Can t You Hear Me Knocking: Security and Privacy Threats from ML Application to Contextual Information
Size: px
Start display at page:

Download "Can t You Hear Me Knocking: Security and Privacy Threats from ML Application to Contextual Information"

Transcription

1 Can t You Hear Me Knocking: Security and Privacy Threats from ML Application to Contextual Information Contextual Security Workshop Contextual Security: Quo Vadis? Aalto University, Helsinki - December 2, 2015 Mauro Conti SPRITZ Security and Privacy Research Group University of Padua, Italy conti@math.unipd.it

2 Presentation overview 1. Traditional vs. Contextual Security

3 Traditional Security Crypto, Applied-Crypto, Protocols,... There are pitfalls and limitations

4 SSL (in)-security Motivation SSL is widely used but not fully understood by developers (particularly for mobile apps...) problem raised by two CCS 2012 papers expired and self sign. certif, SSL stripping... Some libraries are error-prone (if not worst) e.g. curl default should be 2 (true -> 1...)

5 MITHYS (STM-ESORICS 13) MITHYS: architecture

6 Contextual Security

7 Contextual Security By applying machine learning techniques to contextual information, we can design intuitive and usable security and privacy solutions for ordinary users without sacrificing the level of protection.

8 Contextual Security By applying machine learning techniques to contextual information, we can design intuitive and usable security and privacy solutions for ordinary users without sacrificing the level of protection.

9 Contextual Security By applying machine learning techniques to contextual information, we can design intuitive and usable security and privacy solutions for ordinary users without sacrificing the level of protection. What if

10 Contextual Security By applying machine learning techniques to contextual information, we can design intuitive and usable security and privacy solutions for ordinary users without sacrificing the level of protection. What if the adversary leverages the same techniques?

11 Contextual Security By applying machine learning techniques to contextual information, we can design intuitive and usable security and privacy solutions for ordinary users without sacrificing the level of protection. What if the adversary leverages the same techniques? How can we protect contextual information?

12 Presentation overview 1. Traditional vs. Contextual Security 2. Can t you hear me knocking (CODASPY 14, IEEE TIFS 15) M. Conti, L. Mancini, R. Spolaor, and N. Verde 3. AppScanner (IEEE EuroS&P 16) V. Taylor, R. Spolaor, M. Conti and I. Martinovich 4. Preserving Smartphone Users' Anonymity in Cloudy Days (MobiPST-ICCCN 13, IEEE TSC 14) C. Ardagna, M. Conti, M. Leone, J. Stefa

13 Can t you hear me knocking (CODASPY 14, TIFS 15) Motivation SSH Encryption is not enough! [Song et al. '11] VoIP [Wright et al. '08]

14 Can t you hear me knocking (CODASPY 14, TIFS 15) Attacker's observations Coarse features: Packet lengths Packet directions Packet timings Enable Traffic Analysis Attacks. Services

15 Attack scenario *

16 Attack scenario *

17 Attack scenario *

18 Other attack scenarios To identify communicating parties from sending/receiving pattern Behavioural profiling to improve fingerpritings for marketing reasons...

19 Can t you hear me knocking (CODASPY 14, TIFS 15) The goal Can an attacker recognize actions that a user performs on some android app by analyzing the encrypted network traffic? *

20 Can t you hear me knocking (CODASPY 14, TIFS 15) Key Concepts *

21 Can t you hear me knocking (CODASPY 14, TIFS 15) Dataset collection *

22 Can t you hear me knocking (CODASPY 14, TIFS 15) Network Traffic Flows Representation *

23 Can t you hear me knocking (CODASPY 14, TIFS 15) The framework Labeled Dataset Phase 1. Training Phase 2. Testing Network Traffic Pre-processor User Action Classifier Random Forest Predictions - Tweet sent - answered - tweeter contact opened... *

24 Can t you hear me knocking (CODASPY 14, TIFS 15) Training phase 1. Unsupervised learning Clusters of similar flows Dynamic Time Warping (DTW) [Müller 2007] as metric The number of clusters is a parameter to tune 2. Training set building User actions Classes Cluster labels Features IDs user actions cluster 0 cluster 1... cluster k. cluster N-1 cluster N 001 send mail send mail send reply Supervised learning Random Forest classifier

25 Can t you hear me knocking (CODASPY 14, TIFS 15) Evaluation phase 1. User actions produce unseen flows 2. Assign each unseen flow to a cluster clusters used in training phase and DTW as metric 3. Test set building (similarly to training set) User actions unknown classes Cluster labels Features 4. User action recognition

26 Can t you hear me knocking (CODASPY 14, TIFS 15) Accuracy vs. number of clusters *

27 Can t you hear me knocking (CODASPY 14, TIFS 15) Accuracy per user action *

28 Can t you hear me knocking (CODASPY 14, TIFS 15) Conclusions Encryption does not hide communication patterns We shown that user actions performed on Android apps can be detected by analyzing the encrypted network traffic Attackers can leverage our framework to undermine user privacy: Learn user habits Gain commercial or intelligence advantage against some competitor Attribution of social network pseudonyms Countermeasures to this type of attacks are needed...

29 AppScanner (IEEE EuroS&P 16)

30 AppScanner (IEEE EuroS&P 16) Motivation Given a target app X Identify the presence of X in a mobile device Using network traffic analysis

31 AppScanner (IEEE EuroS&P 16) Motivation Given a target app X Identify the presence of X in a mobile device Using network traffic analysis It isn t so easy!

32 AppScanner (IEEE EuroS&P 16) Motivation Given a target app X Identify the presence of X in a mobile device Using network traffic analysis It isn t so easy! Encryption Payload inspection is not feasible

33 AppScanner (IEEE EuroS&P 16) Motivation Given a target app X Identify the presence of X in a mobile device Using network traffic analysis It isn t so easy! Encryption Payload inspection is not feasible Owner of Destination IP App Content Delivery Network (CDN) Proxy

34 AppScanner (IEEE EuroS&P 16) Attacker's observations (similarly to the previous work) Packet length Packet directions Packet timings Enable Traffic Analysis Attacks Proxy

35 AppScanner (IEEE EuroS&P 16) Traditional Client-Server Architecture Content Delivery Network CDN

36 AppScanner (IEEE EuroS&P 16) Three different approaches proposed:

37 AppScanner (IEEE EuroS&P 16) Three different approaches proposed: 1. Per flow length classification A classifier for each length No out-of-order packets resiliency, but fast

38 AppScanner (IEEE EuroS&P 16) Three different approaches proposed: 1. Per flow length classification A classifier for each length No out-of-order packets resiliency, but fast 2. Large Multi-class classification Uses statistics on network flows It works on a set of apps High Accuracy and out-of-order packets resiliency, but slow

39 AppScanner (IEEE EuroS&P 16) Three different approaches proposed: 1. Per flow length classification A classifier for each length No out-of-order packets resiliency, but fast 2. Large Multi-class classification Uses statistics on network flows It works on a set of apps High Accuracy and out-of-order packets resiliency, but slow 3. Per App classification Uses statistics on network flows It focuses on a specific app Binary classification (app is present of not)

40 AppScanner (IEEE EuroS&P 16) Building the dataset TCP Packets captured Datesets

41 AppScanner (IEEE EuroS&P 16) Building the dataset TCP Packets captured

42 AppScanner (IEEE EuroS&P 16) Building the dataset TCP Packets captured Per Flow approach (1)

43 AppScanner (IEEE EuroS&P 16) Building the dataset TCP Packets captured Per Flow approach (1)

44 AppScanner (IEEE EuroS&P 16) Building the dataset TCP Packets captured Per Flow approach (1)

45 AppScanner (IEEE EuroS&P 16) Building the dataset TCP Packets captured Per Flow approach (1) Statistical approaches (2, 3)

46 AppScanner (IEEE EuroS&P 16) Improving the accuracy of AppScanner Classification performed on each network traffic flow We aim to identify an app many flows available Flow Classifier prediction (App, Probability of prediction) Applying a probability threshold (pt) Filter out flows with uncertain predictions Increase classification accuracy tuning pt

47 Competitors AppScanner (IEEE EuroS&P 16) (1) Performance and Comparison (2) (3)

48 Preserving Smartphone Users' Anonymity in Cloudy Days (MobiPST 13, IEEE TSC 14)

49 Preserving Smartphone Users' Anonymity in Cloudy Days (MobiPST 13, IEEE TSC 14)

50 Preserving Smartphone Users' Anonymity in Cloudy Days (MobiPST 13, IEEE TSC 14)

51 Preserving Smartphone Users' Anonymity in Cloudy Days (MobiPST 13, IEEE TSC 14) Proposed Protocol (sketch)

52 Preserving Smartphone Users' Anonymity in Cloudy Days (MobiPST 13, IEEE TSC 14) Communication steps Sender (1) Receiver (3) Clone communication (2)

53 Thank you for you attention! Questions?

Similar documents

Can t you hear me knocking

Can t you hear me knocking Can t you hear me knocking Identification of user actions on Android apps via traffic analysis Candidate: Supervisor: Prof. Mauro Conti Riccardo Spolaor Co-Supervisor: Dr. Nino V. Verde April 17, 2014

More information

Encryption Is Not Enough: Inferring user activities on KakaoTalk with traffic analysis

Encryption Is Not Enough: Inferring user activities on KakaoTalk with traffic analysis Encryption Is Not Enough: Inferring user activities on KakaoTalk with traffic analysis Kyungwon Park and Hyoungshick Kim Department of Computer Science and Engineering, Sungkyunkwan University, Korea {kyungwon,hyoung}@skku.edu

More information

Detecting Malicious Hosts Using Traffic Flows

Detecting Malicious Hosts Using Traffic Flows Detecting Malicious Hosts Using Traffic Flows Miguel Pupo Correia joint work with Luís Sacramento NavTalks, Lisboa, June 2017 Motivation Approach Evaluation Conclusion Outline 2 1 Outline Motivation Approach

More information

Eavesdropping on Fine-Grained User Activities Within Smartphone Apps Over Encrypted Network Traffic

Eavesdropping on Fine-Grained User Activities Within Smartphone Apps Over Encrypted Network Traffic Eavesdropping on Fine-Grained User Activities Within Smartphone Apps Over Encrypted Network Traffic Brendan Saltaformaggio, Hongjun Choi, Kristen Johnson, Yonghwi Kwon, Qi Zhang, Xiangyu Zhang, Dongyan

More information

Automated Traffic Classification and Application Identification using Machine Learning. Sebastian Zander, Thuy Nguyen, Grenville Armitage

Automated Traffic Classification and Application Identification using Machine Learning. Sebastian Zander, Thuy Nguyen, Grenville Armitage Automated Traffic Classification and Application Identification using Machine Learning Sebastian Zander, Thuy Nguyen, Grenville Armitage {szander,tnguyen,garmitage}@swin.edu.au Centre for Advanced Internet

More information

A SIMPLE INTRODUCTION TO TOR

A SIMPLE INTRODUCTION TO TOR A SIMPLE INTRODUCTION TO TOR The Onion Router Fabrizio d'amore May 2015 Tor 2 Privacy on Public Networks Internet is designed as a public network Wi-Fi access points, network routers see all traffic that

More information

Anonymous Communications

Anonymous Communications Anonymous Communications Andrew Lewman andrew@torproject.org December 05, 2012 Andrew Lewman andrew@torproject.org () Anonymous Communications December 05, 2012 1 / 45 Who is this guy? 501(c)(3) non-profit

More information

Can we overcome. FEARLESS engineering

Can we overcome. FEARLESS engineering Can we overcome this http://hightechforum.org/tag/privacy/ With this? Actually Tor The real question is: Can we overcome this using fingerprinting? UT DALLAS Erik Jonsson School of Engineering & Computer

More information

Personalized Pseudonyms for Servers in the Cloud. Qiuyu Xiao (UNC-Chapel Hill) Michael K. Reiter (UNC-Chapel Hill) Yinqian Zhang (Ohio State Univ.

