Share Count Analysis HEADERS

Similar documents
A SIMPLE INTRODUCTION TO TOR

Personalized Pseudonyms for Servers in the Cloud. Qiuyu Xiao (UNC-Chapel Hill) Michael K. Reiter (UNC-Chapel Hill) Yinqian Zhang (Ohio State Univ.

0x1A Great Papers in Computer Security

TABLE OF CONTENTS CHAPTER TITLE PAGE

Anonymity C S A D VA N C E D S E C U R I T Y TO P I C S P R E S E N TAT I O N BY: PA N AY I OTO U M A R KO S 4 T H O F A P R I L

mctls: enabling secure in-network functionality in TLS

Software Defined Networking

Capsulated NATS. <draft-kuniaki-capsulated-nats-03.txt> Kuniaki KONDO, Intec NetCore draft-kuniaki-capsulated-nats-03 1

RAPTOR: Routing Attacks on Privacy in Tor. Yixin Sun. Princeton University. Acknowledgment for Slides. Joint work with

Internet Networking recitation #

Computer Science 461 Final Exam May 22, :30-3:30pm

Different Layers Lecture 20

Using NAT in Overlapping Networks

The trace file is here:

PROGRAMMING Kyriacou E. Frederick University Cyprus. Network communication examples

CMPE 80N: Introduction to Networking and the Internet

Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP,

surveillance & anonymity cs642 computer security adam everspaugh

4. The transport layer

CSC 4900 Computer Networks: Security Protocols (2)

anonymous routing and mix nets (Tor) Yongdae Kim

ECE 697J Advanced Topics in Computer Networks

Detecting the Auto-configuration Attacks on IPv4 and IPv6 Networks

The Tor Network. Cryptography 2, Part 2, Lecture 6. Ruben Niederhagen. June 16th, / department of mathematics and computer science

Fundamental Questions to Answer About Computer Networking, Jan 2009 Prof. Ying-Dar Lin,

Anonymity. Assumption: If we know IP address, we know identity

CSC Network Security

IPv6 : Internet Protocol Version 6

History. IPv6 : Internet Protocol Version 6. IPv4 Year-Wise Allocation (/8s)

Internet Protocol and Transmission Control Protocol

Asheville-Buncombe Technical Community College Department of Networking Technology. Course Outline

Transport Layer TCP & UDP Week 7. Module : Computer Networks Lecturers : Lucy White Office : 324

On the Internet, nobody knows you re a dog.

CSC 4900 Computer Networks: Network Layer

IPv6 Addressing. There are three types of IPV6 Addresses. Unicast:Multicast:Anycast

UNIT IV -- TRANSPORT LAYER

Addressing protocols. TELE3118 lecture notes Copyright by Tim Moors Aug-09. Copyright Aug-09, Tim Moors

CSEN 503 Introduction to Communication Networks. Mervat AbuElkheir Hana Medhat Ayman Dayf. ** Slides are attributed to J. F.

Topology of the Internet. Autonomous Systems (AS) Two-Level Routing. Why are there different Protocols?

EarthLink Business SIP Trunking. Allworx 6x IP PBX SIP Proxy Customer Configuration Guide

Lab Exercise UDP. Objective. Requirements. Step 1: Capture a Trace

Network Control, Con t

Network and Security: Introduction

CSEP 561 Internetworking. David Wetherall

ZeroStack Quick Start Guide

Mapping of Address and Port Using Translation

Communication Systems DHCP

Networking Potpourri: Plug-n-Play, Next Gen

Lesson 9 OpenFlow. Objectives :

NE-2277 Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure: Network Services

IPSec. Slides by Vitaly Shmatikov UT Austin. slide 1

Pluggable Transports Roadmap

EECS 3214 Final Exam Winter 2017 April 19, 2017 Instructor: S. Datta. 3. You have 180 minutes to complete the exam. Use your time judiciously.

Computer Networks. Course Reference Model. Topic. Error Handling with ICMP. ICMP Errors. Internet Control Message Protocol 12/2/2014.

Teams Direct Routing. Configuration Checklists for BTIP and Business Talk SIP services. 28 january Teams Direct Routing AudioCodes Checklist 0.

The World Wide Web is widely used by businesses, government agencies, and many individuals. But the Internet and the Web are extremely vulnerable to

Lecture 11: Middleboxes and NAT (Duct tape for IPv4)

The Impact of Transport Header Encryption on Operation and Evolution of the Internet

Networking interview questions

CSE 461 Midterm Winter 2018

IP/ICMP Translation Algorithm (IIT) Xing Li, Congxiao Bao, Fred Baker

Networking Technologies and Applications

Chapter 4: outline. 4.5 routing algorithms link state distance vector hierarchical routing. 4.6 routing in the Internet RIP OSPF BGP

Special expressions, phrases, abbreviations and terms of Computer Networks

Lecture 8. Network Layer (cont d) Network Layer 1-1

Low-Cost Traffic Analysis of Tor

Achieving Privacy in Mesh Networks

Protocols for Anonymous Communication

Network Address Translation (NAT) Contents. Firewalls. NATs and Firewalls. NATs. What is NAT. Port Ranges. NAT Example

TinySec: A Link Layer Security Architecture for Wireless Sensor Networks. Presented by Paul Ruggieri

Objectives: (1) To learn to capture and analyze packets using wireshark. (2) To learn how protocols and layering are represented in packets.

Computer Security 3e. Dieter Gollmann. Security.di.unimi.it/sicurezza1415/ Chapter 16: 1

Network Forensics. CSF: Forensics Cyber-Security. Section II. Basic Forensic Techniques and Tools. MSIDC, Spring 2017 Nuno Santos

An Industry view of IPv6 Advantages

CN1047 INTRODUCTION TO COMPUTER NETWORKING CHAPTER 5 OSI MODEL NETWORK LAYER

precise rules that govern communication between two parties TCP/IP: the basic Internet protocols IP: Internet protocol (bottom level)

Onion Routing. Varun Pandey Dept. of Computer Science, Virginia Tech. CS 6204, Spring

Network Basic v0.1. Network Basic v0.1. Chapter 3 Internet Protocol. Chapter 3. Internet Protocol

Network Attacks. CS Computer Security Profs. Vern Paxson & David Wagner

TCP /IP Fundamentals Mr. Cantu

Network Security. Thierry Sans

UNIVERSITY OF TORONTO FACULTY OF APPLIED SCIENCE AND ENGINEERING

EarthLink Business SIP Trunking. Toshiba IPEdge 1.6 Customer Configuration Guide

ECS-087: Mobile Computing

CS-580K/480K Advanced Topics in Cloud Computing. Network Virtualization

IPv6: An Introduction

Computer Networks (Introduction to TCP/IP Protocols)

Implementing IP in IP Tunnel

Named Data Networking (NDN) CLASS WEB SITE: NDN. Introduction to NDN. Updated with Lecture Notes. Data-centric addressing

ES623 Networked Embedded Systems

NSF Future Internet Architecture. Outline. Predicting the Future is Hard! The expressive Internet Architecture: from Architecture to Network

IPv6: Are we really ready to turn off IPv4?

Fireware-Essentials. Number: Fireware Essentials Passing Score: 800 Time Limit: 120 min File Version: 7.

CSE/EE 461 Lecture 13 Connections and Fragmentation. TCP Connection Management

Anca Cioraca, Ilia Voloh, Mark Adamiak GE Grid Automation

Tor: The Second-Generation Onion Router. Roger Dingledine, Nick Mathewson, Paul Syverson

Outline. Narrow Waist of the Internet Key to its Success. expressive Internet Architecture: Overview and Next Phase. Three Simple Ideas 9/13/2014

Lecture 2-ter. 2. A communication example Managing a HTTP v1.0 connection. Managing a HTTP request. transport session. Step 1 - opening transport

How to get a trustworthy DNS Privacy enabling recursive resolver

Network Interconnection

Transcription:

Measuring Network Privacy with It s 11PM. DO YOU KNOW WHERE YOUR Share Count Analysis HEADERS ARE? David Naylor Peter Steenkiste

GOAL measure how private a network architecture or protocol is

GOAL measure how private a network architecture or protocol is 1 What is Privacy? 2 Threat Model 3 Indicators Can the adversary learn sender? learn receiver? link flows? WHO WHAT HISTORY

GOAL measure how private a network architecture or protocol is 1 What is Privacy? 2 Threat Model 3 Indicators Global, passive adversary. CAN: Observe traffic on any link/device. CANNOT: Modify, drop, or inject packets.

GOAL measure how private a network architecture or protocol is 1 What is Privacy? 2 Threat Model 3 Indicators Adversary learns from: Headers Topology Timing

Choice of indicators has a big impact on measurement tool Headers Topology Timing WHAT YOU MEASURE Properties of an architecture WHAT YOU MEASURE Properties of a deployed network HOW YOU MEASURE Model headers and devices HOW YOU MEASURE Model topology and traffic

Choice of indicators has a big impact on measurement tool Headers Topology Timing WHAT YOU MEASURE Properties of an architecture WHAT YOU MEASURE Properties of a deployed network HOW YOU MEASURE Model headers and devices HOW YOU MEASURE Model topology and traffic SHARE COUNT ANALYSIS PRIOR WORK

Share Count Analysis 1 2 3 Model header information leakage Model how devices modify headers Measure leakage over test path

Share Count Analysis 1 2 3 Model header information leakage Model how devices modify headers Measure leakage over test path

1 Model header information leakage

1 Model header information leakage replace headers with generic, privacy-related meta-fields

replace headers with generic, privacy-related meta-fields IP Header Protocol Source IP Address Destination IP Address Source Port Transport Header Destination Port

1 Model header information leakage replace headers with generic, privacy-related meta-fields

1 Model header information leakage replace headers with generic, privacy-related meta-fields share counts indicate how many entities could share the same value

1 Model header information leakage replace headers with generic, privacy-related meta-fields share counts indicate how many entities could share the same value body is opaque value only used to link multiple sightings of a packet

1 Model header information leakage replace headers with generic, privacy-related meta-fields share counts indicate how many entities could share the same value body is opaque value only used to link multiple sightings of a packet

Share Count Analysis 1 2 3 Model header information leakage Model how devices modify headers Measure leakage over test path

Share Count Analysis 1 2 3 Model header information leakage Model how devices modify headers Measure leakage over test path

2 Model how devices modify headers which fields are updated? what are the new share counts? NAT = { update_fields: sender, flow new_share_counts: sender: Hn } H n = # hosts in source network

Share Count Analysis 1 2 3 Model header information leakage Model how devices modify headers Measure leakage over test path

Share Count Analysis 1 2 3 Model header information leakage Model how devices modify headers Measure leakage over test path

3 Measure leakage over test path STEP ONE: Forward test packet S-1 N-1 D-1 F-1 1 1 H 1 P-1 S-2 N-1 D-1 F-2 H n 1 H 1 P-1 S-3 N-2 D-2 F-3 H N 1 1 P-2 Sender NAT Tor Relay Receiver H = # hosts N = # networks H n = # hosts in source network

STEP ONE: Forward test packet S-1 N-1 D-1 F-1 1 1 H 1 P-1 S-2 N-1 D-1 F-2 H n 1 H 1 P-1 S-3 N-2 D-2 F-3 H N 1 1 P-2 Sender NAT Tor Relay Receiver STEP TWO: Save snapshots at vantage points S-1 N-1 D-1 F-1 1 1 H 1 P-1 S-2 N-1 D-1 F-2 H n 1 H 1 P-1 S-3 N-2 D-2 F-3 H N 1 1 P-2

STEP ONE: Forward test packet S-1 N-1 D-1 F-1 1 1 H 1 P-1 S-2 N-1 D-1 F-2 H n 1 H 1 P-1 S-3 N-2 D-2 F-3 H N 1 1 P-2 Sender NAT Tor Relay STEP TWO: Save snapshots at vantage points Receiver STEP THREE: Group linkable snapshots == P-1 S-1 N-1 D-1 F-1 1 1 H 1 P-1 == P-2 S-3 N-2 D-2 F-3 H N 1 1 P-2 S-2 N-1 D-1 F-2 H n 1 H 1 P-1

STEP ONE: Forward test packet S-1 N-1 D-1 F-1 1 1 H 1 P-1 S-2 N-1 D-1 F-2 H n 1 H 1 P-1 S-3 N-2 D-2 F-3 H N 1 1 P-2 Sender NAT Tor Relay STEP TWO: Save snapshots at vantage points STEP THREE: Group linkable snapshots Receiver == P-1 S-1 N-1 D-1 F-1 1 1 H 1 P-1 == P-2 S-3 N-2 D-2 F-3 H N 1 1 P-2 S-2 N-1 D-1 F-2 H n 1 H 1 P-1 STEP FOUR: Find minimum share counts for each group 1 1 H 1 P-1 P-2 H N 1 1

Minimum share counts tell us what the adversary learned 1 1 H 1 P-1 P-2 H N 1 1 learn sender? learn receiver? link flows? WHO WHAT HISTORY

Minimum share counts tell us what the adversary learned 1 1 H 1 P-1 P-2 H N 1 1 learn sender? learn receiver? link flows? src net share count == 1 dest share count == 1 sender share count == 1 && dest share count == 1

Share Count Analysis 1 2 3 Model header information leakage Model how devices modify headers Measure leakage over test path

Share Count Analysis 1 2 3 Model header information leakage Model how devices modify headers Measure leakage over test path

Open Questions 1 Automate meta-field and device specs? From traces? From code? From high-level protocol spec? Ease of Use 2 Does our model capture all architectures? Path-based architectures? In-network state (e.g., MPLS, NDN)? Generality 3 Analyze payloads of common protocols e.g., DHCP, DNS, & TLS handshake Completeness 4 Analyze instances of an architecture Use topology and timing to limit share counts? Completeness

Measuring Network Privacy with It s 11PM. DO YOU KNOW WHERE YOUR Share Count Analysis HEADERS ARE? David Naylor Peter Steenkiste

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback