Share Count Analysis HEADERS
|
|
- Byron Chase
- 6 years ago
- Views:
Transcription
1 Measuring Network Privacy with It s 11PM. DO YOU KNOW WHERE YOUR Share Count Analysis HEADERS ARE? David Naylor Peter Steenkiste
2 GOAL measure how private a network architecture or protocol is
3 GOAL measure how private a network architecture or protocol is 1 What is Privacy? 2 Threat Model 3 Indicators Can the adversary learn sender? learn receiver? link flows? WHO WHAT HISTORY
4 GOAL measure how private a network architecture or protocol is 1 What is Privacy? 2 Threat Model 3 Indicators Global, passive adversary. CAN: Observe traffic on any link/device. CANNOT: Modify, drop, or inject packets.
5 GOAL measure how private a network architecture or protocol is 1 What is Privacy? 2 Threat Model 3 Indicators Adversary learns from: Headers Topology Timing
6 Choice of indicators has a big impact on measurement tool Headers Topology Timing WHAT YOU MEASURE Properties of an architecture WHAT YOU MEASURE Properties of a deployed network HOW YOU MEASURE Model headers and devices HOW YOU MEASURE Model topology and traffic
7 Choice of indicators has a big impact on measurement tool Headers Topology Timing WHAT YOU MEASURE Properties of an architecture WHAT YOU MEASURE Properties of a deployed network HOW YOU MEASURE Model headers and devices HOW YOU MEASURE Model topology and traffic SHARE COUNT ANALYSIS PRIOR WORK
8 Share Count Analysis Model header information leakage Model how devices modify headers Measure leakage over test path
9 Share Count Analysis Model header information leakage Model how devices modify headers Measure leakage over test path
10 1 Model header information leakage
11 1 Model header information leakage replace headers with generic, privacy-related meta-fields
12 replace headers with generic, privacy-related meta-fields IP Header Protocol Source IP Address Destination IP Address Source Port Transport Header Destination Port
13 1 Model header information leakage replace headers with generic, privacy-related meta-fields
14 1 Model header information leakage replace headers with generic, privacy-related meta-fields share counts indicate how many entities could share the same value
15 1 Model header information leakage replace headers with generic, privacy-related meta-fields share counts indicate how many entities could share the same value body is opaque value only used to link multiple sightings of a packet
16 1 Model header information leakage replace headers with generic, privacy-related meta-fields share counts indicate how many entities could share the same value body is opaque value only used to link multiple sightings of a packet
17 Share Count Analysis Model header information leakage Model how devices modify headers Measure leakage over test path
18 Share Count Analysis Model header information leakage Model how devices modify headers Measure leakage over test path
19 2 Model how devices modify headers which fields are updated? what are the new share counts? NAT = { update_fields: sender, flow new_share_counts: sender: Hn } H n = # hosts in source network
20 Share Count Analysis Model header information leakage Model how devices modify headers Measure leakage over test path
21 Share Count Analysis Model header information leakage Model how devices modify headers Measure leakage over test path
22 3 Measure leakage over test path STEP ONE: Forward test packet S-1 N-1 D-1 F H 1 P-1 S-2 N-1 D-1 F-2 H n 1 H 1 P-1 S-3 N-2 D-2 F-3 H N 1 1 P-2 Sender NAT Tor Relay Receiver H = # hosts N = # networks H n = # hosts in source network
23 STEP ONE: Forward test packet S-1 N-1 D-1 F H 1 P-1 S-2 N-1 D-1 F-2 H n 1 H 1 P-1 S-3 N-2 D-2 F-3 H N 1 1 P-2 Sender NAT Tor Relay Receiver STEP TWO: Save snapshots at vantage points S-1 N-1 D-1 F H 1 P-1 S-2 N-1 D-1 F-2 H n 1 H 1 P-1 S-3 N-2 D-2 F-3 H N 1 1 P-2
24 STEP ONE: Forward test packet S-1 N-1 D-1 F H 1 P-1 S-2 N-1 D-1 F-2 H n 1 H 1 P-1 S-3 N-2 D-2 F-3 H N 1 1 P-2 Sender NAT Tor Relay STEP TWO: Save snapshots at vantage points Receiver STEP THREE: Group linkable snapshots == P-1 S-1 N-1 D-1 F H 1 P-1 == P-2 S-3 N-2 D-2 F-3 H N 1 1 P-2 S-2 N-1 D-1 F-2 H n 1 H 1 P-1