Personalized Pseudonyms for Servers in the Cloud. Qiuyu Xiao (UNC-Chapel Hill) Michael K. Reiter (UNC-Chapel Hill) Yinqian Zhang (Ohio State Univ. Personalized Pseudonyms for Servers in the Cloud Qiuyu Xiao (UNC-Chapel Hill) Michael K. Reiter (UNC-Chapel Hill) Yinqian Zhang (Ohio State Univ.) Background Server s identity is not well protected with

More information

Classification of Log Files with Limited Labeled Data

Classification of Log Files with Limited Labeled Data Classification of Log Files with Limited Labeled Data Stefan Hommes, Radu State, Thomas Engel University of Luxembourg 15.10.2013 1 Motivation Firewall log files store all accepted and dropped connections.

More information

Android Encrypted Network Traffic to Identify User Actions

Android Encrypted Network Traffic to Identify User Actions Android Encrypted Network Traffic to Identify User Actions K. Ravikumar Dept: Computer Science Tamil University, Thanjavur-61,India R. Thanga Dept: Computer Science Tamil University Thanjavur-61, India

More information

ndpi & Machine Learning A future concrete idea

ndpi & Machine Learning A future concrete idea ndpi & Machine Learning A future concrete idea 1. Conjunction between DPI & ML 2. Introduction to Tensorflow and ConvNet project Traffic classification approaches Category Classification methodology Attribute(s)

More information

ECE 697J Advanced Topics in Computer Networks

ECE 697J Advanced Topics in Computer Networks ECE 697J Advanced Topics in Computer Networks Network Measurement 12/02/03 Tilman Wolf 1 Overview Lab 3 requires performance measurement Throughput Collecting of packet headers Network Measurement Active

More information

Symantec Ransomware Protection

Symantec Ransomware Protection Symantec Ransomware Protection Protection Against Ransomware Defense in depth across all control points is required to stop ransomware @ Email Symantec Email Security.cloud, Symantec Messaging Gateway

More information

No Free Charge Theorem 2.0

No Free Charge Theorem 2.0 Riccardo Spolaor No Free Charge Theorem 2.0 University of Oxford, UK Riccardo Bonafede - University of Padua, IT Veelasha Moonsamy - Utrecht University, NL Mauro Conti - University of Padua, IT Disclaimer:

More information

Internet Traffic Classification using Machine Learning

Internet Traffic Classification using Machine Learning Internet Traffic Classification using Machine Learning by Alina Lapina 2018, UiO, INF5050 Alina Lapina, Master student at IFI, Full stack developer at Ciber Experis 2 Based on Thuy T. T. Nguyen, Grenville

More information

Anonymity C S A D VA N C E D S E C U R I T Y TO P I C S P R E S E N TAT I O N BY: PA N AY I OTO U M A R KO S 4 T H O F A P R I L

Anonymity C S A D VA N C E D S E C U R I T Y TO P I C S P R E S E N TAT I O N BY: PA N AY I OTO U M A R KO S 4 T H O F A P R I L Anonymity C S 6 8 2 A D VA N C E D S E C U R I T Y TO P I C S P R E S E N TAT I O N BY: PA N AY I OTO U M A R KO S 4 T H O F A P R I L 2 0 1 9 Tor: The Second- Generation Onion Router R. DINGLEDINE N.

More information

K Nearest Neighbor Wrap Up K- Means Clustering. Slides adapted from Prof. Carpuat

K Nearest Neighbor Wrap Up K- Means Clustering. Slides adapted from Prof. Carpuat K Nearest Neighbor Wrap Up K- Means Clustering Slides adapted from Prof. Carpuat K Nearest Neighbor classification Classification is based on Test instance with Training Data K: number of neighbors that

More information

Inferring the Source of Encrypted HTTP Connections

Inferring the Source of Encrypted HTTP Connections Inferring the Source of Encrypted HTTP Connections Marc Liberatore Brian Neil Levine 1 Private Communications? Does link encryption provide privacy? VPNs, SSH tunnels, WEP/WPA, etc. 2 Anonymous Communication?

More information

Network Control, Con t

Network Control, Con t Network Control, Con t CS 161 - Computer Security Profs. Vern Paxson & David Wagner TAs: John Bethencourt, Erika Chin, Matthew Finifter, Cynthia Sturton, Joel Weinberger http://inst.eecs.berkeley.edu/~cs161/

More information

Early Application Identification

Early Application Identification Early Application Identification Laurent Bernaille Renata Teixeira Kave Salamatian Université Pierre et Marie Curie - LIP6/CNRS Which applications run on my network? Internet Edge Network (campus, enterprise)

More information

Fishy Faces: Crafting Adversarial Images to Poison Face Authentication

Fishy Faces: Crafting Adversarial Images to Poison Face Authentication Fishy Faces: Crafting Adversarial Images to Poison Face Authentication Giuseppe Garofalo, Vera Rimmer, Tim Van hamme, Davy Preuveneers and Wouter Joosen WOOT 2018, August 13-14 (Baltimore, MD, USA) Face

More information

Introduction Challenges with using ML Guidelines for using ML Conclusions

Introduction Challenges with using ML Guidelines for using ML Conclusions Introduction Challenges with using ML Guidelines for using ML Conclusions Misuse detection Exact descriptions of known bad behavior Anomaly detection Deviations from profiles of normal behavior First proposed

More information

Network Security: Anonymity. Tuomas Aura T Network security Aalto University, Nov-Dec 2010

