Mosaic: Quantifying Privacy Leakage in Mobile Networks
|
|
- Quentin Gilbert
- 5 years ago
- Views:
Transcription
1 Mosaic: Quantifying Privacy Leakage in Mobile Networks Ning Xia (Northwestern University) Han Hee Song (Narus Inc.) Yong Liao (Narus Inc.) Marios Iliofotou (Narus Inc.) Antonio Nucci (Narus Inc.) Zhi-Li Zhang (University of Minnesota) Aleksandar Kuzmanovic (Northwestern University)
2 Scenario Different footprints Different services IP 1 IP K IP 1 IP K ISP A CSP B Dynamic IP, CSP/ISP Different devices 2
3 Problem Other research work IP1 IPK ISP A IP1 IPK CSP B Input packet traces Tessellation Mosaic We are here! How much private information can be obtained and expanded about end users by monitoring network traffic? 3
4 Motivation I will know everything about everyone! IP1 IPK ISP A IP1 IPK CSP B Agencies Bad guys Mobile Traffic: Relevant: more personal information Challenging: frequent IP changes 4
5 Challenges How to track users when they hop over different IPs? Sessions: Flows(5-tuple) are grouped into sessions IP1" IP2" time" time" Traffic Markers: Identifiers in the traffic that can be used to differentiate users IP3" time" With Traffic Markers, it is possible to connect the users true identities to their sessions. 5
6 Datasets Dataset Source Description 3h-Dataset CSP-A Complete payload 9h-Dataset CSP-A Only HTTP headers Ground Truth Dataset CSP-B Payload & RADUIS info. 3h-Dataset: main dataset for most experiments 9h-Dataset: for quantifying privacy leakage Ground Truth Dataset: for evaluation of session attribution RADIUS: provide session owners 6
7 Methodology Overview IP 1 ISP A IP K Tessellation IP 1 CSP B IP K Traffic attribution Mapping from sessions to users Mosaic construction Via traffic markers Via activity fingerprinting Network data analysis Public web crawling Combine information from both network data and OSN profiles to infer the user mosaic. 7
8 Traffic Attribution via Traffic Markers Traffic Markers: Identifiers in the traffic to differentiate users Key/value pairs from HTTP header User IDs, device IDs or sessions IDs Domain Keywords Category Source osn1.com c_user=<osn1_id> OSN User ID Cookies osn2.com oauth_token=<osn2_id>-## OSN User ID HTTP header admob.com X-Admob-ISU Advertising HTTP header pandora.com user_id User ID Cookies google.com sid Session ID Cookies How can we select and evaluate traffic markers from network data? 8
9 Traffic Attribution via Traffic Markers OSN IDs as Anchors: The most popular user identifiers among all services Linked to user public profiles OSN Source Session Coverage OSN1 ID HTTP URL and cookies 1.3% OSN2 ID HTTP header 1.0% Top 2 OSN providers from North America Only 2.3% sessions contain OSN IDs OSN IDs can be used as anchors, but their coverage on sessions is too small 9
10 Traffic Attribution via Traffic Markers Block Generation: Group Sessions into Blocks IP" 1" IP" IP 1" OSN ID Block Other sessions? δ time" time" Session interval δ Depends on the CSP δ=60 seconds in our study Block Session group on the same IP from the same user Traffic markers shared by the same block 99K session blocks generated from the 12M sessions 10
11 Traffic Attribution via Traffic Markers Culling the Traffic Markers: OSN IDs are not enough Uniqueness: Can the traffic marker differentiate between users? Persistency: How long does a traffic marker remain the same? Score Uniqueness Persistency Uniqueness = 1 No two users will share the same google.com#sid value 0.9 admob.com #isu OSN1 ID mobclix.com mobclix.com #uid #uid pandora.com #user_id pandora.com #user_id mobclix.com #u #u mobclix.com mydas.mobi #mac-id mydas.mobi #mac-id Traffic markers Traffic markers google.com #sid google.com #sid craigslist.org #cl_b #cl_b craigslist.org Persistency ~= 1 The value of Google.com#sid remains the same for the same user nearly all the observation duration We pick 625 traffic markers with uniqueness = 1, persistency >
12 Traffic Attribution via Traffic Markers Traffic Attribution: Connecting the Dots Tessellation User T i ( ) IP 1" Same OSN ID IP 2" Same traffic marker IP 3" Traffic markers are the key in attributing sessions to the same user over different IP addresses 12
13 Traffic Attribution via Activity Fingerprinting What if a session block has no traffic markers? Assumption (Activity Fingerprinting): Users can be identified from the DNS names of their favorite services DNS names: Extracted 54,000 distinct DNS names Classified into 21 classes Activity Fingerprinting: Favorite (top-k) DNS names as the user s fingerprint Service classes Search Chat Dating E-commerce News Picture Service providers bing, google, yahoo skype, mtalk.googl.com plentyoffish, date amazon, ebay google, hotmail, yahoo msnbc, ew, cnn Flickr, picasa 13