25 STEP ONE: Forward test packet S-1 N-1 D-1 F H 1 P-1 S-2 N-1 D-1 F-2 H n 1 H 1 P-1 S-3 N-2 D-2 F-3 H N 1 1 P-2 Sender NAT Tor Relay STEP TWO: Save snapshots at vantage points STEP THREE: Group linkable snapshots Receiver == P-1 S-1 N-1 D-1 F H 1 P-1 == P-2 S-3 N-2 D-2 F-3 H N 1 1 P-2 S-2 N-1 D-1 F-2 H n 1 H 1 P-1 STEP FOUR: Find minimum share counts for each group 1 1 H 1 P-1 P-2 H N 1 1
26 Minimum share counts tell us what the adversary learned 1 1 H 1 P-1 P-2 H N 1 1 learn sender? learn receiver? link flows? WHO WHAT HISTORY
27 Minimum share counts tell us what the adversary learned 1 1 H 1 P-1 P-2 H N 1 1 learn sender? learn receiver? link flows? src net share count == 1 dest share count == 1 sender share count == 1 && dest share count == 1
28 Share Count Analysis Model header information leakage Model how devices modify headers Measure leakage over test path
29 Share Count Analysis Model header information leakage Model how devices modify headers Measure leakage over test path
30 Open Questions 1 Automate meta-field and device specs? From traces? From code? From high-level protocol spec? Ease of Use 2 Does our model capture all architectures? Path-based architectures? In-network state (e.g., MPLS, NDN)? Generality 3 Analyze payloads of common protocols e.g., DHCP, DNS, & TLS handshake Completeness 4 Analyze instances of an architecture Use topology and timing to limit share counts? Completeness
31 Measuring Network Privacy with It s 11PM. DO YOU KNOW WHERE YOUR Share Count Analysis HEADERS ARE? David Naylor Peter Steenkiste
A SIMPLE INTRODUCTION TO TOR
A SIMPLE INTRODUCTION TO TOR The Onion Router Fabrizio d'amore May 2015 Tor 2 Privacy on Public Networks Internet is designed as a public network Wi-Fi access points, network routers see all traffic that
More informationPersonalized Pseudonyms for Servers in the Cloud. Qiuyu Xiao (UNC-Chapel Hill) Michael K. Reiter (UNC-Chapel Hill) Yinqian Zhang (Ohio State Univ.
Personalized Pseudonyms for Servers in the Cloud Qiuyu Xiao (UNC-Chapel Hill) Michael K. Reiter (UNC-Chapel Hill) Yinqian Zhang (Ohio State Univ.) Background Server s identity is not well protected with
More information0x1A Great Papers in Computer Security
CS 380S 0x1A Great Papers in Computer Security Vitaly Shmatikov http://www.cs.utexas.edu/~shmat/courses/cs380s/ Privacy on Public Networks Internet is designed as a public network Wi-Fi access points,
More informationTABLE OF CONTENTS CHAPTER TITLE PAGE
vii TABLE OF CONTENTS CHAPTER TITLE PAGE DECLARATION ACKNOWLEDGMENT ABSTRACT ABSTRAK TABLE OF CONTENTS LIST OF TABLES LIST OF FIGURES LIST OF APPENDICES ii iv v vi vii xiii xiv xvi 1 OVERVIEW 1 1.1 Introducation
More informationAnonymity C S A D VA N C E D S E C U R I T Y TO P I C S P R E S E N TAT I O N BY: PA N AY I OTO U M A R KO S 4 T H O F A P R I L
Anonymity C S 6 8 2 A D VA N C E D S E C U R I T Y TO P I C S P R E S E N TAT I O N BY: PA N AY I OTO U M A R KO S 4 T H O F A P R I L 2 0 1 9 Tor: The Second- Generation Onion Router R. DINGLEDINE N.
More informationmctls: enabling secure in-network functionality in TLS
mctls: enabling secure in-network functionality in TLS David Naylor Kyle Schomp Matteo Varvello Ilias Leontiadis Jeremy Blackburn Diego Lopez Dina Papagiannaki Pablo Rodriguez Rodriguez Peter Steenkiste
More informationSoftware Defined Networking
Software Defined Networking Daniel Zappala CS 460 Computer Networking Brigham Young University Proliferation of Middleboxes 2/16 a router that manipulatees traffic rather than just forwarding it NAT rewrite
More informationCapsulated NATS. <draft-kuniaki-capsulated-nats-03.txt> Kuniaki KONDO, Intec NetCore draft-kuniaki-capsulated-nats-03 1
Capsulated NATS Kuniaki KONDO, Intec NetCore kuniaki@nats-project.org draft-kuniaki-capsulated-nats-03 1 What is the NATS Network Address Translation with Sub- Address
More informationRAPTOR: Routing Attacks on Privacy in Tor. Yixin Sun. Princeton University. Acknowledgment for Slides. Joint work with
RAPTOR: Routing Attacks on Privacy in Tor Yixin Sun Princeton University Joint work with Annie Edmundson, Laurent Vanbever, Oscar Li, Jennifer Rexford, Mung Chiang, Prateek Mittal Acknowledgment for Slides
More informationInternet Networking recitation #
recitation # UDP NAT Traversal Winter Semester 2013, Dept. of Computer Science, Technion 1 UDP NAT Traversal problems 2 A sender from the internet can't pass a packet through a NAT to a destination host.