Network Security: Anonymity. Tuomas Aura T Network security Aalto University, Nov-Dec 2010 Network Security: Anonymity Tuomas Aura T-110.5240 Network security Aalto University, Nov-Dec 2010 Outline 1. Anonymity and privacy 2. High-latency anonymous routing 3. Low-latency anonymous routing Tor

More information

Statistical based Approach for Packet Classification

Statistical based Approach for Packet Classification Statistical based Approach for Packet Classification Dr. Mrudul Dixit 1, Ankita Sanjay Moholkar 2, Sagarika Satish Limaye 2, Devashree Chandrashekhar Limaye 2 Cummins College of engineering for women,

More information

Dissecting Tor Bridges A Security Evaluation of their Private and Public Infrastructures

Dissecting Tor Bridges A Security Evaluation of their Private and Public Infrastructures Dissecting Tor Bridges A Security Evaluation of their Private and Public Infrastructures Srdjan Matic, Carmela Troncoso, Juan Caballero Dublin 31 March 2017 Privacy in electronic communications Alice Bob

More information

Mapping Internet Sensors with Probe Response Attacks

Mapping Internet Sensors with Probe Response Attacks Mapping Internet Sensors with Probe Response Attacks John Bethencourt, Jason Franklin, and Mary Vernon {bethenco, jfrankli, vernon}@cs.wisc.edu Computer Sciences Department University of Wisconsin, Madison

More information

CSE 484 / CSE M 584: Computer Security and Privacy. Anonymity Mobile. Autumn Tadayoshi (Yoshi) Kohno

CSE 484 / CSE M 584: Computer Security and Privacy. Anonymity Mobile. Autumn Tadayoshi (Yoshi) Kohno CSE 484 / CSE M 584: Computer Security and Privacy Anonymity Mobile Autumn 2018 Tadayoshi (Yoshi) Kohno yoshi@cs.washington.edu Thanks to Dan Boneh, Dieter Gollmann, Dan Halperin, Ada Lerner, John Manferdelli,

More information

Time Distortion Anonymization for the Publication of Mobility Data with High Utility

Time Distortion Anonymization for the Publication of Mobility Data with High Utility Time Distortion Anonymization for the Publication of Mobility Data with High Utility Vincent Primault, Sonia Ben Mokhtar, Cédric Lauradoux and Lionel Brunie Mobility data usefulness Real-time traffic,

More information

The Internet today. Measuring the Internet: challenges and applications. Politecnico di Torino 7/12/2011. Speaker: Marco Mellia

The Internet today. Measuring the Internet: challenges and applications. Politecnico di Torino 7/12/2011. Speaker: Marco Mellia Measuring the Internet: challenges and applications Telecommunication Group presentation Speaker: Marco Mellia Politecnico di Torino 7/12/2011 The Internet today 2 A very complex scenario many eterogeneous

More information

SMART DEVICES: DO THEY RESPECT YOUR PRIVACY?

SMART DEVICES: DO THEY RESPECT YOUR PRIVACY? SMART DEVICES: DO THEY RESPECT YOUR PRIVACY? Systems and Mobile Research Lab, Department of Computer Science and Engineering INDIAN INSTITUTE OF TECHNOLOGY KHARAGPUR Presenter: Sandip Chakraborty sandipc@cse.iitkgp.ac.in

More information

Automated Application Signature Generation Using LASER and Cosine Similarity

Automated Application Signature Generation Using LASER and Cosine Similarity Automated Application Signature Generation Using LASER and Cosine Similarity Byungchul Park, Jae Yoon Jung, John Strassner *, and James Won-ki Hong * {fates, dejavu94, johns, jwkhong}@postech.ac.kr Dept.

More information

Mapping Internet Sensors with Probe Response Attacks

Mapping Internet Sensors with Probe Response Attacks Mapping Internet Sensors with Probe Response Attacks Computer Sciences Department University of Wisconsin, Madison Introduction Outline Background Example Attack Introduction to the Attack Basic Probe

More information

Privacy Preserving Ranked Multi-Keyword Search for Multiple Data Owners in Cloud Computing

Privacy Preserving Ranked Multi-Keyword Search for Multiple Data Owners in Cloud Computing S.NO PROJECT CODE IEEE JAVA PROJECT TITLES DOMAIN 1 NEO1501 A Hybrid Cloud Approach for Secure Authorized Deduplication 2 NEO1502 A Profit Maximization Scheme with Guaranteed Quality of Service in Cloud

More information

Digging into Anonymous Traffic: A Deep Analysis of the Tor Anonymizing Network

Digging into Anonymous Traffic: A Deep Analysis of the Tor Anonymizing Network 1 / 37 Digging into Anonymous Traffic: A Deep Analysis of the Anonymizing Network Abdelberi Chaabane, Pere Manils, Mohamed Ali Kaafar INRIA Rhônes-Alpes, FRANCE pere.manils@inrialpes.fr NSS, September

More information

NMLRG #4 meeting in Berlin. Mobile network state characterization and prediction. P.Demestichas (1), S. Vassaki (2,3), A.Georgakopoulos (2,3)

NMLRG #4 meeting in Berlin. Mobile network state characterization and prediction. P.Demestichas (1), S. Vassaki (2,3), A.Georgakopoulos (2,3) NMLRG #4 meeting in Berlin Mobile network state characterization and prediction P.Demestichas (1), S. Vassaki (2,3), A.Georgakopoulos (2,3) (1)University of Piraeus (2)WINGS ICT Solutions, www.wings-ict-solutions.eu/

More information

App-ID. PALO ALTO NETWORKS: App-ID Technology Brief

App-ID. PALO ALTO NETWORKS: App-ID Technology Brief App-ID Application Protocol Detection / Decryption Application Protocol Decoding Application Signature Heuristics App-ID is a patent-pending traffic classification technology that identifies more than

More information

arxiv: v1 [cs.cr] 14 Jan 2019

arxiv: v1 [cs.cr] 14 Jan 2019 Peel the onion: Recognition of Android apps behind the Tor Network arxiv:9.4434v [cs.cr] 4 Jan 29 Emanuele Petagna petagna.79537@studenti.uniroma.it Department of Computer, Control, and Management Engineering,

More information

Detecting Protected Layer-3 Rogue APs

Detecting Protected Layer-3 Rogue APs Detecting Protected Layer-3 Rogue APs Authors: Hongda Yin, Guanling Chen, and Jie Wang Department of Computer Science, University of Massachusetts Lowell Presenter: Bo Yan Department of Computer Science

More information

Most Common Security Threats (cont.)

