in Our Work on The Effect of DNS on Tor s Anonymity
|
|
- Melinda Watts
- 6 years ago
- Views:
Transcription
1 Our Use of RIPE Atlas in Our Work on The Effect of DNS on Tor s Anonymity Benjamin Greschbach KTH Royal Institute of Technology Tobias Pulls Karlstad University Laura M. Roberts Princeton University Philipp Winter Princeton University Nick Feamster Princeton University October 5, / 43
2 This talk will guide you through the details of how we used RIPE Atlas to perform our Internet-scale simulations. 2 / 43
3 This talk will guide you through the details of how we used RIPE Atlas to perform our Internet-scale simulations. Background 3 / 43
4 This talk will guide you through the details of how we used RIPE Atlas to perform our Internet-scale simulations. Background Our use of RIPE Atlas 4 / 43
5 This talk will guide you through the details of how we used RIPE Atlas to perform our Internet-scale simulations. Background Our use of RIPE Atlas Results 5 / 43
6 Background 6 / 43
7 This work appeared at NDSS / 43
8 I spoke about our work at RIPE / 43
9 Tor is an anonymity network. 9 / 43
10 Relay operators and developers make Tor work. Relay operators who donate their computers resources 10 / 43
11 Relay operators and developers make Tor work. Developers who maintain the code Relay operators who donate their computers resources 11 / 43
12 Relay operators and developers make Tor work. Developers who maintain the code Tor users depend on these operators and developers of Tor for the safety of their information online. Relay operators who donate their computers resources 12 / 43
13 Tor has adversaries. 13 / 43
14 Our goal was to show that the domain name system (DNS) can be used to compromise Tor and to provide recommendations. 14 / 43
15 Contributions We discovered that DNS exposes Tor users behavior to more adversaries than previously thought. (We focus on autonomous systems as adversaries in our work.) We discovered that Google gets to learn a lot about what websites Tor users are visiting via DNS. We created proof-of-concept deanonymization attacks ( DefecTor attacks) that take advantage of DNS. We performed simulations at Internet-scale in order to understand how our attacks could affect real people 15 / 43
16 Contributions We discovered that DNS exposes Tor users behavior to more adversaries than previously thought. (We focus on autonomous systems as adversaries in our work.) We discovered that Google gets to learn a lot about what websites Tor users are visiting via DNS. We created proof-of-concept deanonymization attacks ( DefecTor attacks) that take advantage of DNS. We performed simulations at Internet-scale in order to understand how our attacks could affect real people. 16 / 43
17 Our use of RIPE Atlas 17 / 43
18 We quantify the likelihood that any AS is in position to mount DefecTor attacks. Tor tra c WF attack DNS requests DNS server Guard Exit DNS HTTP User The Tor network Web server 18 / 43
19 An AS needs to be on both ends of the Tor network in order to mount DefecTor attacks. Tor tra c WF attack DNS requests DNS server Guard Exit DNS HTTP User The Tor network Web server 19 / 43
20 An AS needs to be on both ends of the Tor network in order to mount DefecTor attacks. Tor tra c WF attack DNS requests DNS server Guard Exit DNS HTTP User The Tor network Web server 20 / 43
21 An AS needs to be on both ends of the Tor network in order to mount DefecTor attacks. 21 / 43
22 An AS needs to be on both ends of the Tor network in order to mount DefecTor attacks. Tor tra c WF attack DNS requests DNS server Guard Exit DNS HTTP User The Tor network Web server 22 / 43
23 We simulate Tor user activity with Tor Path Simulator (TorPS). Tor tra c WF attack DNS requests DNS server Guard Exit DNS HTTP User The Tor network Web server 23 / 43
24 We simulate Tor user activity with Tor Path Simulator (TorPS). Tor tra c WF attack DNS requests DNS server Guard Exit DNS HTTP User The Tor network Web server 24 / 43
25 We simulate Tor user activity with Tor Path Simulator (TorPS). March am EST: Gmail and Twitter 12pm: Google Calendar and Google Docs User 3pm: Facebook and Instagram DNS 6pm: google.com, startpage.com, and ixquick.com 6:20pm: google.com, startpage.com, and ixquick.com TP Web server 25 / 43
26 We simulate Tor user activity with Tor Path Simulator (TorPS). Our user model made 12 website visits per day for 31 days Had TorPS create a 100,000-sample simulation for us Each sample had 372 opportunities to be compromised by an AS because 12 website visits * 31 days = 372 circuits, or streams 26 / 43