More informationComputer Science 461 Final Exam May 22, :30-3:30pm
NAME: Login name: Computer Science 461 Final Exam May 22, 2012 1:30-3:30pm This test has seven (7) questions, each worth ten points. Put your name on every page, and write out and sign the Honor Code pledge
More informationDifferent Layers Lecture 20
Different Layers Lecture 20 10/15/2003 Jian Ren 1 The Network Layer 10/15/2003 Jian Ren 2 Network Layer Functions Transport packet from sending to receiving hosts Network layer protocols in every host,
More informationUsing NAT in Overlapping Networks
Using NAT in Overlapping Networks Document ID: 13774 Contents Introduction Prerequisites Requirements Components Used Conventions Configure Network Diagram Configurations Verify Troubleshoot Related Information
More informationThe trace file is here: https://kevincurran.org/com320/labs/wireshark/trace-udp.pcap
Lab Exercise UDP Objective To look at the details of UDP (User Datagram Protocol). UDP is a transport protocol used throughout the Internet as an alternative to TCP when reliability is not required. It
More informationPROGRAMMING Kyriacou E. Frederick University Cyprus. Network communication examples
ACSC424 NETWORK APPLICATION PROGRAMMING Kyriacou E. Frederick University Cyprus communication examples The OSI reference model (proposed by ISO) Application A Application B 2 Application Application Presentation
More informationCMPE 80N: Introduction to Networking and the Internet
CMPE 80N: Introduction to Networking and the Internet Katia Obraczka Computer Engineering UCSC Baskin Engineering Lecture 17 CMPE 80N Spring'10 1 Announcements Next class: Presentation of fun projects
More informationChapter 32 Security in the Internet: IPSec, SSL/TLS, PGP,
Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls 32.1 Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. 32.2 Figure 32.1 Common structure
More informationsurveillance & anonymity cs642 computer security adam everspaugh
surveillance & anonymity cs642 computer security adam everspaugh ace@cs.wisc.edu today Internet-wide scanning, zmap Massive surveillance, packet inspection Anonymous browsing, TOR TCP handshake Client
More information4. The transport layer
4.1 The port number One of the most important information contained in the header of a segment are the destination and the source port numbers. The port numbers are necessary to identify the application
More informationCSC 4900 Computer Networks: Security Protocols (2)
CSC 4900 Computer Networks: Security Protocols (2) Professor Henry Carter Fall 2017 Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message Integrity 8.4 End point Authentication
More informationanonymous routing and mix nets (Tor) Yongdae Kim
anonymous routing and mix nets (Tor) Yongdae Kim Significant fraction of these slides are borrowed from CS155 at Stanford 1 q Why? Anonymous web browsing 1. Discuss health issues or financial matters anonymously
More informationECE 697J Advanced Topics in Computer Networks
ECE 697J Advanced Topics in Computer Networks Network Measurement 12/02/03 Tilman Wolf 1 Overview Lab 3 requires performance measurement Throughput Collecting of packet headers Network Measurement Active
More informationDetecting the Auto-configuration Attacks on IPv4 and IPv6 Networks
Detecting the Auto-configuration Attacks on IPv4 and IPv6 Networks He Li Hosei University, Tokyo 184-8584, Japan he.li.ge@stu.hosei.ac.jp Abstract Auto-configuration is a mechanism, which assigns IP address,
More informationThe Tor Network. Cryptography 2, Part 2, Lecture 6. Ruben Niederhagen. June 16th, / department of mathematics and computer science
The Tor Network Cryptography 2, Part 2, Lecture 6 Ruben Niederhagen June 16th, 2014 Tor Network Introduction 2/33 Classic goals of cryptography: confidentiality, data integrity, authentication, and non-repudiation.
More informationFundamental Questions to Answer About Computer Networking, Jan 2009 Prof. Ying-Dar Lin,
Fundamental Questions to Answer About Computer Networking, Jan 2009 Prof. Ying-Dar Lin, ydlin@cs.nctu.edu.tw Chapter 1: Introduction 1. How does Internet scale to billions of hosts? (Describe what structure
More informationAnonymity. Assumption: If we know IP address, we know identity
03--4 Anonymity Some degree of anonymity from using pseudonyms However, anonymity is always limited by address TCP will reveal your address address together with ISP cooperation Anonymity is broken We
More informationCSC Network Security
CSC 474 -- Security Topic 9. Firewalls CSC 474 Dr. Peng Ning 1 Outline Overview of Firewalls Filtering Firewalls Proxy Servers CSC 474 Dr. Peng Ning 2 Overview of Firewalls CSC 474 Dr. Peng Ning 3 1 Internet
More informationIPv6 : Internet Protocol Version 6
IPv6 : Internet Protocol Version 6 History Internet growth was faster than anticipated In early 1990 s, it was realized that we may run out of IPv4 addresses somewhere between 2000 and 2010 Also, experiences
More informationHistory. IPv6 : Internet Protocol Version 6. IPv4 Year-Wise Allocation (/8s)
History IPv6 : Internet Protocol Version 6 Internet growth was faster than anticipated In early 1990 s, it was realized that we may run out of IPv4 addresses somewhere between 2000 and 2010 Also, experiences
More informationInternet Protocol and Transmission Control Protocol
Internet Protocol and Transmission Control Protocol CMSC 414 November 13, 2017 Internet Protcol Recall: 4-bit version 4-bit hdr len 8-bit type of service 16-bit total length (bytes) 8-bit TTL 16-bit identification
More informationAsheville-Buncombe Technical Community College Department of Networking Technology. Course Outline
Course Number: NET 226 Course Title: Routing and Switching II Class Hours: 1 Lab Hours: 4 Credit Hours: 3 Course Description: This course introduces WAN theory and design, WAN technology, PPP, Frame Relay,
More informationTransport Layer TCP & UDP Week 7. Module : Computer Networks Lecturers : Lucy White Office : 324
Transport Layer TCP & UDP Week 7 Module : Computer Networks Lecturers : Lucy White lbwhite@wit.ie Office : 324 1 Purpose of the Transport Layer The Transport layer provides for the segmentation of data
More informationOn the Internet, nobody knows you re a dog.
On the Internet, nobody knows you re a dog. THREATS TO DISTRIBUTED APPLICATIONS 1 Jane Q. Public Big Bank client s How do I know I am connecting to my bank? server s Maybe an attacker...... sends you phishing
More informationCSC 4900 Computer Networks: Network Layer
CSC 4900 Computer Networks: Network Layer Professor Henry Carter Fall 2017 Chapter 4: Network Layer 4. 1 Introduction 4.2 What s inside a router 4.3 IP: Internet Protocol Datagram format 4.4 Generalized
More informationIPv6 Addressing. There are three types of IPV6 Addresses. Unicast:Multicast:Anycast
IPv6 Addressing There are three types of IPV6 Addresses. Unicast:Multicast:Anycast Unicast IPv6 addresses A unicast address identifies a single interface within the scope of the type of unicast address.
More informationUNIT IV -- TRANSPORT LAYER
UNIT IV -- TRANSPORT LAYER TABLE OF CONTENTS 4.1. Transport layer. 02 4.2. Reliable delivery service. 03 4.3. Congestion control. 05 4.4. Connection establishment.. 07 4.5. Flow control 09 4.6. Transmission
More informationAddressing protocols. TELE3118 lecture notes Copyright by Tim Moors Aug-09. Copyright Aug-09, Tim Moors
Addressing protocols TELE3118 lecture notes Copyright by Tim Moors Aug-09 2 Which address(es) to use? How does source determine addresses when sending to www.example.com? o Source has its MAC address o
More informationCSEN 503 Introduction to Communication Networks. Mervat AbuElkheir Hana Medhat Ayman Dayf. ** Slides are attributed to J. F.
CSEN 503 Introduction to Communication Networks Mervat AbuElkheir Hana Medhat Ayman Dayf ** Slides are attributed to J. F. Kurose Chapter 3 outline Transport-layer services Multiplexing and demultiplexing
More informationTopology of the Internet. Autonomous Systems (AS) Two-Level Routing. Why are there different Protocols?
Topology of the Internet Autonomous Systems (AS) The global Internet consists of Autonomous Systems (AS) interconnected with each other: - Collection of routers under same administrative control, all running
More informationEarthLink Business SIP Trunking. Allworx 6x IP PBX SIP Proxy Customer Configuration Guide
EarthLink Business SIP Trunking Allworx 6x IP PBX SIP Proxy Customer Configuration Guide Publication History First Release: Version 1.0 August 30, 2011 CHANGE HISTORY Version Date Change Details Changed
More informationLab Exercise UDP. Objective. Requirements. Step 1: Capture a Trace
Lab Exercise UDP Objective To look at the details of UDP (User Datagram Protocol). UDP is a transport protocol used throughout the Internet as an alternative to TCP when reliability is not required. It
More informationNetwork Control, Con t
Network Control, Con t CS 161 - Computer Security Profs. Vern Paxson & David Wagner TAs: John Bethencourt, Erika Chin, Matthew Finifter, Cynthia Sturton, Joel Weinberger http://inst.eecs.berkeley.edu/~cs161/
More informationNetwork and Security: Introduction
Network and Security: Introduction Seungwon Shin KAIST Some slides are from Dr. Srinivasan Seshan Some slides are from Dr. Nick Mckeown Network Overview Computer Network Definition A computer network or
More informationCSEP 561 Internetworking. David Wetherall
CSEP 561 Internetworking David Wetherall djw@cs.washington.edu Internetworking t Focus: Joining multiple, different networks into one larger network Forwarding models Application Heterogeneity Transport
More informationZeroStack Quick Start Guide
Self Driving Cloud @ZeroStackInc sales@zerostack.com www.zerostack.com ZeroStack Quick Start Guide Version 2.0 Copyright 2016 ZeroStack, Inc. All rights reserved. This product is protected by U.S. and
More informationMapping of Address and Port Using Translation
The feature provides connectivity to IPv4 hosts across IPv6 domains. Mapping of address and port using translation (MAP-T) is a mechanism that performs double translation (IPv4 to IPv6 and vice versa)
More informationCommunication Systems DHCP
Communication Systems DHCP Computer Science Copyright Warning This lecture is already stolen If you copy it please ask the author Prof. Dr. Gerhard Schneider like I did 2 Internet Protocol the Universal
More informationNetworking Potpourri: Plug-n-Play, Next Gen
Networking Potpourri: Plug-n-Play, Next Gen 14-740: Fundamentals of Computer Networks Bill Nace Material from Computer Networking: A Top Down Approach, 6 th edition. J.F. Kurose and K.W. Ross Administrivia
More informationLesson 9 OpenFlow. Objectives :
1 Lesson 9 Objectives : is new technology developed in 2004 which introduce Flow for D-plane. The Flow can be defined any combinations of Source/Destination MAC, VLAN Tag, IP address or port number etc.
More informationNE-2277 Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure: Network Services
NE-2277 Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure: Network Services Summary Duration 5 Days Audience IT Professionals Level 300 Technology Microsoft
More informationIPSec. Slides by Vitaly Shmatikov UT Austin. slide 1
IPSec Slides by Vitaly Shmatikov UT Austin slide 1 TCP/IP Example slide 2 IP Security Issues Eavesdropping Modification of packets in transit Identity spoofing (forged source IP addresses) Denial of service
More informationPluggable Transports Roadmap
Pluggable Transports Roadmap Steven J. Murdoch and George Kadianakis steven.murdoch@cl.cam.ac.uk,asn@torproject.org Tor Tech Report 2012-03-003 March 17, 2012 Abstract Of the currently available pluggable
More informationEECS 3214 Final Exam Winter 2017 April 19, 2017 Instructor: S. Datta. 3. You have 180 minutes to complete the exam. Use your time judiciously.
EECS 3214 Final Exam Winter 2017 April 19, 2017 Instructor: S. Datta Name (LAST, FIRST): Student number: Instructions: 1. If you have not done so, put away all books, papers, and electronic communication
More informationComputer Networks. Course Reference Model. Topic. Error Handling with ICMP. ICMP Errors. Internet Control Message Protocol 12/2/2014.
Course Reference Model Computer Networks 7 lication Provides functions needed by users Zhang, Xinyu Fall 2014 4 Transport Provides end-to-end delivery 3 Network Sends packets over multiple links School
More informationTeams Direct Routing. Configuration Checklists for BTIP and Business Talk SIP services. 28 january Teams Direct Routing AudioCodes Checklist 0.
Teams Direct Routing Configuration Checklists for BTIP and Business Talk 28 january 2019 Teams Direct Routing AudioCodes Checklist 0.2 Contents 1 Main certified architectures... 3 1.1 Standalone mode...
More informationThe World Wide Web is widely used by businesses, government agencies, and many individuals. But the Internet and the Web are extremely vulnerable to
1 The World Wide Web is widely used by businesses, government agencies, and many individuals. But the Internet and the Web are extremely vulnerable to compromises of various sorts, with a range of threats
More informationLecture 11: Middleboxes and NAT (Duct tape for IPv4)
CSCI-351 Data communication and Networks Lecture 11: Middleboxes and NAT (Duct tape for IPv4) The slide is built with the help of Prof. Alan Mislove, Christo Wilson, and David Choffnes's class Middleboxes
More informationThe Impact of Transport Header Encryption on Operation and Evolution of the Internet
The Impact of Transport Header Encryption on Operation and Evolution of the Internet draft-fairhurst-tsvwg-transport-encrypt-04 Gorry Fairhurst University of Aberdeen Colin Perkins University of Glasgow
More informationNetworking interview questions
Networking interview questions What is LAN? LAN is a computer network that spans a relatively small area. Most LANs are confined to a single building or group of buildings. However, one LAN can be connected
More informationCSE 461 Midterm Winter 2018
CSE 461 Midterm Winter 2018 Your Name: UW Net ID: General Information This is a closed book/laptop examination. You have 50 minutes to answer as many questions as possible. The number in parentheses at
More informationIP/ICMP Translation Algorithm (IIT) Xing Li, Congxiao Bao, Fred Baker
IP/ICMP Translation Algorithm (IIT) Xing Li, Congxiao Bao, Fred Baker 2008-11-17 Abstract This document specifies an update to the Stateless IP/ICMP Translation Algorithm described in RFC 2765. The algorithm
More informationNetworking Technologies and Applications
Networking Technologies and Applications Rolland Vida BME TMIT Transport Protocols UDP User Datagram Protocol TCP Transport Control Protocol and many others UDP One of the core transport protocols Used
More informationChapter 4: outline. 4.5 routing algorithms link state distance vector hierarchical routing. 4.6 routing in the Internet RIP OSPF BGP
Chapter 4: outline 4.1 introduction 4.2 virtual circuit and datagram networks 4.3 what s inside a router 4.4 IP: Internet Protocol datagram format IPv4 addressing ICMP 4.5 routing algorithms link state
More informationSpecial expressions, phrases, abbreviations and terms of Computer Networks
access access point adapter Adderssing Realm ADSL (Asymmetrical Digital Subscriber Line) algorithm amplify amplitude analog antenna application architecture ARP (Address Resolution Protocol) AS (Autonomous
More informationLecture 8. Network Layer (cont d) Network Layer 1-1
Lecture 8 Network Layer (cont d) Network Layer 1-1 Agenda The Network Layer (cont d) What is inside a router Internet Protocol (IP) IPv4 fragmentation and addressing IP Address Classes and Subnets Network
More informationLow-Cost Traffic Analysis of Tor
Low-Cost Traffic Analysis of Tor Steven J. Murdoch, George Danezis University of Cambridge, Computer Laboratory Review of Tor Support anonymous transport of TCP streams over the Internet Support anonymous
More informationAchieving Privacy in Mesh Networks
Achieving Privacy in Mesh Networks Xiaoxin Wu Intel China Research Center Ltd Beijing, China xiaoxin.wu@intel.com Ninghui Li Department of Computer Science Purdue University West Lafayette, IN 47907-2086,
More informationProtocols for Anonymous Communication
18734: Foundations of Privacy Protocols for Anonymous Communication Anupam Datta CMU Fall 2016 Privacy on Public Networks } Internet is designed as a public network } Machines on your LAN may see your
More informationNetwork Address Translation (NAT) Contents. Firewalls. NATs and Firewalls. NATs. What is NAT. Port Ranges. NAT Example
Contents Network Address Translation (NAT) 13.10.2008 Prof. Sasu Tarkoma Overview Background Basic Network Address Translation Solutions STUN TURN ICE Summary What is NAT Expand IP address space by deploying
More informationTinySec: A Link Layer Security Architecture for Wireless Sensor Networks. Presented by Paul Ruggieri
TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Chris Karlof, Naveen Sastry,, David Wagner Presented by Paul Ruggieri 1 Introduction What is TinySec? Link-layer security architecture
More informationObjectives: (1) To learn to capture and analyze packets using wireshark. (2) To learn how protocols and layering are represented in packets.
Team Project 1 Due: Beijing 00:01, Friday Nov 7 Language: English Turn-in (via email) a.pdf file. Objectives: (1) To learn to capture and analyze packets using wireshark. (2) To learn how protocols and
More informationComputer Security 3e. Dieter Gollmann. Security.di.unimi.it/sicurezza1415/ Chapter 16: 1
Computer Security 3e Dieter Gollmann Security.di.unimi.it/sicurezza1415/ Chapter 16: 1 Chapter 16: Communications Security Chapter 16: 2 Agenda Threat model Secure tunnels Protocol design principles IPsec
More informationNetwork Forensics. CSF: Forensics Cyber-Security. Section II. Basic Forensic Techniques and Tools. MSIDC, Spring 2017 Nuno Santos
Network Forensics Section II. Basic Forensic Techniques and Tools CSF: Forensics Cyber-Security MSIDC, Spring 2017 Nuno Santos Summary! Network addresses! Network infrastructure 2 Recall from last class!
More informationAn Industry view of IPv6 Advantages
An Industry view of IPv6 Advantages March 2002 Yanick.Pouffary@Compaq.Com Imagine what IPv6 can do for you! 1 Where we are Today IPv4 a victim of its own success IPv4 addresses consumed at an alarming
More informationCN1047 INTRODUCTION TO COMPUTER NETWORKING CHAPTER 5 OSI MODEL NETWORK LAYER
CN1047 INTRODUCTION TO COMPUTER NETWORKING CHAPTER 5 OSI MODEL NETWORK LAYER Network Layer Network layer manages options pertaining to host and network addressing, managing subnetworks, and internetworking.
More informationprecise rules that govern communication between two parties TCP/IP: the basic Internet protocols IP: Internet protocol (bottom level)
Protocols precise rules that govern communication between two parties TCP/IP: the basic Internet protocols IP: Internet protocol (bottom level) all packets shipped from network to network as IP packets
More informationOnion Routing. Varun Pandey Dept. of Computer Science, Virginia Tech. CS 6204, Spring
Onion Routing Varun Pandey Dept. of Computer Science, Virginia Tech 1 What is Onion Routing? a distributed overlay network to anonymize TCP based routing Circuit based (clients choose the circuit) Each
More informationNetwork Basic v0.1. Network Basic v0.1. Chapter 3 Internet Protocol. Chapter 3. Internet Protocol
Network Basic v0.1 Chapter 3. Internet Protocol 1 Network Basic v0.1 Chapter 3 Internet Protocol 1. The Role of Network Layer 2. IP Protocol Feature 3. IP Packet Routing 5. DHCP 6. NAT 2 1 네트워크 ICONs 3
More informationNetwork Attacks. CS Computer Security Profs. Vern Paxson & David Wagner
Network Attacks CS 161 - Computer Security Profs. Vern Paxson & David Wagner TAs: John Bethencourt, Erika Chin, Matthew Finifter, Cynthia Sturton, Joel Weinberger http://inst.eecs.berkeley.edu/~cs161/
More informationTCP /IP Fundamentals Mr. Cantu
TCP /IP Fundamentals Mr. Cantu OSI Model and TCP/IP Model Comparison TCP / IP Protocols (Application Layer) The TCP/IP subprotocols listed in this layer are services that support a number of network functions:
More informationNetwork Security. Thierry Sans
Network Security Thierry Sans HTTP SMTP DNS BGP The Protocol Stack Application TCP UDP Transport IPv4 IPv6 ICMP Network ARP Link Ethernet WiFi The attacker is capable of confidentiality integrity availability
More informationUNIVERSITY OF TORONTO FACULTY OF APPLIED SCIENCE AND ENGINEERING
UNIVERSITY OF TORONTO FACULTY OF APPLIED SCIENCE AND ENGINEERING ECE361 Computer Networks Midterm March 09, 2016, 6:15PM DURATION: 75 minutes Calculator Type: 2 (non-programmable calculators) Examiner:
More informationEarthLink Business SIP Trunking. Toshiba IPEdge 1.6 Customer Configuration Guide
EarthLink Business SIP Trunking Toshiba IPEdge 1.6 Customer Configuration Guide Publication History First Release: Version 1.0 August 30, 2011 CHANGE HISTORY Version Date Change Details Changed By 1.0
More informationECS-087: Mobile Computing
ECS-087: Mobile Computing Mobile IP Most of the slides borrowed from Prof. Sridhar Iyer Diwakar Yagyasen.1 Effect of Mobility on Protocol Stack Application: new applications and adaptations Transport:
More informationCS-580K/480K Advanced Topics in Cloud Computing. Network Virtualization
CS-580K/480K Advanced Topics in Cloud Computing Network Virtualization 1 Network Diagram of A Company 2 University Network Topology https://www.researchgate.net/figure/234782590_fig1_fig-5-see-university-network-infrastructure
More informationIPv6: An Introduction
Outline IPv6: An Introduction Dheeraj Sanghi Department of Computer Science and Engineering Indian Institute of Technology Kanpur dheeraj@iitk.ac.in http://www.cse.iitk.ac.in/users/dheeraj Problems with
More informationComputer Networks (Introduction to TCP/IP Protocols)
Network Security(CP33925) Computer Networks (Introduction to TCP/IP Protocols) 부산대학교공과대학정보컴퓨터공학부 Network Type Elements of Protocol OSI Reference Model OSI Layers What we ll learn today 2 Definition of
More informationImplementing IP in IP Tunnel
This chapter module provides conceptual and configuration information for IP in IP tunnels on Cisco ASR 9000 Series Router. Note For a complete description of the IP in IP tunnel commands listed in this
More informationNamed Data Networking (NDN) CLASS WEB SITE: NDN. Introduction to NDN. Updated with Lecture Notes. Data-centric addressing
CLASS WEB SITE: http://upmcsms.weebly.com/ Updated with Lecture Notes Named Data Networking (NDN) Introduction to NDN Named Data Networking (NDN) IP NDN Host-centric addressing Data-centric addressing
More informationES623 Networked Embedded Systems
ES623 Networked Embedded Systems Introduction to Network models & Data Communication 16 th April 2013 OSI Models An ISO standard that covers all aspects of network communication is the Open Systems Interconnection
More informationNSF Future Internet Architecture. Outline. Predicting the Future is Hard! The expressive Internet Architecture: from Architecture to Network
The expressive Internet Architecture: from Architecture to Network Peter Steenkiste Dave Andersen, David Eckhardt, Sara Kiesler, Jon Peha, Adrian Perrig, Srini Seshan, Marvin Sirbu, Hui Zhang Carnegie
More informationIPv6: Are we really ready to turn off IPv4?
IPv6: Are we really ready to turn off IPv4? In-situ transition In-situ transition Phase 1 Early Deployment IPv4 Internet Edge Dual-Stack Networks IPv6 networks interconnect by IPv6-over-IPv4 tunnels In-situ
More informationFireware-Essentials. Number: Fireware Essentials Passing Score: 800 Time Limit: 120 min File Version: 7.
Fireware-Essentials Number: Fireware Essentials Passing Score: 800 Time Limit: 120 min File Version: 7.0 http://www.gratisexam.com/ Fireware Essentials Fireware Essentials Exam Exam A QUESTION 1 Which
More informationCSE/EE 461 Lecture 13 Connections and Fragmentation. TCP Connection Management
CSE/EE 461 Lecture 13 Connections and Fragmentation Tom Anderson tom@cs.washington.edu Peterson, Chapter 5.2 TCP Connection Management Setup assymetric 3-way handshake Transfer sliding window; data and
More informationAnca Cioraca, Ilia Voloh, Mark Adamiak GE Grid Automation
Anca Cioraca, Ilia Voloh, Mark Adamiak GE Grid Automation In the beginning.rs-232 Migration to Ethernet in IEDs.circa 1997 Only invented in 1972.fast adoption for our industry Desire for Interoperability
More informationTor: The Second-Generation Onion Router. Roger Dingledine, Nick Mathewson, Paul Syverson
Tor: The Second-Generation Onion Router Roger Dingledine, Nick Mathewson, Paul Syverson Introduction Second Generation of Onion Routing Focus on deployability Perfect forward secrecy Separation of protocol
More informationOutline. Narrow Waist of the Internet Key to its Success. expressive Internet Architecture: Overview and Next Phase. Three Simple Ideas 9/13/2014
expressive Internet Architecture: Overview and Next Phase Peter Steenkiste Dave Andersen, David Eckhardt, Sara Kiesler, Jon Peha, Adrian Perrig, Srini Seshan, Marvin Sirbu, Hui Zhang Carnegie Mellon University
More informationLecture 2-ter. 2. A communication example Managing a HTTP v1.0 connection. Managing a HTTP request. transport session. Step 1 - opening transport
Lecture 2-ter. 2 A communication example Managing a HTTP v1.0 connection Managing a HTTP request User digits URL and press return (or clicks ). What happens (HTTP 1.0): 1. opens a TCP transport session
More informationHow to get a trustworthy DNS Privacy enabling recursive resolver
How to get a trustworthy DNS an analysis of authentication mechanisms for DNS s Willem Toorop NLnet Labs (presenter) Melinda Shore Fastly Benno Overeinder NLnet Labs DNS over TLS What are the actors, and
More informationNetwork Interconnection
Network Interconnection Covers different approaches for ensuring border or perimeter security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 Lecture
More information