14 Traffic Attribution via Activity Fingerprinting Fi : Top k DNS names from user as activity fingerprint : Uniqueness of the fingerprint (F i ) k = 4 k = 5 k = 6 k = 7 k = Normalized fingerprint DNS names IDs Y-axis: closer to 1, more distinct the fingerprint is X-axis: normalized by the total number of DNS names Mobile users can be identified by the DNS names from their preferred services 14
15 Traffic Attribution Evaluation Session Correct (Not complete) Not correct R i RADIUS user (Ground Truth) T i T j T i Tessellation user (Correct?) R i R j identified sessions/users Coverage = total sessions/users Accuracy on Covered Set correctly identified sessions/users = total identified sessions/users 15
16 Traffic Attribution Evaluation Evaluation Results Coverage User 15.70% 43.20% 69.00% Session 2.40% 49.80% 78.60% OSN ID extraction Via traffic markers Via activity fingerprinting Accuracy on Covered Set User Session 100% 99.30% 96.40% 100% 94.50% 92.50% OSN ID extraction Via traffic markers Via activity fingerprinting 16
17 Construction of User Mosaic Mosaic of Real-World User Alice Sub-classes: Residence, coordinates, city, state, and etc. Least gain Most gain Example MOSAIC with 12 information classes(tesserae): Information (Education, affiliation and etc.) from OSN profiles Information (Locations, devices and etc.) from user sessions 17
18 Quantifying Privacy Leakage Leakage from OSN profiles vs. from Network Data Both public OSN profiles & activity analysis Public OSN profiles only Activity analysis only OSN profiles provide static user information (education, interests) # of Users Analysis on network data provides real-time activities and locations 0 Device_info. Demographics Association Social_actvty Location Art_culture Education E-commerce Affiliation Entertainment Content_exch. News_info. Information from both sides can corroborate to each other Information from OSN profiles and network data complement and corroborate each other 18
19 Preventing User Privacy Leakage Protect traffic markers Traffic markers (OSN IDs and etc.) should be limited and encrypted Restrict 3 rd parties Third party applications/developers should be strongly regulated Protect user profiles OSN public profiles should be carefully obfuscated 19
20 Conclusions Prevalence in the use of OSNs leaves users true identities available in the network Tracking techniques used by mobile apps and services make traffic attribution easier Flows/sessions can be labeled with network users true identities, even without any identity leaks Various types of information can be gleaned to paint rich digital Mosaic about users 20
21 Mosaic: Quantifying Privacy Leakage in Mobile Network Thanks! 21
Mosaic: Quantifying Privacy Leakage in Mobile Networks
Mosaic: Quantifying Privacy Leakage in Mobile Networks Ning Xia, Han Hee Song, Yong Liao, Marios Iliofotou, Antonio Nucci, Zhi-Li Zhang, Aleksandar Kuzmanovic Northwestern University, Narus Inc., University
More informationIntroduction. Can we use Google for networking research?
Unconstrained Profiling of Internet Endpoints via Information on the Web ( Googling the Internet) Ionut Trestian1 Soups Ranjan2 Aleksandar Kuzmanovic1 Antonio Nucci2 1 Northwestern 2 Narus University Inc.
More informationOverall merit: 2. Weak reject (top 60-30%)
Sigcomm2013 Review #64A Updated Wednesday 27 Mar 2013 6:00:42pm CDT Overall merit: 4. Accept (top 15-5%) This paper presents a study that quantifies the amount of information that can be compiled on individual
More informationComputer Networks. Wenzhong Li. Nanjing University
Computer Networks Wenzhong Li Nanjing University 1 Chapter 8. Internet Applications Internet Applications Overview Domain Name Service (DNS) Electronic Mail File Transfer Protocol (FTP) WWW and HTTP Content
More informationEx-Ray: Detection of History-Leaking Browser Extensions
Ex-Ray: Detection of History-Leaking Browser Extensions Michael Weissbacher, Enrico Mariconti, Guillermo Suarez-Tangil, Gianluca Stringhini, William Robertson, Engin Kirda Northeastern University, University
More informationI. Announcments II. What does ICANN (Internet Corporation for Assigned Names and Numbers) do? a. Draws up a contract with each registry b.