27 We placed our simulated user in five popular Tor ASes. United States - Comcast Russia - Rostelecom Germany - Deutsche Telekom France - Orange U.K. - British Telecom 27 / 43
28 We analyzed four Tor exit relay DNS set-up scenarios. First, what if all Tor exit relays were set up to use their ISPs resolvers? 28 / 43
29 We analyzed four Tor exit relay DNS set-up scenarios. First, what if all Tor exit relays were set up to use their ISPs resolvers? Second, what if all Tor exit relays were set up to use Google s public resolver? 29 / 43
30 We analyzed four Tor exit relay DNS set-up scenarios. First, what if all Tor exit relays were set up to use their ISPs resolvers? Second, what if all Tor exit relays were set up to use Google s public resolver? Third, what if all Tor exit relays were set up to do their own DNS resolution 30 / 43
31 We analyzed four Tor exit relay DNS set-up scenarios. First, what if all Tor exit relays were set up to use their ISPs resolvers? Second, what if all Tor exit relays were set up to use Google s public resolver? Third, what if all Tor exit relays were set up to do their own DNS resolution Fourth, what if all Tor exit relays were set up as they currently are? 31 / 43
32 We did not use AS path inference to obtain AS-level paths. 32 / 43
33 We preferred to use traceroutes to obtain AS-level paths. 33 / 43
34 We obtained AS-level paths using traceroutes via RIPE Atlas. 34 / 43
35 RIPE Atlas probe coverage of Tor guard and exit relay ASes in May Atlas probe coverage Tor guard ASes (%) Tor exit ASes (%) By number By bandwidth / 43
36 Here are the RIPE Atlas traceroutes we ran for the ingress side. Ingress side traceroutes From RIPE Atlas probes in the five ISPs to all guard relay IP addresses used in March / 43
37 Here are the traceroutes we ran for our four Tor exit relay DNS resolution scenarios. Egress side traceroutes ISP DNS only: no traceroutes Google DNS only: traceroutes from co-located RIPE Atlas probes to Local DNS only: traceroutes from co-located RIPE Atlas probes to all IP addresses in our websites delegation paths Status quo: traceroutes from co-located RIPE Atlas probes to IP addresses of the resolvers that exit relays actually use 37 / 43
38 Results 38 / 43
39 RIPE Atlas allowed us to study the fraction of compromised streams for our four DNS scenarios. 39 / 43
40 RIPE Atlas allowed us to study the fraction of compromised streams for our four DNS scenarios. 40 / 43
41 RIPE Atlas allowed us to study the fraction of compromised streams for our four DNS scenarios. 41 / 43
42 In summary, RIPE Atlas played a key role in our security paper. 42 / 43
43 In summary, RIPE Atlas played a key role in our security paper. Our paper, data, code, and replication instructions can be found at Contact me at laurar@cs.princeton.edu. 43 / 43
Studying Transna.onal Rou.ng Detours through Surveillance States
Studying Transna.onal Rou.ng Detours through Surveillance States Annie Edmundson, Roya Ensafi, Nick Feamster, Jennifer Rexford Princeton University RIPE 73 October 24 th -28 th, 2016 1 Characterizing and
More informationRAPTOR: Routing Attacks on Privacy in Tor. Yixin Sun. Princeton University. Acknowledgment for Slides. Joint work with
RAPTOR: Routing Attacks on Privacy in Tor Yixin Sun Princeton University Joint work with Annie Edmundson, Laurent Vanbever, Oscar Li, Jennifer Rexford, Mung Chiang, Prateek Mittal Acknowledgment for Slides
More informationIdentifying and characterizing Sybils in the Tor network
Identifying and characterizing Sybils in the Tor network August 12, 2016 USENIX Security Symposium Philipp Winter Princeton University and Karlstad University Roya Ensafi Princeton University Karsten Loesing
More informationAvoiding The Man on the Wire: Improving Tor s Security with Trust-Aware Path Selection
Avoiding The Man on the Wire: Improving Tor s Security with Trust-Aware Path Selection Aaron Johnson Rob Jansen Aaron D. Jaggard Joan Feigenbaum Paul Syverson (U.S. Naval Research Laboratory) (U.S. Naval
More informationUsers Get Routed: Traffic Correlation on Tor by Realistic Adversaries
Users Get Routed: Traffic Correlation on Tor by Realistic Adversaries Aaron Johnson 1 Chris Wacek 2 Rob Jansen 1 Micah Sherr 2 Paul Syverson 1 1 U.S. Naval Research Laboratory, Washington DC {aaron.m.johnson,
More informationHow Do Tor Users Interact With Onion Services?