Most Common Security Threats (cont.) Most Common Security Threats (cont.) Denial of service (DoS) attack Distributed denial of service (DDoS) attack Insider attacks. Any examples? Poorly designed software What is a zero-day vulnerability?

More information

Traffic Classification Using Visual Motifs: An Empirical Evaluation

Traffic Classification Using Visual Motifs: An Empirical Evaluation Traffic Classification Using Visual Motifs: An Empirical Evaluation Wilson Lian 1 Fabian Monrose 1 John McHugh 1,2 1 University of North Carolina at Chapel Hill 2 RedJack, LLC VizSec 2010 Overview Background

More information

Towards a collaborative, flow-based, distributed inter-domain Intrusion Detection System

Towards a collaborative, flow-based, distributed inter-domain Intrusion Detection System Towards a collaborative, flow-based, distributed inter-domain Intrusion Detection System Frank Tietze Institut für Technische Informatik Fakultät für Informatik frank.tietze@unibw.de 1 Structure Introduction

More information

Definition. Quantifying Anonymity. Anonymous Communication. How can we calculate how anonymous we are? Who you are from the communicating party

Definition. Quantifying Anonymity. Anonymous Communication. How can we calculate how anonymous we are? Who you are from the communicating party Definition Anonymous Communication Hiding identities of parties involved in communications from each other, or from third-parties Who you are from the communicating party Who you are talking to from everyone

More information

0x1A Great Papers in Computer Security

0x1A Great Papers in Computer Security CS 380S 0x1A Great Papers in Computer Security Vitaly Shmatikov http://www.cs.utexas.edu/~shmat/courses/cs380s/ Privacy on Public Networks Internet is designed as a public network Wi-Fi access points,

More information

CPSC 467: Cryptography and Computer Security

CPSC 467: Cryptography and Computer Security CPSC 467: Cryptography and Computer Security Michael J. Fischer Lecture 24a December 2, 2013 CPSC 467, Lecture 24a 1/20 Secure Shell (SSH) Transport Layer Security (TLS) Digital Rights Management and Trusted

More information

CS229 Final Project: Predicting Expected Response Times

CS229 Final Project: Predicting Expected Response Times CS229 Final Project: Predicting Expected Email Response Times Laura Cruz-Albrecht (lcruzalb), Kevin Khieu (kkhieu) December 15, 2017 1 Introduction Each day, countless emails are sent out, yet the time

More information

Efficient Private Set Intersection for a Decentralised Web of Trust

Efficient Private Set Intersection for a Decentralised Web of Trust Efficient Private Set Intersection for a Decentralised Web of Trust Álvaro García-Recuero October 31, 2017 Privacy-preserving protocols for the WWW in the age of mass surveillance and adversarial learning

More information

Clone Detection for Efficient System in Wireless Sensor Network Using Ad Hoc on Demand Distance Vector (AODVC)

Clone Detection for Efficient System in Wireless Sensor Network Using Ad Hoc on Demand Distance Vector (AODVC) Clone Detection for Efficient System in Wireless Sensor Network Using Ad Hoc on Demand Distance Vector (AODVC) Submitted By Ms. Rupika Yadav M Tech III Sem Co-guide Prof Vishal Tiwari Dept. of CSE Guide

More information

Detecting malware even when it is encrypted

Detecting malware even when it is encrypted Detecting malware even when it is encrypted Machine Learning for network HTTPS analysis František Střasák strasfra@fel.cvut.cz @FrenkyStrasak Sebastian Garcia sebastian.garcia@agents.fel.cvut.cz @eldracote

More information

Transport Layer Review

Transport Layer Review Transport Layer Review Mahalingam Mississippi State University, MS October 1, 2014 Transport Layer Functions Distinguish between different application instances through port numbers Make it easy for applications

More information

Onion Routing. Submitted By, Harikrishnan S Ramji Nagariya Sai Sambhu J

Onion Routing. Submitted By, Harikrishnan S Ramji Nagariya Sai Sambhu J Onion Routing Submitted By, Harikrishnan S Ramji Nagariya Sai Sambhu J Motivation Public Network Encryption does not hide Routing Information Traffic Analysis Who is Talking to Whom? by analyzing the traffic

More information

Network Security: Anonymity. Tuomas Aura T Network security Aalto University, Nov-Dec 2012

Network Security: Anonymity. Tuomas Aura T Network security Aalto University, Nov-Dec 2012 Network Security: Anonymity Tuomas Aura T-110.5241 Network security Aalto University, Nov-Dec 2012 Outline 1. Anonymity and privacy 2. High-latency anonymous routing 3. Low-latency anonymous routing Tor

More information

Port-Scanning Resistance in Tor Anonymity Network. Presented By: Shane Pope Dec 04, 2009

Port-Scanning Resistance in Tor Anonymity Network. Presented By: Shane Pope Dec 04, 2009 Port-Scanning Resistance in Tor Anonymity Network Presented By: Shane Pope (Shane.M.Pope@gmail.com) Dec 04, 2009 In partial fulfillment of the requirements for graduation with the Dean's Scholars Honors

More information

Knowledge-Defined Networking: Towards Self-Driving Networks

Knowledge-Defined Networking: Towards Self-Driving Networks Knowledge-Defined Networking: Towards Self-Driving Networks Albert Cabellos (UPC/BarcelonaTech, Spain) albert.cabellos@gmail.com 2nd IFIP/IEEE International Workshop on Analytics for Network and Service

More information

SVILUPPO DI UNA TECNICA DI RICONOSCIMENTO STATISTICO DI APPLICAZIONI SU RETE IP

SVILUPPO DI UNA TECNICA DI RICONOSCIMENTO STATISTICO DI APPLICAZIONI SU RETE IP UNIVERSITÀ DEGLI STUDI DI PARMA FACOLTÀ di INGEGNERIA Corso di Laurea Specialistica in Ingegneria delle Telecomunicazioni SVILUPPO DI UNA TECNICA DI RICONOSCIMENTO STATISTICO DI APPLICAZIONI SU RETE IP

More information

Basic Concepts in Intrusion Detection

Basic Concepts in Intrusion Detection Technology Technical Information Services Security Engineering Roma, L Università Roma Tor Vergata, 23 Aprile 2007 Basic Concepts in Intrusion Detection JOVAN GOLIĆ Outline 2 Introduction Classification

More information

ConfigSynth: A Formal Framework for Network Security Design Synthesis

ConfigSynth: A Formal Framework for Network Security Design Synthesis ConfigSynth: A Formal Framework for Network Security Design Synthesis Mohammad Ashiqur Rahman and Ehab Al-Shaer CyberDNA Research Center, UNC Charlotte Motivation Complexity of Security Configuration is

More information

Making life simpler for remote and mobile workers

Making life simpler for remote and mobile workers : Technology GoToMyPC Technology Making life simpler for remote and mobile workers Learn why GoToMyPC is the most secure, cost-effective and easy-to-use solution for providing remote access to the desktop.

More information

TLSkex: Harnessing virtual machine introspection for decrypting TLS communication

TLSkex: Harnessing virtual machine introspection for decrypting TLS communication 12 TLSkex: Harnessing virtual machine introspection for decrypting TLS communication Benjamin Taubmann, Dominik Dusold, Christoph Frädrich, Hans P. Reiser Juniorprofessur für Sicherheit in Informationssystemen

More information

Vulnerability Disclosure in the Age of Social Media: Exploiting Twitter for Predicting Real-World Exploits

Vulnerability Disclosure in the Age of Social Media: Exploiting Twitter for Predicting Real-World Exploits Vulnerability Disclosure in the Age of Social Media: Exploiting Twitter for Predicting Real-World Exploits Carl Sabottke Octavian Suciu Tudor Dumitraș University of Maryland 2 Problem Increasing number

More information

What's the buzz about HORNET?

What's the buzz about HORNET? 1 What's the buzz about HORNET? 2 You've probably all seen the news "Internet-scale anonymity" "Without sacrificing security, the network supports data transfer speeds of up to 93GBps" "can be scaled at

More information

CS 268: Computer Networking

CS 268: Computer Networking CS 268: Computer Networking L-24 Course Wrap-up Goals and Objectives Understand state-of-the-art in network protocols, architectures, and applications Process of networking research Constraints and thought

More information

Tale of a mobile application ruining the security of global solution because of a broken API design. SIGS Geneva 21/09/2016 Jérémy MATOS

Tale of a mobile application ruining the security of global solution because of a broken API design. SIGS Geneva 21/09/2016 Jérémy MATOS Tale of a mobile application ruining the security of global solution because of a broken API design SIGS Geneva 21/09/2016 Jérémy MATOS whois securingapps Developer background Spent last 10 years working

More information

Machine Learning with Python

Machine Learning with Python DEVNET-2163 Machine Learning with Python Dmitry Figol, SE WW Enterprise Sales @dmfigol Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session

More information

Enhancing Byte-Level Network Intrusion Detection Signatures with Context

Enhancing Byte-Level Network Intrusion Detection Signatures with Context Enhancing Byte-Level Network Intrusion Detection Signatures with Context Robin Sommer sommer@in.tum.de Technische Universität München Germany Vern Paxson vern@icir.org International Computer Science Institute

More information

Dimensionality reduction as a defense against evasion attacks on machine learning classifiers

Dimensionality reduction as a defense against evasion attacks on machine learning classifiers Dimensionality reduction as a defense against evasion attacks on machine learning classifiers Arjun Nitin Bhagoji and Prateek Mittal Princeton University DC-Area Anonymity, Privacy, and Security Seminar,

More information

ENEE 459-C Computer Security. Security protocols

ENEE 459-C Computer Security. Security protocols ENEE 459-C Computer Security Security protocols Key Agreement: Diffie-Hellman Protocol Key agreement protocol, both A and B contribute to the key Setup: p prime and g generator of Z p *, p and g public.

More information

communication Claudia Díaz Katholieke Universiteit Leuven Dept. Electrical Engineering g ESAT/COSIC October 9, 2007 Claudia Diaz (K.U.

communication Claudia Díaz Katholieke Universiteit Leuven Dept. Electrical Engineering g ESAT/COSIC October 9, 2007 Claudia Diaz (K.U. Introduction to anonymous communication Claudia Díaz Katholieke Universiteit Leuven Dept. Electrical Engineering g ESAT/COSIC October 9, 2007 Claudia Diaz (K.U.Leuven) 1 a few words on the scope of the

More information

I. Announcments II. What does ICANN (Internet Corporation for Assigned Names and Numbers) do? a. Draws up a contract with each registry b.