I. Announcments II. What does ICANN (Internet Corporation for Assigned Names and Numbers) do? a. Draws up a contract with each registry b. Runs an accreditation system for registrars c. Oversees IP addresses
More informationUnderstanding Online Social Network Usage from a Network Perspective
Understanding Online Social Network Usage from a Network Perspective Fabian Schneider fabian@net.t-labs.tu-berlin.de Anja Feldmann Balachander Krishnamurthy Walter Willinger Work done while at AT&T Labs
More informationReview for Internet Introduction
Review for Internet Introduction What s the Internet: Two Views View 1: Nuts and Bolts View billions of connected hosts routers and switches protocols control sending, receiving of messages network of
More informationInformation Sharing and User Privacy in the Third-party Identity Management Landscape
Information Sharing and User Privacy in the Third-party Identity Management Landscape Anna Vapen¹, Niklas Carlsson¹, Anirban Mahanti², Nahid Shahmehri¹ ¹Linköping University, Sweden ²NICTA, Australia 2
More informationAutomated Application Signature Generation Using LASER and Cosine Similarity
Automated Application Signature Generation Using LASER and Cosine Similarity Byungchul Park, Jae Yoon Jung, John Strassner *, and James Won-ki Hong * {fates, dejavu94, johns, jwkhong}@postech.ac.kr Dept.
More informationThe Internet Advanced Research Projects Agency Network (ARPANET) How the Internet Works Transport Control Protocol (TCP)
The Internet, Intranets, and Extranets 1 The Internet The Internet is a collection of interconnected network of computers, all freely exchanging information. These computers use specialized software to
More informationThe Spoofer Project Inferring the Extent of Source Address Filtering on the Internet
The Spoofer Project Inferring the Extent of Source Address Filtering on the Internet Rob Beverly and Steve Bauer {rbeverly,bauer}@mit.edu The Spoofer Project Goal: Quantify the extent and nature of source
More informationHow Facebook knows exactly what turns you on
How Facebook knows exactly what turns you on We have developed our anti tracking system to combat a culture of user data collection which, we believe, has gone too far. These systems operate hidden from
More informationWeb, HTTP and Web Caching
Web, HTTP and Web Caching 1 HTTP overview HTTP: hypertext transfer protocol Web s application layer protocol client/ model client: browser that requests, receives, displays Web objects : Web sends objects
More informationWorldwide Release. Your world, Secured ND-IM005. Wi-Fi Interception System
Your world, Secured 2016 Worldwide Release System Overview Wi-Fi interception system is developed for police operations and searching of information leaks in the office premises, government agencies and
More informationBowie Senior Center Surfing the Web
Bowie Senior Center Surfing the Web (Without a wetsuit) Introduction Surfing the web is just another term for the activity of searching the Internet for web sites of interest. The Internet is a very powerful
More informationOn the challenges of network traffic classification with NetFlow/IPFIX
On the challenges of network traffic classification with NetFlow/IPFIX Pere Barlet-Ros Associate Professor at UPC BarcelonaTech (pbarlet@ac.upc.edu) Joint work with: Valentín Carela-Español, Tomasz Bujlow
More informationCS Paul Krzyzanowski
Computer Security 17. Tor & Anonymous Connectivity Anonymous Connectivity Paul Krzyzanowski Rutgers University Spring 2018 1 2 Anonymity on the Internet Often considered bad Only criminals need to hide
More informationWhat s a module? Some modules. it s so simple to make your page unique
How to guide What s a module? To create a functioning network without knowing about code, you need to be fluent in drag and drop. Webjam is made up of scores of modules. Modules are the tools that Webjam
More informationA Comprehensive Structure and Privacy Analysis of Tor Hidden Services. Iskander Sanchez-Rola, Davide Balzarotti, Igor Santos
The Onions Have Eyes: A Comprehensive Structure and Privacy Analysis of Tor Hidden Services Iskander Sanchez-Rola, Davide Balzarotti, Igor Santos Tor Hidden Services Provides anonymity through the onion
More informationCS 355. Computer Networking. Wei Lu, Ph.D., P.Eng.
CS 355 Computer Networking Wei Lu, Ph.D., P.Eng. Chapter 2: Application Layer Overview: Principles of network applications? Introduction to Wireshark Web and HTTP FTP Electronic Mail SMTP, POP3, IMAP DNS
More informationInternet Traffic Classification Using Machine Learning. Tanjila Ahmed Dec 6, 2017
Internet Traffic Classification Using Machine Learning Tanjila Ahmed Dec 6, 2017 Agenda 1. Introduction 2. Motivation 3. Methodology 4. Results 5. Conclusion 6. References Motivation Traffic classification
More informationChapter 2: Application Layer. Chapter 2 Application Layer. Some network apps. Application architectures. Chapter 2: Application layer
Chapter 2 Application Layer Computer Networking: A Top Down Approach, 5 th edition. Jim Kurose, Keith Ross Addison-Wesley, April 2009. Chapter 2: Application Layer Our goals: conceptual, implementation
More informationCLOAK OF VISIBILITY : DETECTING WHEN MACHINES BROWSE A DIFFERENT WEB
CLOAK OF VISIBILITY : DETECTING WHEN MACHINES BROWSE A DIFFERENT WEB CIS 601: Graduate Seminar Prof. S. S. Chung Presented By:- Amol Chaudhari CSU ID 2682329 AGENDA About Introduction Contributions Background
More informationHyperText Transfer Protocol
Outline Introduce Socket Programming Domain Name Service (DNS) Standard Application-level Protocols email (SMTP) HTTP HyperText Transfer Protocol Defintitions A web page consists of a base HTML-file which
More informationCMSC 332 Computer Networking Web and FTP
CMSC 332 Computer Networking Web and FTP Professor Szajda CMSC 332: Computer Networks Project The first project has been posted on the website. Check the web page for the link! Due 2/2! Enter strings into
More informationCSC Introduction to Computers and Their Applications
CSC 170 - Introduction to Computers and Their Applications Lecture 8 The World Wide Web What is the World Wide Web? The Web is not the Internet The Internet is a global data communications network The
More informationDATA MINING - 1DL105, 1DL111
1 DATA MINING - 1DL105, 1DL111 Fall 2007 An introductory class in data mining http://user.it.uu.se/~udbl/dut-ht2007/ alt. http://www.it.uu.se/edu/course/homepage/infoutv/ht07 Kjell Orsborn Uppsala Database
More informationObfuscation-Resilient Privacy Leak Detection for Mobile Apps Through Differential Analysis
Obfuscation-Resilient Privacy Leak Detection for Mobile Apps Through Differential Analysis Andrea Continella, Yanick Fratantonio, Martina Lindorfer, Alessandro Puccetti, Ali Zand, Christopher Kruegel,
More informationWeb Authentication using Third-parties in Untrusted Environments
Web Authentication using Third-parties in Untrusted Environments Anna Vapen PhD Thesis Presentation 2016-09-30 Supervisors: Nahid Shahmehri, Niklas Carlsson ***** 3 Agenda 1. Background 2. Research problems
More informationDefinition. Quantifying Anonymity. Anonymous Communication. How can we calculate how anonymous we are? Who you are from the communicating party
Definition Anonymous Communication Hiding identities of parties involved in communications from each other, or from third-parties Who you are from the communicating party Who you are talking to from everyone
More informationPersonal Internet Security Basics. Dan Ficker Twin Cities DrupalCamp 2018
Personal Internet Security Basics Dan Ficker Twin Cities DrupalCamp 2018 Overview Security is an aspiration, not a state. Encryption is your friend. Passwords are very important. Make a back-up plan. About
More information1-1. Switching Networks (Fall 2010) EE 586 Communication and. September Lecture 10
EE 586 Communication and Switching Networks (Fall 2010) Lecture 10 September 17 2010 1-1 Announcement Send me your group and get group ID HW3 (short) out on Monday Personal leave for next two weeks No
More informationDATA MINING II - 1DL460. Spring 2014"
DATA MINING II - 1DL460 Spring 2014" A second course in data mining http://www.it.uu.se/edu/course/homepage/infoutv2/vt14 Kjell Orsborn Uppsala Database Laboratory Department of Information Technology,
More informationMobile Malfeasance. Exploring Dangerous Mobile Code. Jason Haddix, Director of Penetration Testing
Mobile Malfeasance Exploring Dangerous Mobile Code Jason Haddix, Director of Penetration Testing Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to
More informationCSCE 463/612 Networks and Distributed Processing Spring 2018
CSCE 463/612 Networks and Distributed Processing Spring 2018 Application Layer II Dmitri Loguinov Texas A&M University February 6, 2018 Original slides copyright 1996-2004 J.F Kurose and K.W. Ross 1 Chapter
More informationWEB SECURITY: WEB BACKGROUND
WEB SECURITY: WEB BACKGROUND CMSC 414 FEB 20 2018 A very basic web architecture Client Server Browser Web server (Private) Data Database DB is a separate entity, logically (and often physically) A very
More informationretail Free popcorn today cinema All food 20% off women s clothing counter food court
retail Sundray supermarket and mall wireless solution combines wireless demands of shopping malls, supermarkets and chain stores into Facebook authentication, Wi-Fi advertising, marketing statistics, analysis
More informationTopGlobal MB8000 Hotspots Solution
MB8000 s MB8000 is a mobile/portable wireless communication gateway. It combines the best of Wi-Fi technology and 2.5G/3G mobile communication technology. WISP can deploy their wireless hotspots with MB8000
More informationLooking at the Internet with Google Chrome & Firefox. Scoville Memorial Library Claudia Cayne - September, 2010
Looking at the Internet with Google Chrome & Firefox Scoville Memorial Library Claudia Cayne - ccayne@biblio.org September, 2010 Google Chrome & Firefox are web browsers - the decoder you need to view
More informationBasic Layout. iphone/ipad Essential Training. Address/Search Bar. Moving around. Browsing the web via Safari February 20, 2018.
iphone/ipad Essential Training Browsing the web via Safari February 20, 2018 Bob Newcomb Basic Layout ipad has much more space to show things Favorites, tabs and navigation is on the top of the screen
More informationMEASURING AND FINGERPRINTING CLICK-SPAM IN AD NETWORKS
MEASURING AND FINGERPRINTING CLICK-SPAM IN AD NETWORKS Vacha Dave *, Saikat Guha and Yin Zhang * * The University of Texas at Austin Microsoft Research India Internet Advertising Today 2 Online advertising
More informationLecture 9a: Sessions and Cookies
CS 655 / 441 Fall 2007 Lecture 9a: Sessions and Cookies 1 Review: Structure of a Web Application On every interchange between client and server, server must: Parse request. Look up session state and global
More informationA Tale of Three CDNs
A Tale of Three CDNs An Active Measurement Study of Hulu and Its CDNs Vijay K Adhikari 1, Yang Guo 2, Fang Hao 2, Volker Hilt 2, and Zhi-Li Zhang 1 1 University of Minnesota - Twin Cities 2 Bell Labs,
More informationPrivate Information Leakage on the Mobile Web
Private Information Leakage on the Mobile Web Amanda Kirk, Stephen Rice, Zach Azar, Yipu Wang amankirk@cs.du.edu, steprice@cs.du.edu, ZachAzar@cs.du.edu, yipu.wang@du.edu 11/18/13 COMP 4704: Foundations
More informationSearching the Deep Web
Searching the Deep Web 1 What is Deep Web? Information accessed only through HTML form pages database queries results embedded in HTML pages Also can included other information on Web can t directly index
More informationUnit 4 The Web. Computer Concepts Unit Contents. 4 Web Overview. 4 Section A: Web Basics. 4 Evolution
Unit 4 The Web Computer Concepts 2016 ENHANCED EDITION 4 Unit Contents Section A: Web Basics Section B: Browsers Section C: HTML Section D: HTTP Section E: Search Engines 2 4 Section A: Web Basics 4 Web
More informationChapter 2 Application Layer
Chapter 2 Application Layer A note on the use of these ppt slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you see the animations;
More informationDevice Recognition Best Practices Guide
Copyright Information 2017. SecureAuth is a copyright of SecureAuth Corporation. SecureAuth s IdP software, appliances, and other products and solutions, are copyrighted products of SecureAuth Corporation.
More informationCampaign Goals, Objectives and Timeline SEO & Pay Per Click Process SEO Case Studies SEO, SEM, Social Media Strategy On Page SEO Off Page SEO
Campaign Goals, Objectives and Timeline SEO & Pay Per Click Process SEO Case Studies SEO, SEM, Social Media Strategy On Page SEO Off Page SEO Reporting Pricing Plans Why Us & Contact Generate organic search
More informationInformation Retrieval Spring Web retrieval
Information Retrieval Spring 2016 Web retrieval The Web Large Changing fast Public - No control over editing or contents Spam and Advertisement How big is the Web? Practically infinite due to the dynamic
More informationOutside the Box: Networks and The Internet
Outside the Box: Networks and The Internet Don Mason Associate Director Copyright 2011 National Center for Justice and the Rule of Law All Rights Reserved Inside vs. Outside Inside the Box What the computer
More informationCSC 401 Data and Computer Communications Networks
CSC 401 Data and Computer Communications Networks Application Layer: Cookies, Web Caching, SMTP Sec 2.2.4-2.4 Prof. Lina Battestilli Fall 2017 Outline Application Layer (ch 2) 2.1 principles of network
More informationTechnology in Action Complete, 13e (Evans et al.) Chapter 3 Using the Internet: Making the Most of the Web's Resources
Technology in Action Complete, 13e (Evans et al.) Chapter 3 Using the Internet: Making the Most of the Web's Resources 1) The Internet is. A) an internal communication system for businesses B) a communication
More informationHow to Configure Authentication and Access Control (AAA)
How to Configure Authentication and Access Control (AAA) Overview The Barracuda Web Application Firewall provides features to implement user authentication and access control. You can create a virtual
More informationELEC6910Q Analytics and Systems for Social Media and Big Data Applications Lecture 4. Prof. James She
ELEC6910Q Analytics and Systems for Social Media and Big Data Applications Lecture 4 Prof. James She james.she@ust.hk 1 Selected Works of Activity 4 2 Selected Works of Activity 4 3 Last lecture 4 Mid-term
More informationGlobal DDoS Measurements. Jose Nazario, Ph.D. NSF CyberTrust Workshop
Global DDoS Measurements Jose Nazario, Ph.D. jose@arbor.net NSF CyberTrust Workshop Quick Outline, Conclusions o Measurements - We re screwed o Observations - We know who o The wrong approach: point solutions
More informationInside vs. Outside. Inside the Box What the computer owner actually has possession of 1/18/2011
Outside the Box: Networks and The Internet Don Mason Associate Director Copyright 2011 National Center for Justice and the Rule of Law All Rights Reserved Inside vs. Outside Inside the Box What the computer
More information«On the Internet, nobody knows you are a dog» Twenty years later
«On the Internet, nobody knows you are a dog» Twenty years later This lecture is about identity and authenticity, but also other security properties. It is largely about the Internet, but some of this
More informationCan t you hear me knocking
Can t you hear me knocking Identification of user actions on Android apps via traffic analysis Candidate: Supervisor: Prof. Mauro Conti Riccardo Spolaor Co-Supervisor: Dr. Nino V. Verde April 17, 2014
More informationAuthentication CHAPTER 17
Authentication CHAPTER 17 Authentication Authentication is the process by which you decide that someone is who they say they are and therefore permitted to access the requested resources. getting entrance
More informationprecise rules that govern communication between two parties TCP/IP: the basic Internet protocols IP: Internet protocol (bottom level)
Protocols precise rules that govern communication between two parties TCP/IP: the basic Internet protocols IP: Internet protocol (bottom level) all packets shipped from network to network as IP packets
More informationComputer Security. 15. Tor & Anonymous Connectivity. Paul Krzyzanowski. Rutgers University. Spring 2017
Computer Security 15. Tor & Anonymous Connectivity Paul Krzyzanowski Rutgers University Spring 2017 April 24, 2017 CS 419 2017 Paul Krzyzanowski 1 Private Browsing Browsers offer a "private" browsing modes
More informationNo, the bogus packet will fail the integrity check (which uses a shared MAC key).!
1. High level questions a. Suppose Alice and Bob are communicating over an SSL session. Suppose an attacker, who does not have any of the shared keys, inserts a bogus TCP segment into a packet stream with
More informationPrivate Browsing. Computer Security. Is private browsing private? Goal. Tor & The Tor Browser. History. Browsers offer a "private" browsing modes
Private Browsing Computer Security 16. Tor & Anonymous Connectivity Paul Krzyzanowski Rutgers University Spring 2017 Browsers offer a "private" browsing modes Apple Private Browsing, Mozilla Private Browsing,
More informationDetecting Malicious Activity with DNS Backscatter Kensuke Fukuda John Heidemann Proc. of ACM IMC '15, pp , 2015.
Detecting Malicious Activity with DNS Backscatter Kensuke Fukuda John Heidemann Proc. of ACM IMC '15, pp. 197-210, 2015. Presented by Xintong Wang and Han Zhang Challenges in Network Monitoring Need a
More informationIntermediate WordPress Training
1 Intermediate WordPress Training Email Every library has two email addresses created by CNS and associated with the WordPress install. Both addresses use the email password sent in when the websites were
More informationInternet Lead Generation START with Your Own Web Site
Internet Lead Generation START with Your Own Web Site Matt Johnston, Santa Barbara Business College Mike McHugh, PlattForm Career College Association 2007 What s s The Big Deal? More Control Higher Quality
More informationPRIVACY POLICY Let us summarize this for you...
PRIVACY POLICY Let us summarize this for you... We promise to never sell your personal information. This site collects usage information to provide a better web experience for our users. If you purchase
More informationGlasnost: Enabling End Users to Detect Traffic Differentiation
Glasnost: Enabling End Users to Detect Traffic Differentiation Krishna P. Gummadi Networked Systems Research Group Networked Systems Research Group Max Planck Institute for Software Systems High-level
More informationManagement Information Systems
Telecommunications, the Internet, and Wireless Technology Lecturer: Richard Boateng, PhD. Lecturer in Information Systems, University of Ghana Business School Executive Director, PearlRichards Foundation,
More informationBrainCert Enterprise LMS. Learning Management System (LMS) documentation Administrator Guide Version 3.0
BrainCert Enterprise LMS Learning Management System (LMS) documentation Administrator Guide Version 3.0 1 P a g e Table of Contents... 3... 3... 4... 4... 5... 5... 6... 6... 8... 8... 9... 9... 10...
More informationDrafting Behind Akamai (Travelocity-Based Detouring)
(Travelocity-Based Detouring) Ao-Jan Su, David R. Choffnes, Aleksandar Kuzmanovic and Fabián E. Bustamante Department of EECS Northwestern University ACM SIGCOMM 2006 Drafting Detour 2 Motivation Growing
More informationNetwork traffic classification: From theory to practice
Network traffic classification: From theory to practice Pere Barlet-Ros Associate Professor at UPC BarcelonaTech Co-founder and Chairman at Polygraph.io Joint work with: Valentín Carela-Español, Tomasz
More informationCS 120 Digital Literacy, Chapter 5: p
CS 120 Digital Literacy, Chapter 5: p. 287-344 CS 120, Digital Literacy, Ch 5, p.1 Browsing & Searching the Internet: Web browser a software program that is used to display web pages. IE, Safari, Firefox,
More informationConfiguring Stickiness
CHAPTER 6 Date: 5/7/09 This section provides information about sticky behavior and procedures for configuring stickiness with the ANM. Sections include: Stickiness Overview, page 6-1 Configuring Sticky
More informationElectronic Mail. Three Components: SMTP SMTP. SMTP mail server. 1. User Agents. 2. Mail Servers. 3. SMTP protocol
SMTP Electronic Mail Three Components: 1. User Agents a.k.a. mail reader e.g., gmail, Outlook, yahoo 2. Mail Servers mailbox contains incoming messages for user message queue of outgoing (to be sent) mail
More informationOWASP Thailand. Proxy Caches and Web Application Security. OWASP AppSec Asia October 21, Using the Recent Google Docs 0-Day as an Example
Proxy Caches and Web Application Security Using the Recent Google Docs 0-Day as an Example Tim Bass, CISSP Chapter Leader, Thailand +66832975101, tim@unix.com AppSec Asia October 21, 2008 Thailand Worldwide
More informationCSC 257/457 Computer Networks. Fall 2017 MW 4:50 pm 6:05 pm CSB 601
CSC 257/457 Computer Networks Fall 2017 MW 4:50 pm 6:05 pm CSB 601 CHAPTER 2 (APPLICATION LAYER) User-server state: cookies many Web sites use cookies four components: 1) cookie header line of HTTP response
More informationDiscovering Computers Your Interactive Guide to the Digital World
Discovering Computers 2012 Your Interactive Guide to the Digital World Objectives Overview Discuss the evolution of the Internet Identify and briefly describe various broadband Internet connections and
More informationGood Fences Make Good Neighbors: Rethinking Your Cloud Selection Strategy
Good Fences Make Good Neighbors: Rethinking Your Cloud Selection Strategy SESSION ID: CSV-W01 Bryan D. Payne Director of Security Research Nebula @bdpsecurity Cloud Security Today Cloud has lots of momentum
More informationChapter 7. Local Area Network Communications Protocols
Chapter 7 Local Area Network Communications Protocols The Network Layer The third layer of the OSI Model is the network layer. The network layer is concerned with providing a means for hosts to communicate
More informationNetworked systems and their users
Networked systems and their users q The expansion of the Google serving infrastructure q A personalized livestreaming system q A platform for crowdsourcing web QoE measurements Mapping the expansion of
More informationExperimental Study of Skype. Skype Peer-to-Peer VoIP System
An Experimental Study of the Skype Peer-to-Peer VoIP System Saikat Guha (Cornell) Neil Daswani (Google) Ravi Jain (Google) IPTPS 2006 About Skype Voice over IP (VoIP) 50 million users Valued at $2.6 billion
More informationI. INFORMATION WE COLLECT
PRIVACY POLICY USIT PRIVACY POLICY Usit (the Company ) is committed to maintaining robust privacy protections for its users. Our Privacy Policy ( Privacy Policy ) is designed to help you understand how
More informationSearch Engines. Information Retrieval in Practice
Search Engines Information Retrieval in Practice All slides Addison Wesley, 2008 Web Crawler Finds and downloads web pages automatically provides the collection for searching Web is huge and constantly
More informationNetwork layer: Overview. Network layer functions IP Routing and forwarding NAT ARP IPv6 Routing
Network layer: Overview Network layer functions IP Routing and forwarding NAT ARP IPv6 Routing 1 Network Layer Functions Transport packet from sending to receiving hosts Network layer protocols in every
More informationWireless Detective Extreme System
Wireless Detective Extreme System Advanced Technology of Distributed Wireless Network Interception from Decision Group Product Marketing Division, Decision Group March 2011 Advanced technology of Distributed
More informationDETERMINATION OF THE PERFORMANCE
DETERMINATION OF THE PERFORMANCE OF ANDROID ANTI-MALWARE SCANNERS AV-TEST GmbH Klewitzstr. 7 39112 Magdeburg Germany www.av-test.org 1 CONTENT Abstract... 2 Determination of the Malware Detection Rate...
More informationComplex Interactions in Content Distribution Ecosystem and QoE
Complex Interactions in Content Distribution Ecosystem and QoE Zhi-Li Zhang Qwest Chair Professor & Distinguished McKnight University Professor Dept. of Computer Science & Eng., University of Minnesota
More informationFirespring Analytics
Firespring Analytics What do my website statistics mean? To answer this question, let's first consider how a web page is loaded. You've just typed in the address of a web page and hit go. Depending on
More informationNetwork layer: Overview. Network Layer Functions
Network layer: Overview Network layer functions IP Routing and forwarding NAT ARP IPv6 Routing 1 Network Layer Functions Transport packet from sending to receiving hosts Network layer protocols in every
More informationMsn hotmail login box
P ford residence southampton, ny Msn hotmail login box Hotmail inbox login methods There are many ways to login to the inbox of your Hotmail account. You can use the MSN website, Livemail domain, Hotmail
More informationStep by Step process to activate guest access in Microsoft Teams.
Step by Step process to activate guest access in Microsoft Teams. External access with Microsoft Teams Microsoft Teams has started allowing guest access in organization to collaborate or communicate with
More informationPrivacy. CS Computer Security Profs. Vern Paxson & David Wagner
Privacy CS 161 - Computer Security Profs. Vern Paxson & David Wagner TAs: John Bethencourt, Erika Chin, Matthew Finifter, Cynthia Sturton, Joel Weinberger http://inst.eecs.berkeley.edu/~cs161/ March 31,
More informationLoad Balancing Technology White Paper
Load Balancing Technology White Paper Keywords: Server, gateway, link, load balancing, SLB, LLB Abstract: This document describes the background, implementation, and operating mechanism of the load balancing
More informationComputer Networks. HTTP and more. Jianping Pan Spring /20/17 CSC361 1
Computer Networks HTTP and more Jianping Pan Spring 2017 1/20/17 CSC361 1 First things first W1 due next Monday (Jan 23) submit a single PDF file through connex Noah posted a docx for for questions on
More informationSEO and UAEX.EDU GETTING YOUR WEB PAGES FOUND IN GOOGLE
SEO and UAEX.EDU GETTING YOUR WEB PAGES FOUND IN GOOGLE What is Search Engine Optimization? SEO is a marketing discipline focused on growing visibility in organic (non-paid) search engine results. Why
More informationNaming. Brighten Godfrey cs598pbg Sept slides 2010 by Brighten Godfrey unless otherwise noted
Naming Brighten Godfrey cs598pbg Sept 23 2010 slides 2010 by Brighten Godfrey unless otherwise noted Announcements Presentations are not on the assigned reading We all read it; no need to see a detailed
More informationLecture 12. Application Layer. Application Layer 1
Lecture 12 Application Layer Application Layer 1 Agenda The Application Layer (continue) Web and HTTP HTTP Cookies Web Caches Simple Introduction to Network Security Various actions by network attackers
More information