How Do Tor Users Interact With Onion Services? Philipp Winter, Annie Edmundson, Laura Roberts, Agnieszka Dutkowska-Zuk, Marshini Chetty, Nick Feamster USENIX Security Symposium 15 August 2018 1 Tor is
More informationPrivCount: A Distributed System for Safely Measuring Tor
PrivCount: A Distributed System for Safely Measuring Tor Rob Jansen Center for High Assurance Computer Systems Invited Talk, October 4 th, 2016 University of Oregon Department of Computer and Information
More informationOnion services. Philipp Winter Nov 30, 2015
Onion services Philipp Winter pwinter@cs.princeton.edu Nov 30, 2015 Quick introduction to Tor An overview of Tor Tor is a low-latency anonymity network Based on Syverson's onion routing......which is based
More informationRevealing the load-balancing behavior of YouTube traffic of interdomain links
Revealing the load-balancing behavior of YouTube traffic of interdomain links Ricky K. P. Mok + Vaibhav Bajpai*, Amogh Dhamdhere +, kc claffy + + CAIDA/ University of California San Diego * Technical University
More informationCE Advanced Network Security Anonymity II
CE 817 - Advanced Network Security Anonymity II Lecture 19 Mehdi Kharrazi Department of Computer Engineering Sharif University of Technology Acknowledgments: Some of the slides are fully or partially obtained
More informationCircuit Fingerprinting Attack: Passive Deanonymization of Tor Hidden Services
Circuit Fingerprinting Attack: Passive Deanonymization of Tor Hidden Services Albert Kwon 1 Mashael Saad Al-Sabah 123 David Lazar 1 Marc Dacier 2 Srinivas Devadas 1 1 CSAIL/MIT 2 Qatar Computing Research
More informationSafely Measuring Tor. Rob Jansen U.S. Naval Research Laboratory Center for High Assurance Computer Systems
Safely Measuring Tor Safely Measuring Tor, Rob Jansen and Aaron Johnson, In the Proceedings of the 23rd ACM Conference on Computer and Communication Security (CCS 2016). Rob Jansen Center for High Assurance
More informationSafely Measuring Tor. Rob Jansen U.S. Naval Research Laboratory Center for High Assurance Computer Systems
Safely Measuring Tor Safely Measuring Tor, Rob Jansen and Aaron Johnson, In the Proceedings of the 23rd ACM Conference on Computer and Communication Security (CCS 2016). Rob Jansen Center for High Assurance
More informationA SIMPLE INTRODUCTION TO TOR
A SIMPLE INTRODUCTION TO TOR The Onion Router Fabrizio d'amore May 2015 Tor 2 Privacy on Public Networks Internet is designed as a public network Wi-Fi access points, network routers see all traffic that
More informationAvoiding The Man on the Wire: Improving Tor s Security with Trust-Aware Path Selection
Avoiding The Man on the Wire: Improving Tor s Security with Trust-Aware Path Selection Aaron Johnson, Rob Jansen, Aaron D. Jaggard, Joan Feigenbaum and Paul Syverson U.S. Naval Research Laboratory, {aaron.m.johnson,
More informationDefinition. Quantifying Anonymity. Anonymous Communication. How can we calculate how anonymous we are? Who you are from the communicating party
Definition Anonymous Communication Hiding identities of parties involved in communications from each other, or from third-parties Who you are from the communicating party Who you are talking to from everyone
More informationhttps://spoofer.caida.org/
Software Systems for Surveying Spoofing Susceptibility Matthew Luckie, Ken Keys, Ryan Koga, Bradley Huffaker, Robert Beverly, kc claffy https://spoofer.caida.org/ DDoS PI meeting, March 9 2017 www.caida.o
More informationLASTor: A Low-Latency AS-Aware Tor Client
22 IEEE Symposium on Security and Privacy LASTor: A Low-Latency AS-Aware Tor Client Masoud Akhoondi, Curtis Yu, and Harsha V. Madhyastha Department of Computer Science and Engineering University of California,
More informationTHE SECOND GENERATION ONION ROUTER. Roger Dingledine Nick Mathewson Paul Syverson. -Presented by Arindam Paul
THE SECOND GENERATION ONION ROUTER Roger Dingledine Nick Mathewson Paul Syverson 1 -Presented by Arindam Paul Menu Motivation: Why do we need Onion Routing? Introduction : What is TOR? Basic TOR Design
More informationSoftware Systems for Surveying Spoofing Susceptibility
Software Systems for Surveying Spoofing Susceptibility Matthew Luckie, Ken Keys, Ryan Koga, Bradley Huffaker, Robert Beverly, kc claffy https://spoofer.caida.org/ NANOG68, October 18th 2016 www.caida.o
More informationTorScan: Tracing Long-lived Connections and Differential Scanning Attacks
TorScan: Tracing Long-lived Connections and Differential Scanning Attacks A. Biryukov, I. Pustogarov, R.P. Weinmann University of Luxembourg ivan.pustogarov@uni.lu September 5, 2012 A. Biryukov, I. Pustogarov,
More informationIPv6 at Google. Lorenzo Colitti
IPv6 at Google Lorenzo Colitti lorenzo@google.com Why IPv6? IPv4 address space predictions (G. Huston) Why IPv6? Cost Buying addresses will be expensive Carrier-grade NAT may be expensive Lots of session
More informationRyan Wails*, Yixin Sun, Aaron Johnson, Mung Chiang, and Prateek Mittal Tempest: Temporal Dynamics in Anonymity Systems
Proceedings on Privacy Enhancing Technologies ; 2018 (3):22 42 Ryan Wails*, Yixin Sun, Aaron Johnson, Mung Chiang, and Prateek Mittal Tempest: Temporal Dynamics in Anonymity Systems Abstract: Many recent
More informationInternet Measurements. Motivation
Internet Measurements Arvind Krishnamurthy Fall 2004 Motivation Types of measurements Understand the topology of the Internet Measure performance characteristics Tools: BGP Tables Traceroute measurements
More informationRIPE Atlas and IoT Approach, Experiences and Some Interesting Details
RIPE Atlas and IoT Approach, Experiences and Some Interesting Details Robert Kisteleki RIPE NCC RIPE Atlas and IoT The following slides cover: - Some common sense aspects, and - RIPE Atlas specifics Most
More informationAnalyzing and Mitigating Privacy with the DNS Root Service. Wes Hardaker USC/ISI
Analyzing and Mitigating Privacy with the DNS Root Service Wes Hardaker USC/ISI 1 Less DNS Anonymous 2017 NDSS I Pondered: Can you avoid asking questions?.tld Parent DNS NS Primary Service
More informationSoftware Systems for Surveying Spoofing Susceptibility
Software Systems for Surveying Spoofing Susceptibility Matthew Luckie, Ken Keys, Ryan Koga, Bradley Huffaker, Robert Beverly, kc claffy https://spoofer.caida.org/ AusNOG 2016, September 2nd 2016 www.caida.o
More informationDailyCatch: A Provider-centric View of Anycast Behaviour
DailyCatch: A Provider-centric View of Anycast Behaviour Stephen McQuistin University of Glasgow Sree Priyanka Uppu Marcel Flores Verizon Digital Media Services What is IP anycast? 2 What is IP anycast?
More informationJOINT NETWORK AND CONTENT ROUTING
JOINT NETWORK AND CONTENT ROUTING OR, ON USING TRAFFIC ENGINEERING AT SERVICE LEVEL Vytautas Valancius, Bharath Ravi, Nick Feamster (Georgia Institute of Technology) Alex Snoeren (University of San Diego)
More informationThe Evolving Architecture of the Web. Nick Sullivan
The Evolving Architecture of the Web Nick Sullivan Head of Cryptography CFSSL Universal SSL Keyless SSL Privacy Pass Geo Key Manager Recently Standards work TLS 1.3 Competing Goals make browsing more
More informationRIPE Atlas. Global Internet Measurement Network March 2016 MENOG 16, Istanbul
RIPE Atlas Global Internet Measurement Network atlas@ripe.net 23-24 March 2016 MENOG 16, Istanbul RIPE Atlas RIPE Atlas MENOG 16 23-24 March 2016 2 RIPE Atlas Overview - March 2016 9,400+ probes connected
More informationMetrics for Security and Performance in Low-Latency Anonymity Systems
Metrics for Security and Performance in Low-Latency Anonymity Systems Tor user Entry node Tor Network Middle node Exit node Bandwidth per node (kb/s) (log scale) 1e+01 1e+03 1e+05 Encrypted tunnel Web
More informationTor Experimentation Tools
Tor Experimentation Tools Fatemeh Shirazi TU Darmstadt / KU Leuven Darmstadt, Germany fshirazi@cdc.informatik.tu-darmstadt.de Matthias Göhring TU Darmstadt Darmstadt, Germany de.m.goehring@ieee.org Claudia
More informationHiding Amongst the Clouds
Hiding Amongst the Clouds A Proposal for Cloud-based Onion Routing Nicholas Jones Matvey Arye Jacopo Cesareo Michael J. Freedman Princeton University https://www.torproject.org/about/overview.html We and
More informationSecuring Core Internet Functions Resource Certification, RPKI. Mark Kosters ARIN CTO
Securing Core Internet Functions Resource Certification, RPKI Mark Kosters ARIN CTO Core Internet Functions: Routing & DNS The Internet relies on two critical resources DNS: Translates domain names to
More informationThe Tor Network. Cryptography 2, Part 2, Lecture 6. Ruben Niederhagen. June 16th, / department of mathematics and computer science
The Tor Network Cryptography 2, Part 2, Lecture 6 Ruben Niederhagen June 16th, 2014 Tor Network Introduction 2/33 Classic goals of cryptography: confidentiality, data integrity, authentication, and non-repudiation.
More informationLow-Cost Traffic Analysis of Tor
Low-Cost Traffic Analysis of Tor Steven J. Murdoch, George Danezis University of Cambridge, Computer Laboratory Review of Tor Support anonymous transport of TCP streams over the Internet Support anonymous
More informationTowards Predicting Efficient and Anonymous Tor Circuits
Towards Predicting Efficient and Anonymous Tor Circuits Armon Barton, Mohsen Imani, and Jiang Ming, University of Texas at Arlington; Matthew Wright, Rochester Institute of Technology https://www.usenix.org/conference/usenixsecurity8/presentation/barton
More informationRIPE Atlas Intro & Use Cases
RIPE Atlas Intro & Use Cases Philip Smith SANOG 29 23-30 January 2017 Ever Wonder How To Monitor the performance of your network in real time from thousands of vantage points Troubleshoot problems close
More information0x1A Great Papers in Computer Security
CS 380S 0x1A Great Papers in Computer Security Vitaly Shmatikov http://www.cs.utexas.edu/~shmat/courses/cs380s/ Privacy on Public Networks Internet is designed as a public network Wi-Fi access points,
More informationCS Paul Krzyzanowski
Computer Security 17. Tor & Anonymous Connectivity Anonymous Connectivity Paul Krzyzanowski Rutgers University Spring 2018 1 2 Anonymity on the Internet Often considered bad Only criminals need to hide
More informationMeasuring the IPv6 Internet by active DNS and HTTP measurements (work in progress)
Measuring the IPv6 Internet by active DNS and HTTP measurements (work in progress) emile.aben@ripe.net Early 21st centry http://www.ripe.net 1 The 2 Internets The IPv4 Internet The IPv6 Internet How are
More informationNETWORK LEVEL ATTACKS AND DEFENSES AGAINST ANONYMITY NETWORKS
NETWORK LEVEL ATTACKS AND DEFENSES AGAINST ANONYMITY NETWORKS A Dissertation in Computer Science submitted to the Faculty of the Graduate School of Arts and Sciences of Georgetown University in partial
More informationMeasuring and Mitigating AS-level Adversaries Against Tor
Measuring and Mitigating -level Adversaries Against Tor Rishab Nithyanand, Oleksii Starov, Adva Zair, Phillipa Gill and Michael Schapira Stony Brook University Email: {rnithyanand, ostarov, phillipa}@cs.stonybrook.edu
More informationAnonymity With Tor. The Onion Router. July 5, It s a series of tubes. Ted Stevens. Technische Universität München
Anonymity With Tor The Onion Router Nathan S. Evans Christian Grothoff Technische Universität München July 5, 2012 It s a series of tubes. Ted Stevens Overview What is Tor? Motivation Background Material
More informationBROADBAND QOS REPORT QUARTER 1 REPORT Fixed Broadband Mobile Data & Voice
BROADBAND QOS REPORT QUARTER 1 REPORT 218 Fixed Broadband Mobile Data & Voice DISCLAIMER This study is published in accordance with Articles 3(b)(1), 3(c)(2), 3(c)(4) and Article 54 of the Telecommunications
More informationDetecting Denial of Service Attacks in Tor
Norman Danner Danny Krizanc Marc Liberatore Department of Mathematics and Computer Science Wesleyan University Middletown, CT 06459 USA Financial Cryptography and Data Security 2009 Outline 1 Background
More informationOnline Accounts 5 SNS Accounts Google Account Using HTC Sync...5-3
Online Accounts 5 SNS Accounts...5-2 Adding an SNS Account... 5-2 Synchronizing with a Google Account... 5-2 Synchronizing with a Microsoft Exchange ActiveSync Account... 5-2 Managing Your Accounts...
More informationBROADBAND QOS REPORT QUARTER 1 REPORT Fixed Broadband Mobile Data & Voice
BROADBAND QOS REPORT QUARTER 1 REPORT 217 Fixed Broadband Mobile Data & Voice DISCLAIMER This study is published in accordance with Articles 3(b)(1), 3(c)(2), 3(c)(4) and Article 54 of the Telecommunications
More informationAS-awareness in Tor Path Selection
AS-awareness in Tor Path Selection Matthew Edman Department of Computer Science Rensselaer Polytechnic Institute Troy, NY 12180 edmanm2@cs.rpi.edu Paul Syverson Center for High Assurance Computer Systems
More informationPeering at the Internet s Frontier:
Peering at the Internet s Frontier: A First Look at ISP Interconnectivity in Africa Arpit Gupta Georgia Tech Matt Calder (USC), Nick Feamster (Georgia Tech), Marshini Chetty (Maryland), Enrico Calandro
More informationDeanonymizing Tor. Colorado Research Institute for Security and Privacy. University of Denver
Deanonymizing Tor Nathan S. Evans Nathan.S.Evans@du.edu Christian Grothoff christian@grothoff.org Colorado Research Institute for Security and Privacy University of Denver 1 Motivation Tor is probably
More informationGuard Sets in Tor using AS Relationships
Proceedings on Privacy Enhancing Technologies ; 218 (1):145 165 Mohsen Imani*, Armon Barton, and Matthew Wright Guard Sets in Tor using AS Relationships Abstract: The mechanism for picking guards in Tor
More informationRIPE Atlas. Measuring the Internet
RIPE Atlas Measuring the Internet Why What is it useful for? Why RIPE Atlas? (1) Internet Growth Critical Multi- Stakeholder Monitor Troubleshoot Measurements Improve Security Lack of Internet wide measurements
More informationRIPE Atlas Update. Robert Kisteleki RIPE NCC
Update Robert Kisteleki RIPE NCC Introduction Coverage 3 Coverage 4 Measurement Devices 5 v1 & v2: Lantronix XPort Pro v3: TP-Link TL-MR3020 powered from USB port - Does not work as a wireless router -
More informationFlooding Attacks by Exploiting Persistent Forwarding Loops
Flooding Attacks by Exploiting Persistent Forwarding Loops Jianhong Xia, Lixin Gao and Teng Fei University of Massachusetts, Amherst MA 01003, USA Email: {jxia, lgao, tfei}@ecs.umass.edu Introduction Routing
More informationAnonymous Communication and Internet Freedom
Anonymous Communication and Internet Freedom CS 161: Computer Security Prof. David Wagner April 29, 2016 Announcements Final exam in RSF Fieldhouse, 5/10, arrive by 7PM HW4 due Monday, 5/2, 11:59pm Review
More informationLocation Diversity in Anonymity Networks
Location Diversity in Anonymity Networks Nick Feamster MIT Computer Science and AI Laboratory feamster@csail.mit.edu Roger Dingledine The Free Haven Project arma@mit.edu ABSTRACT Anonymity networks have
More informationJohn S. Otto Mario A. Sánchez John P. Rula Fabián E. Bustamante
John S. Otto Mario A. Sánchez John P. Rula Fabián E. Bustamante Northwestern, EECS http://aqualab.cs.northwestern.edu ! DNS designed to map names to addresses Evolved into a large-scale distributed system!
More informationc anomaly detection using a distributed measurement network
Tra c anomaly detection using a distributed measurement network Razvan Oprea Supervisor: Emile Aben (RIPE NCC) System and Network Engineering February 8, 2012 Outline Introduction Similar projects Research
More informationInternet Anycast: Performance, Problems and Potential
Internet Anycast: Performance, Problems and Potential Zhihao Li, Dave Levin, Neil Spring, Bobby Bhattacharjee University of Maryland 1 Anycast is increasingly used DNS root servers: All 13 DNS root servers
More informationBBC Tor Overview. Andrew Lewman March 7, Andrew Lewman () BBC Tor Overview March 7, / 1
BBC Tor Overview Andrew Lewman andrew@torproject.org March 7, 2011 Andrew Lewman andrew@torproject.org () BBC Tor Overview March 7, 2011 1 / 1 What are we talking about? Crash course on anonymous communications
More informationENEE 459-C Computer Security. Security protocols (continued)
ENEE 459-C Computer Security Security protocols (continued) Key Agreement: Diffie-Hellman Protocol Key agreement protocol, both A and B contribute to the key Setup: p prime and g generator of Z p *, p
More informationTaming QoE in Cellular Networks From Subjective Lab Studies to Measurements in the Field P. Casas, B. Gardlo, M. Seufert, F. Wamser, R.
Dr. Pedro Casas Telecommunications Research Center Vienna FTW Taming QoE in Cellular Networks From Subjective Lab Studies to Measurements in the Field P. Casas, B. Gardlo, M. Seufert, F. Wamser, R. Schatz
More informationAvailability, Reliability, and Fault Tolerance
Availability, Reliability, and Fault Tolerance Guest Lecture for Software Systems Security Tim Wood Professor Tim Wood - The George Washington University Distributed Systems have Problems Hardware breaks
More informationVulnerabilities in Tor: (past,) present, future. Roger Dingledine The Tor Project https://www.torproject.org/
Vulnerabilities in Tor: (past,) present, future Roger Dingledine The Tor Project https://www.torproject.org/ 1 Outline Crash course on Tor Solved / solvable problems Tough ongoing issues, practical Tough
More informationBROADBAND QOS REPORT QUARTER 3 REPORT Fixed Broadband Mobile Data & Voice
BROADBAND QOS REPORT QUARTER 3 REPORT 216 Fixed Broadband Mobile Data & Voice DISCLAIMER This study is published in accordance with Articles 3(b)(1), 3(c)(2), 3(c)(4) and Article 54 of the Telecommunications
More informationAnonymity, Usability, and Humans. Pick Two.
Anonymity, Usability, and Humans. Pick Two. Runa A. Sandvik runa@torproject.org 20 September 2011 Runa A. Sandvik runa@torproject.org () Anonymity, Usability, and Humans. Pick Two. 20 September 2011 1
More informationAnonymity With Tor. The Onion Router. July 21, Technische Universität München
The Onion Router Nathan S. Evans Christian Grothoff Technische Universität München July 21, 2011 Overview What is Tor? Motivation Background Material How Tor Works Hidden Services Attacks Specific Attack
More informationThe Spoofer Project Inferring the Extent of Source Address Filtering on the Internet
The Spoofer Project Inferring the Extent of Source Address Filtering on the Internet Rob Beverly and Steve Bauer {rbeverly,bauer}@mit.edu The Spoofer Project Goal: Quantify the extent and nature of source
More informationFBI Tor Overview. Andrew Lewman January 17, 2012
FBI Tor Overview Andrew Lewman andrew@torproject.org January 17, 2012 Andrew Lewman andrew@torproject.org () FBI Tor Overview January 17, 2012 1 / 28 What are we talking about? Crash course on anonymous
More informationInternet Abuse Real-life tips & tricks for reporting an handeling
Internet Abuse Real-life tips & tricks for reporting an handeling Jurrian van Iersel NLNOG-day, september 8th, 2017 @JurrianVI linkedin.com/in/jurrianvaniersel Who am I? IT Developer at Infopact Volunteer
More informationSocial media to promote
Social media to promote your business Fun social media facts The UK has the highest proportion of social networking users, with 52% In the UK, social media addiction is considered a disease - you can get
More informationPeeling Onions Understanding and using
hiro@torproject.org Peeling Onions Understanding and using the network Know your onions What is Tor and what it can do for you. How Tor provides privacy and anonymity Using Tor at the application layer:
More informationRIPE Atlas Hackathon. Vesna Manojlovic RIPE NCC
Hackathon Vesna Manojlovic RIPE NCC BECHA@ripe.net Overview 2 Welcome & Logistics Hackathon Goals & Structure Introduction to TechInc & RIPE & RIPE NCC Introduction to Take part in community Welcome to
More informationUNIVERSITY REFERENCING IN GOOGLE DOCS WITH PAPERPILE
Oct 15 UNIVERSITY REFERENCING IN GOOGLE DOCS WITH PAPERPILE By Unknown On Wednesday, October 14, 2015 In Google, Google Docs, Useful Apps With No Comments Many universities and colleges require the use
More informationEnumerating Privacy Leaks in DNS Data Collected above the Recursive
Enumerating Privacy Leaks in DNS Data Collected above the Recursive Basileal Imana 1, Aleksandra Korolova 1 and John Heidemann 2 1 University of Southern California 2 USC/Information Science Institute
More informationOne Fast Guard for Life (or 9 months)
One Fast Guard for Life (or 9 months) Roger Dingledine 1, Nicholas Hopper 2, George Kadianakis 1, and Nick Mathewson 1 1 The Tor Project, https://torproject.org {arma,asn,nickm}@torproject.org 2 University
More informationInternet Architecture. CPS 214 (Nick Feamster) January 14, 2008
Internet Architecture CPS 214 (Nick Feamster) January 14, 2008 Today s Reading Design Philosophy of the DARPA Internet Protocols. Dave Clark, 1988. Conceptual Lessons Design principles/priorities were
More informationExam - Final. CSCI 1680 Computer Networks Fonseca. Closed Book. Maximum points: 100 NAME: 1. TCP Congestion Control [15 pts]
CSCI 1680 Computer Networks Fonseca Exam - Final Due: 11:00am, May 10th, 2012 Closed Book. Maximum points: 100 NAME: 1. TCP Congestion Control [15 pts] a. TCP Tahoe and Reno have two congestion-window
More informationTor: The Second-Generation Onion Router. Roger Dingledine, Nick Mathewson, Paul Syverson
Tor: The Second-Generation Onion Router Roger Dingledine, Nick Mathewson, Paul Syverson Introduction Second Generation of Onion Routing Focus on deployability Perfect forward secrecy Separation of protocol
More informationOpen Resolvers in COM/NET Resolution!! Duane Wessels, Aziz Mohaisen! DNS-OARC 2014 Spring Workshop! Warsaw, Poland!
Open Resolvers in COM/NET Resolution!! Duane Wessels, Aziz Mohaisen! DNS-OARC 2014 Spring Workshop! Warsaw, Poland! Outine! Why do we care about Open Resolvers?! Surveys at Verisign! Characterizing Open
More informationIPv6 at Google. Lorenzo Colitti
IPv6 at Google Lorenzo Colitti lorenzo@google.com Why? IPv4 address space predictions (G. Huston) To put it into perspective... Iljitsch van Beijnum, Ars Technica Why IPv6? Cost Buying addresses will be
More informationRIPE NCC Technical Services. Kaveh Ranjbar, Chief Information Officer
RIPE NCC Kaveh Ranjbar, Chief Information Officer MENOG 15 Dubai, UAE 2 April 2015 Overview 2 RIPE Atlas K-root expansion DNS services RIPEstat Research Mostly global services, accessible by everyone -
More informationI. Announcments II. What does ICANN (Internet Corporation for Assigned Names and Numbers) do? a. Draws up a contract with each registry b.
I. Announcments II. What does ICANN (Internet Corporation for Assigned Names and Numbers) do? a. Draws up a contract with each registry b. Runs an accreditation system for registrars c. Oversees IP addresses
More informationBROADBAND QOS REPORT QUARTER 3 REPORT Fixed Broadband Mobile Data & Voice
BROADBAND QOS REPORT QUARTER 3 REPORT 217 Fixed Broadband Mobile Data & Voice DISCLAIMER This study is published in accordance with Articles 3(b)(1), 3(c)(2), 3(c)(4) and Article 54 of the Telecommunications
More informationAnonymous Communication and Internet Freedom
Anonymous Communication and Internet Freedom CS 161: Computer Security Prof. David Wagner May 2, 2013 Goals For Today State-sponsored adversaries Anonymous communication Internet censorship State-Sponsored
More informationv6 Health Metric with NOMA (guest-starring RIPE Atlas)
v6 Health Metric with NOMA (guest-starring RIPE Atlas) Network Operator Measurements Activity Leslie Daigle May 2017 http://www.techark.org/noma May 10, 2017. Summary NOMA (Some) Operators have instrumented
More informationAchieving scale: Large scale active measurements from PlanetLab
Achieving scale: Large scale active measurements from PlanetLab Marc-Olivier Buob, Jordan Augé (UPMC) 4th PhD School on Traffic Monitoring and Analysis (TMA) April 15th, 2014 London, UK OneLab FUTURE INTERNET
More informationTrawling for Tor Hidden Services: Detection, Measurement, Deanonymization
Trawling for Tor Hidden Services: Detection, Measurement, Deanonymization A. Biryukov, I. Pustogarov, R.P. Weinmann University of Luxembourg Ivan.pustogarov@uni.lu May 20, 2013 Overview Background Measuring
More informationCSE 124: CONTENT-DISTRIBUTION NETWORKS. George Porter December 4, 2017
CSE 124: CONTENT-DISTRIBUTION NETWORKS George Porter December 4, 2017 ATTRIBUTION These slides are released under an Attribution-NonCommercial-ShareAlike 3.0 Unported (CC BY-NC-SA 3.0) Creative Commons
More informationHow to deal with large numbers (millions) of entities in a system? IP devices in the internet (0.5 billion) Users in P2P network (millions)
Designs for Scale How to deal with large numbers (millions) of entities in a system? IP devices in the internet (0.5 billion) Users in P2P network (millions) More generally: Are there advantages to large
More informationDFRI, Swedish Internet Forum 2012
DFRI, Swedish Internet Forum 2012 Andrew Lewman andrew@torproject.org April 18, 2012 Andrew Lewman andrew@torproject.org () DFRI, Swedish Internet Forum 2012 April 18, 2012 1 / 23 George Orwell was an
More informationLessons Learned From Using the RIPE Atlas Platform for Measurement Research RIPE 68, Warsaw
Lessons Learned From Using the RIPE Atlas Platform for Measurement Research RIPE 68, Warsaw Vaibhav Bajpai, Steffie Jacob Eravuchira, Jürgen Schönwälder (v.bajpai s.eravuchira j.schoenwaelder)@jacobs-university.de
More informationA1. Technical methodology
A1. Technical methodology The Ofcom mobile research app project is the latest phase of Ofcom s work to measure mobile performance and the consumer experience of using mobile services. The new methodology
More informationModule 1: Understanding and Installing Internet Information Services
Course Outline Module 1: Understanding and Installing Internet Information Services In this module, you will learn about the infrastructure prerequisites for using Microsoft Internet Information Services
More informationENEE 459-C Computer Security. Security protocols
ENEE 459-C Computer Security Security protocols Key Agreement: Diffie-Hellman Protocol Key agreement protocol, both A and B contribute to the key Setup: p prime and g generator of Z p *, p and g public.
More informationImpact of security vulnerabilities in timing protocols on Domain Name System (DNS)
November 12 2017 IEPG Open Meeting-IETF100 Impact of security vulnerabilities in timing protocols on Domain Name System (DNS) Aanchal Malhotra 1, Willem Toorop 2, Benno Overeinder 2, Sharon Goldberg 1
More information6 TIPS FOR IMPROVING YOUR WEB PRESENCE
6 TIPS FOR IMPROVING YOUR WEB PRESENCE 6 TIPS FOR IMPROVING YOUR WEB PRESENCE We all want to get noticed on the web. If you are running a business you want to be on the first page in Google via organic
More informationSchengen Routing: A Compliance Analysis
COST-ACROSS, Lovran, Croatia, October 9, 2015 Schengen Routing: A Compliance Analysis Daniel Dönni, Guilherme Sperb Machado, Christos Tsiaras, Burkhard Stiller Communication Systems Group CSG, Department
More information