I. Announcments II. What does ICANN (Internet Corporation for Assigned Names and Numbers) do? a. Draws up a contract with each registry b. I. Announcments II. What does ICANN (Internet Corporation for Assigned Names and Numbers) do? a. Draws up a contract with each registry b. Runs an accreditation system for registrars c. Oversees IP addresses

More information

Machine Learning on Encrypted Data

Machine Learning on Encrypted Data Machine Learning on Encrypted Data Kim Laine Microsoft Research, Redmond WA January 5, 2017 Joint Mathematics Meetings 2017, Atlanta GA AMS-MAA Special Session on Mathematics of Cryptography Two Tracks

More information

Leveraging USB to Establish Host Identity

Leveraging USB to Establish Host Identity Leveraging USB to Establish Host Identity Adam Bates Kevin Butler Ryan Leonard Daniel Lowd Hanna Pruse NDSS 14, San Diego, CA, USA 25 February, 2014 Computer and Information Science Dude, ARE you getting

More information

DESIGN AND DEVELOPMENT OF MAC LAYER BASED DEFENSE ARCHITECTURE FOR ROQ ATTACKS IN WLAN

DESIGN AND DEVELOPMENT OF MAC LAYER BASED DEFENSE ARCHITECTURE FOR ROQ ATTACKS IN WLAN ------------------- CHAPTER 4 DESIGN AND DEVELOPMENT OF MAC LAYER BASED DEFENSE ARCHITECTURE FOR ROQ ATTACKS IN WLAN In this chapter, MAC layer based defense architecture for RoQ attacks in Wireless LAN

More information

Big Data - Security with Privacy

Big Data - Security with Privacy Big Data - Security with Privacy Elisa Bertino CS Department, Cyber Center, and CERIAS Purdue University Cyber Center Today we have technologies for Acquiring and sensing data Transmitting data Storing,

More information

THE SECOND GENERATION ONION ROUTER. Roger Dingledine Nick Mathewson Paul Syverson. -Presented by Arindam Paul

THE SECOND GENERATION ONION ROUTER. Roger Dingledine Nick Mathewson Paul Syverson. -Presented by Arindam Paul THE SECOND GENERATION ONION ROUTER Roger Dingledine Nick Mathewson Paul Syverson 1 -Presented by Arindam Paul Menu Motivation: Why do we need Onion Routing? Introduction : What is TOR? Basic TOR Design

More information

Privacy defense on the Internet. Csaba Kiraly

Privacy defense on the Internet. Csaba Kiraly Advanced Networking Privacy defense on the Internet Csaba Kiraly 1 Topics Anonymity on the Internet Chaum Mix Mix network & Onion Routing Low-latency anonymous routing 2 Anonymity: Chaum mix David L. Chaum

More information

Detecting and Blocking Encrypted Anonymous Traffic using Deep Packet Inspection

Detecting and Blocking Encrypted Anonymous Traffic using Deep Packet Inspection Detecting and Blocking Encrypted Anonymous Traffic using Deep Packet Inspection Parita Chandrakant Parekh 1, Prof. Jayshree Upadhyay 2 1 PG Scholar, ITSNS, GTU PG SCHOOL, Gujarat, India 2 Assistant Professor,

More information

The Invisible Threat of Modern Malware Lee Gitzes, CISSP Comm Solutions Company

The Invisible Threat of Modern Malware Lee Gitzes, CISSP Comm Solutions Company The Invisible Threat of Modern Malware Lee Gitzes, CISSP Comm Solutions Company November 12, 2014 Malware s Evolution Why the change? Hacking is profitable! Breaches and Malware are Projected to Cost $491

More information

FPGA based Network Traffic Analysis using Traffic Dispersion Graphs

FPGA based Network Traffic Analysis using Traffic Dispersion Graphs FPGA based Network Traffic Analysis using Traffic Dispersion Graphs 2 nd September, 2010 Faisal N. Khan, P. O. Box 808, Livermore, CA 94551 This work performed under the auspices of the U.S. Department

More information

Security and privacy in the smartphone ecosystem: Final progress report

Security and privacy in the smartphone ecosystem: Final progress report Security and privacy in the smartphone ecosystem: Final progress report Alexios Mylonas Athens University of Economics & Business Overview 2 Research Motivation Related work Objective Approach Methodology

More information

Big Data Analytics for Host Misbehavior Detection

Big Data Analytics for Host Misbehavior Detection Big Data Analytics for Host Misbehavior Detection Miguel Pupo Correia joint work with Daniel Gonçalves, João Bota (Vodafone PT) 2016 European Security Conference June 2016 Motivation Networks are complex,

More information

A Report on Modified Onion Routing and its Proof of Concept

A Report on Modified Onion Routing and its Proof of Concept A Report on Modified Onion Routing and its Proof of Concept Introduction: This document briefly describes the architecture, code layout, operation principles and testing covered in the implementation of

More information

Data Sources for Cyber Security Research

Data Sources for Cyber Security Research Data Sources for Cyber Security Research Melissa Turcotte mturcotte@lanl.gov Advanced Research in Cyber Systems, Los Alamos National Laboratory 14 June 2018 Background Advanced Research in Cyber Systems,

More information

Exploiting Data-Usage Statistics for Website Fingerprinting Attacks on Android

Exploiting Data-Usage Statistics for Website Fingerprinting Attacks on Android S C I E N C E P A S S I O N T E C H N O L O G Y Exploiting Data-Usage Statistics for Website Fingerprinting Attacks on Android Raphael Spreitzer, Simone Griesmayr, Thomas Korak, and Stefan Mangard IAIK,

More information

Analyzing Flow-based Anomaly Intrusion Detection using Replicator Neural Networks. Carlos García Cordero Sascha Hauke Max Mühlhäuser Mathias Fischer

Analyzing Flow-based Anomaly Intrusion Detection using Replicator Neural Networks. Carlos García Cordero Sascha Hauke Max Mühlhäuser Mathias Fischer Analyzing Flow-based Anomaly Intrusion Detection using Replicator Neural Networks Carlos García Cordero Sascha Hauke Max Mühlhäuser Mathias Fischer The Beautiful World of IoT 06.03.2018 garcia@tk.tu-darmstadt.de

More information

Distributed Systems. Lecture 14: Security. Distributed Systems 1

Distributed Systems. Lecture 14: Security. Distributed Systems 1 06-06798 Distributed Systems Lecture 14: Security Distributed Systems 1 What is security? policies and mechanisms threats and attacks Overview Security of electronic transactions secure channels authentication

More information

Demystifying Machine Learning

Demystifying Machine Learning Demystifying Machine Learning Dmitry Figol, WW Enterprise Sales Systems Engineer - Programmability @dmfigol CTHRST-1002 Agenda Machine Learning examples What is Machine Learning Types of Machine Learning

More information

Network Security: Anonymity. Tuomas Aura T Network security Aalto University, autumn 2015

Network Security: Anonymity. Tuomas Aura T Network security Aalto University, autumn 2015 Network Security: Anonymity Tuomas Aura T-110.5241 Network security Aalto University, autumn 2015 Outline 1. Anonymity and privacy 2. High-latency anonymous routing 3. Low-latency anonymous routing Tor

More information

Developing the Sensor Capability in Cyber Security

Developing the Sensor Capability in Cyber Security Developing the Sensor Capability in Cyber Security Tero Kokkonen, Ph.D. +358504385317 tero.kokkonen@jamk.fi JYVSECTEC JYVSECTEC - Jyväskylä Security Technology - is the cyber security research, development

More information

Distributed Systems. Lecture 14: Security. 5 March,

Distributed Systems. Lecture 14: Security. 5 March, 06-06798 Distributed Systems Lecture 14: Security 5 March, 2002 1 What is security? policies and mechanisms threats and attacks Overview Security of electronic transactions secure channels authentication

More information

Implementing Cisco Network Security (IINS) 3.0

Implementing Cisco Network Security (IINS) 3.0 Implementing Cisco Network Security (IINS) 3.0 COURSE OVERVIEW: Implementing Cisco Network Security (IINS) v3.0 is a 5-day instructor-led course focusing on security principles and technologies, using

More information

A Comprehensive CyberSecurity Policy

A Comprehensive CyberSecurity Policy A Comprehensive CyberSecurity Policy Review of ALL NGFW Capabilities Attack Surface Reduction From Complex to Comprehensive Before and After of a PANW customer 1 2 1 Enhanced Policy on the L7 layer Leverage

More information

BUILDING A NEXT-GENERATION FIREWALL

BUILDING A NEXT-GENERATION FIREWALL How to Add Network Intelligence, Security, and Speed While Getting to Market Faster INNOVATORS START HERE. EXECUTIVE SUMMARY Your clients are on the front line of cyberspace and they need your help. Faced

More information

IPSec. Slides by Vitaly Shmatikov UT Austin. slide 1

IPSec. Slides by Vitaly Shmatikov UT Austin. slide 1 IPSec Slides by Vitaly Shmatikov UT Austin slide 1 TCP/IP Example slide 2 IP Security Issues Eavesdropping Modification of packets in transit Identity spoofing (forged source IP addresses) Denial of service

More information

Computer Security. 15. Tor & Anonymous Connectivity. Paul Krzyzanowski. Rutgers University. Spring 2017

Computer Security. 15. Tor & Anonymous Connectivity. Paul Krzyzanowski. Rutgers University. Spring 2017 Computer Security 15. Tor & Anonymous Connectivity Paul Krzyzanowski Rutgers University Spring 2017 April 24, 2017 CS 419 2017 Paul Krzyzanowski 1 Private Browsing Browsers offer a "private" browsing modes

More information

The Next Generation Security Platform. Domenico Stranieri Pre- Sales Engineer Palo Alto Networks EMEA Italy

The Next Generation Security Platform. Domenico Stranieri Pre- Sales Engineer Palo Alto Networks EMEA Italy The Next Generation Security Platform Domenico Stranieri Pre- Sales Engineer Palo Alto Networks EMEA Italy The Next Generation Enterprise Security Platform Core Value Proposition An Enterprise Security

More information

Private Browsing. Computer Security. Is private browsing private? Goal. Tor & The Tor Browser. History. Browsers offer a "private" browsing modes

Private Browsing. Computer Security. Is private browsing private? Goal. Tor & The Tor Browser. History. Browsers offer a private browsing modes Private Browsing Computer Security 16. Tor & Anonymous Connectivity Paul Krzyzanowski Rutgers University Spring 2017 Browsers offer a "private" browsing modes Apple Private Browsing, Mozilla Private Browsing,

More information

Vendor: Citrix. Exam Code: 1Y Exam Name: Designing Citrix XenDesktop 7.6 Solutions. Version: Demo

Vendor: Citrix. Exam Code: 1Y Exam Name: Designing Citrix XenDesktop 7.6 Solutions. Version: Demo Vendor: Citrix Exam Code: 1Y0-401 Exam Name: Designing Citrix XenDesktop 7.6 Solutions Version: Demo DEMO QUESTION 1 Which option requires the fewest components to implement a fault-tolerant, load-balanced

More information

Machine Learning based session drop prediction in LTE networks and its SON aspects

Machine Learning based session drop prediction in LTE networks and its SON aspects Machine Learning based session drop prediction in LTE networks and its SON aspects Bálint Daróczy, András Benczúr Institute for Computer Science and Control (MTA SZTAKI) Hungarian Academy of Sciences Péter

More information

Design and Analysis of Efficient Anonymous Communication Protocols

Design and Analysis of Efficient Anonymous Communication Protocols Design and Analysis of Efficient Anonymous Communication Protocols Thesis Defense Aaron Johnson Department of Computer Science Yale University 7/1/2009 1 Acknowledgements Joan Feigenbaum Paul Syverson

More information

Internet Traffic Classification Using Machine Learning. Tanjila Ahmed Dec 6, 2017

Internet Traffic Classification Using Machine Learning. Tanjila Ahmed Dec 6, 2017 Internet Traffic Classification Using Machine Learning Tanjila Ahmed Dec 6, 2017 Agenda 1. Introduction 2. Motivation 3. Methodology 4. Results 5. Conclusion 6. References Motivation Traffic classification

More information
2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback