NETWORK SECURITY HERD: A SCALABLE, TRAFFIC ANALYSIS RESISTANT ANONYMITY NETWORK FOR VOIP SYSTEMS JINGTAO YAO JIAJUN LI ACM HORNORED CLASS.

Slides:

Advertisements

Similar presentations

Computer networks Fundamentals of Information Technology Session 6.

Advertisements

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.

Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL

How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011.

Towards efficient traffic-analysis resistant anonymity networks Stevens Le Blond David Choffnes Wenxuan Zhou Peter Druschel Hitesh Ballani Paul Francis.

Privacy Protection In Grid Computing System Presented by Jiaying Shi.

Building a Peer-to-Peer Anonymizing Network Layer Michael J. Freedman NYU Dept of Computer Science Public Design Workshop September 13,

The call path remains constant and bandwidth is dedicated throughout the duration of the call. - Unused bandwidth is not recovered. - Traffic.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

Virtual Private Networking Karlene R. Samuels COSC513.

Multicast Security CS239 Advanced Network Security April 16 th, 2003 Yuken Goto.

NEtwork MObility By: Kristin Belanger. Contents Introduction Introduction Mobile Devices Mobile Devices Objectives Objectives Security Security Solution.

Firewalls and VPNS Team 9 Keith Elliot David Snyder Matthew While.

Anonymity on the Web: A Brief Overview By: Nipun Arora uni-na2271.

Tor (Anonymity Network) Scott Pardue. Tor Network  Nodes with routers within the network (entry, middle, exit)  Directory servers  Socket Secure (SOCKS)

Toward Prevention of Traffic Analysis Fengfeng Tu 11/26/01.

Data Communications and Networks Chapter 2 - Network Technologies - Circuit and Packet Switching Data Communications and Network.

Sofya Rozenblat 11/26/2012 CS 105 TOR ANONYMITY NETWORK.

Understanding VPN Concepts Virtual Private Network (VPN) enables computers to –Communicate securely over insecure channels –Exchange private encrypted.

Windows Internet Connection Sharing Dave Eitelbach Program Manager Networking And Communications Microsoft Corporation.

Copyright Security-Assessment.com 2005 VoIP 2 Is free too Expensive? by Darren Bilby and Nick von Dadelszen.

© Copyright 2012 STI INNSBRUCK Tor project: Anonymity online.

Virtual Private Network (VPN) SCSC 455. VPN A virtual private network that is established over, in general, the Internet – It is virtual because it exists.

Comparing modem and other technologies

IP Ports and Protocols used by H.323 Devices Liane Tarouco.

 Introduction  VoIP  P2P Systems  Skype  SIP  Skype - SIP Similarities and Differences  Conclusion.

McGraw-Hill/Irwin © 2008 The McGraw-Hill Companies, All Rights Reserved Business Plug-In B5 Networks and Telecommunications.

RIPE64 Enum Working Group DE-CIX NGN Services.

Monitoring Architecture for Lawful Interception in VoIP Networks Second International Conference on Internet Monitoring and Protection (ICIMP 2007), IEEE.

Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.

To Build Context-Aware VoIP Support using Session Initiation Protocol By Prasad Vunnam Ritesh Reddy Gunna.

Crossing firewalls Liane Tarouco Leandro Bertholdo RNP POP/RS.

Emerging Technologies. Emerging Technology Overview  Emerging technologies are those which are just beginning to be adopted or are at the initial acceptance.

VIRTUAL PRIVATE NETWORK By: Tammy Be Khoa Kieu Stephen Tran Michael Tse.

Network Fundamentals. Network Devices Routers (Layer 3)

SOS: Security Overlay Service Angelos D. Keromytis, Vishal Misra, Daniel Rubenstein- Columbia University ACM SIGCOMM 2002 CONFERENCE, PITTSBURGH PA, AUG.

Postacademic Interuniversity Course in Information Technology – Module C1p1 Chapter 5 Multiplexing.

Crowds: Anonymity for Web Transactions Michael K. Reiter Aviel D. Rubin Jan 31, 2006Presented by – Munawar Hafiz.

Introduction to Information Systems Lecture 06 Telecommunications and Networks Business Value of Networks Jaeki Song.

VPN. What is VPN An arrangement that provides connections between: An arrangement that provides connections between: –Offices –remote workers and –the.

Virtual Private Network. VPN In the most basic definition, VPN is a connection which allows 2 computers or networks to communicate with each other across.

CSE 592 INTERNET CENSORSHIP (FALL 2015) LECTURE 20 PHILLIPA GILL - STONY BROOK U.

Elijah Suko & Jamie Kuolt. The Connected World  Networks Local Area Network (LAN) Wide Area Network (WAN) Metropolitan Area Network (MAN)

SOCKS By BITSnBYTES (Bhargavi, Maya, Priya, Rajini and Shruti)

CSE 592 INTERNET CENSORSHIP (FALL 2015) LECTURE 19 PHILLIPA GILL - STONY BROOK U.

Supplemental Information on TOR (The Onion Router) CEH ed 8, Rev 4 CS3695 – Network Vulnerability Assessment & Risk Mitigation–

Nathaniel Ley CIS235 Dec. 09, Why do we need Tor?  Encryption is not enough to ensure complete anonymity, since packet headers can still reveal.

Modified Onion Routing GYANRANJAN HAZARIKA AND KARAN MIRANI.

1 Anonymous Communications CSE 5473: Network Security Lecture due to Prof. Dong Xuan Some material from Prof. Joan Feigenbaum.

Digital Planet: Tomorrow’s Technology and You Chapter 8 Networking and Digital Communication Copyright © 2012 Pearson Education, Inc. publishing as Prentice.

Virtual Private Network (VPN) 1. A corporation with multiple geographic sites can use one of two approaches to building a corporate intranet. – Private.

ANONYMIZING / WEB PRIVACY. TOOLS: STAYING ANONYMOUS ON THE INTERNET Proxy Server Tor.

SOSIMPLE: A Serverless, Standards- based, P2P SIP Communication System David A. Bryan and Bruce B. Lowekamp College of William and Mary Cullen Jennings.

Modified Onion Routing GYANRANJAN HAZARIKA AND KARAN MIRANI.

Benjamin Knapic Nicholas Johnson.  “Tor is free software and an open network that helps you defend against a form of network surveillance that threatens.

Virtual Private Networks

MISY 3312: Introduction to Telecommunications Summer 2012 VoIP

Onions and Garlic: the protocols of I2P

Virtual Private Network

CS590B/690B Detecting Network Interference (FALL 2016)

Network Layer Goals: Overview:

CONTRA Camouflage of Network Traffic to Resist Attack (Intrusion Tolerance Using Masking, Redundancy and Dispersion) DARPA OASIS PI Meeting – Hilton Head.

The quieter you become, the more you are able to hear By: Ben Knapic

RTP: A Transport Protocol for Real-Time Applications

Network Components.

UNM Enterprise Firewall

X.25 and Frame Relay Like ATM: wide area network technologies

0x1A Great Papers in Computer Security

Presentation transcript:

NETWORK SECURITY HERD: A SCALABLE, TRAFFIC ANALYSIS RESISTANT ANONYMITY NETWORK FOR VOIP SYSTEMS JINGTAO YAO JIAJUN LI ACM HORNORED CLASS

CONFERENCE & AUTHORS ACM SIGCOMM Conference 2015 Security, Privacy, and Censorship Stevens Le BlondMPI-SWS, Saarbrucken, Germany David ChoffnesNortheastern University, Boston, MA, USA William CaldwellMPI-SWS, Saarbrucken, Germany Peter Druschel MPI-SWS, Saarbrucken, Germany Nicholas MerrittMPI-SWS, Saarbrucken, Germany

BACKGROUND——VOIP VoIP——Voice over Internet Protocol Voice over IP (VoIP) is a methodology and group of technologies for the delivery of voice communications and multimedia sessions over Internet Protocol (IP) networks, such as the Internet. Other terms commonly associated with VoIP are IP telephony, Internet telephony, broadband telephony, and broadband phone service.

BACKGROUND——TOR Tor——free software for enabling anonymous communication Onion routing is implemented by encryption in the application layer of a communication protocol stack, nested like the layers of an onion. Tor encrypts the data, including the destination IP address, multiple times and sends it through a virtual circuit comprising successive, randomly selected Tor relays.

BACKGROUND——TOR Each relay decrypts a layer of encryption to reveal only the next relay in the circuit in order to pass the remaining encrypted data on to it. The final relay decrypts the innermost layer of encryption and sends the original data to its destination without revealing, or even knowing, the source IP address. Because the routing of the communication is partly concealed at every hop in the Tor circuit, this method eliminates any single point at which the communicating peers can be determined through network surveillance that relies upon knowing its source and destination.

BACKGROUND——TOR

BACKGROUND——DEMAND many nation states use Internet surveillance to monitor and repress critics western democracies conduct mass surveillance VPN, Skype, traffic analysis

RELATED WORK Burner phones VoIP services Anonymity networks Traffic analysis resistant anonymity

RELATED WORK——ANONYMITY NETWORKS accessing a VoIP service via an anonymity network like Tor Unfortunately, the typical delays incurred by Tor circuits are too high for adequate VoIP call quality. VoIP may use Tor-like (onion routing) anonymity network and solve the delay

HERD ARCHITECTURE

NODES Client Superpeer Mix Zone

LIKE STATICS ROUTING Geo-related zone and routing Superpeer with Mix Reduce delay Dynamic channel allocation

ENCRYPTION Mix->Mix Superpeer->Mix Mix->Superpeer->Mix Superpeer->Client

TRAFFIC CONTROL Each client sends and receives at a constant rate equivalent to a small number of voice calls on their SP link(s). The links connecting SPs to their mixes carry bidirectional, encrypted and padded traffic at a rate that is a multiple of the VoIP base rate. The mixes are fully connected by a set of encrypted and padded links.

THANKS FOR LISTENING!