Anonymity on the Web: A Brief Overview By: Nipun Arora uni-na2271.

Slides:



Advertisements
Similar presentations
SPATor: Improving Tor Bridges with Single Packet Authorization Paper Presentation by Carlos Salazar.
Advertisements

Tor: The Second-Generation Onion Router
Network Security: Anonymity Otto Huhta T Network security Aalto University, Nov-Dec 2014.
Project in Computer Security Integrating TOR’s attacks into the I2P darknet Chen Avnery Amihay Vinter.
How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011.
Message Splitting Against the Partial Adversary Andrei Serjantov The Free Haven Project (UK) Steven J Murdoch University of Cambridge Computer Laboratory.
Firewall Configuration Strategies
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Building a Peer-to-Peer Anonymizing Network Layer Michael J. Freedman NYU Dept of Computer Science Public Design Workshop September 13,
Xinwen Fu Anonymous Communication & Computer Forensics Computer & Network Forensics.
CMSC 414 Computer (and Network) Security Lecture 16 Jonathan Katz.
A Usability Evaluation of the Tor Anonymity Network By Gregory Norcie.
I NTERNET A NONYMITY By Esra Erdin. Introduction Types of Anonymity Systems TOR Overview Working Mechanism of TOR I2P Overview Working Mechanism of I2P.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.
Delay Tolerant Networking Gareth Ferneyhough UNR CSE Department
Tarzan: A Peer-to-Peer Anonymizing Network Layer Michael J. Freedman, NYU Robert Morris, MIT ACM CCS 2002
0x1A Great Papers in Computer Security Vitaly Shmatikov CS 380S
Anonymizing Network Technologies Some slides modified from Dingledine, Mathewson, Syverson, Xinwen Fu, and Yinglin Sun Presenter: Chris Zachor 03/23/2011.
Aaron Johnson U.S. Naval Research Laboratory CSci 6545 George Washington University 11/18/2013.
Tor (Anonymity Network) Scott Pardue. Tor Network  Nodes with routers within the network (entry, middle, exit)  Directory servers  Socket Secure (SOCKS)
Class 13 Introduction to Anonymity CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman
Hashing it Out in Public Common Failure Modes of DHT-based Anonymity Schemes Andrew Tran, Nicholas Hopper, Yongdae Kim Presenter: Josh Colvin, Fall 2011.
Toward Prevention of Traffic Analysis Fengfeng Tu 11/26/01.
On the Anonymity of Anonymity Systems Andrei Serjantov (anonymous)
© Copyright 2012 STI INNSBRUCK Tor project: Anonymity online.
CSCI 5234 Web Security1 Privacy & Anonymity in the WWW Ch. 12, Oppliger.
CSE 486/586, Spring 2012 CSE 486/586 Distributed Systems Case Study: TOR Anonymity Network Bahadir Ismail Aydin Computer Sciences and Engineering University.
1 / 18 Fariba alamshahi Secure Routing and Intrusion Detection in Ad Hoc Networks Supervisor: Mr.zaker Translator: fariba alamshahi.
Anonymous routing and mix nets (Tor) Yongdae Kim Significant fraction of these slides are borrowed from CS155 at Stanford 1.
Social Networking with Frientegrity: Privacy and Integrity with an Untrusted Provider Prateek Basavaraj April 9 th 2014.
Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms David Chaum CACM Vol. 24 No. 2 February 1981 Presented by: Adam Lee 1/24/2006 David.
FIREWALLS Vivek Srinivasan. Contents Introduction Need for firewalls Different types of firewalls Conclusion.
Crowds: Anonymity for Web Transactions Michael K. Reiter Aviel D. Rubin Jan 31, 2006Presented by – Munawar Hafiz.
Lecture 14: Anonymity on the Web (cont) Modified from Levente Buttyan, Michael K. Reiter and Aviel D. Rubin.
Class 8 Introduction to Anonymity CIS 755: Advanced Computer Security Spring 2015 Eugene Vasserman
The Second-Generation Onion Router
Slide 1 Vitaly Shmatikov CS 361S Anonymity Networks.
Mixminion: Design of a Type III Anonymous R er Protocol George Danezis Roger Dingledine Nick Mathewson Presented By Michael LeMay.
TCP/IP Model & How it Relates to Browsing the Internet Anonymously BY: HELEN LIN.
Overview  Anonymity systems  Review of how Tor works  Tor Project Inc.  Helper tools and accessories  Advanced Tor control  Attack Vectors.
The Silk Road: An Online Marketplace
Onion Routing R. Newman. Topics Defining anonymity Need for anonymity Defining privacy Threats to anonymity and privacy Mechanisms to provide anonymity.
The Tor Network BY: CONOR DOHERTY AND KENNETH CABRERA.
Supplemental Information on TOR (The Onion Router) CEH ed 8, Rev 4 CS3695 – Network Vulnerability Assessment & Risk Mitigation–
Nathaniel Ley CIS235 Dec. 09, Why do we need Tor?  Encryption is not enough to ensure complete anonymity, since packet headers can still reveal.
Traffic Correlation in Tor Source and Destination Prediction PETER BYERLEY RINDAL SULTAN ALANAZI HAFED ALGHAMDI.
Modified Onion Routing GYANRANJAN HAZARIKA AND KARAN MIRANI.
ROGER DINGLEDINE, NICK MATHEWSON, PAUL SYVERSON THE FREE HAVEN PROJECT &NAVAL RESEARCH LAB PRESENTED BY: COREY WHITE Tor: The Second-Generation Onion Router.
1 Anonymous Communications CSE 5473: Network Security Lecture due to Prof. Dong Xuan Some material from Prof. Joan Feigenbaum.
ANONYMIZING / WEB PRIVACY. TOOLS: STAYING ANONYMOUS ON THE INTERNET Proxy Server Tor.
1 Anonymity. 2 Overview  What is anonymity?  Why should anyone care about anonymity?  Relationship with security and in particular identification 
Modified Onion Routing GYANRANJAN HAZARIKA AND KARAN MIRANI.
Benjamin Knapic Nicholas Johnson.  “Tor is free software and an open network that helps you defend against a form of network surveillance that threatens.
Hiding in the Dark: The Internet You Cannot See Marc Visnick
Modified Onion Routing and its Proof of Concept By: Gyanranjan Hazarika.
Aaron Johnson Rob Jansen Aaron D. Jaggard Joan Feigenbaum
Anonymous Internet Protocols
Anonymous Communication
Protocols for Anonymous Communication
Digital Forensics 2 Presented by : J.Silaa Lecture: FCI 30 Aug 2017
The quieter you become, the more you are able to hear By: Ben Knapic
Exercise ?: TOR.
0x1A Great Papers in Computer Security
Anonymous Communication
Anonymity (Privacy) Suppose you are surfing the Web.
Anonymous Communications
Bruce Maggs relying on materials from
Anonymous Communication
Presentation transcript:

Anonymity on the Web: A Brief Overview By: Nipun Arora uni-na2271

What is Anonymity? “Anonymity is the state of being not identifiable within a set of subjects.” ◦ There is no such thing as absolute anonymity First suggested by David Chaum in his seminal paper[1] on anonymous r er systems Anonymity deals with hiding identity of the user ◦ Relationship between users is hidden ◦ Perfect Forward secrecy:  defending against statistical analysis attacks ◦ Confidentiality/Availability/Integrity is preserved  Services available even though hidden and integrity of the connection is maintained

Why we require anonymity? Defends against a common form of Internet surveillance known as "traffic analysis." Internet traffic analysis allows adversaries to model user behavior and interests Confidentiality (Encryption) does not prevent adversaries from determining the identity of the user and his/her peers.

Overview Goal of Anonymity ◦ Inititator Anonymity  responder(server) cannot determine the identity of the client(initiator) ◦ Responder Anonymity  attacker cannot determine who the intended receiver of the particular package is ◦ Unlikability:  attacker may determine senders and receivers but not the associations between them (attacker doesn’t know who communicates with whom)

Types of adversaries against anonymity ◦ Outsiders  Global Passive Adversary: Attacker which can have a Global view of the internet and monitor internet activity ◦ Insiders  Local eavesdropper : Attacker monitoring activity on some restricted domain  Compromised router, or malicious server Threat Model

Taxonomy of Anonymity Systems Recent anonymyzing systems can be divided in broadly two categories ◦ Low Latency Anonymizers: Low latency anonymity systems are used for interactive applications. Such systems guarantee low response time essential to interactive applications such as web browsing.  TOR: The Onion Router is one of the most commonly used Low Latency Anonymizers  JAP- Java Anonymous Proxy  An.on/Anonymizer.com

Latency Tolerant Anonymizers: Delay Tolerant anonymizers are used for applications which do not require the low response time essential to interactive applications. Eg. E=mail  Mixminion: Type III anonymous r er system

Mix nets & Mix Cascades David Chaum. “Untraceable electronic mail, return addresses, and digital pseudonyms”. Communications of the ACM, February Set of anonymizing relays/proxies to evade an eavesdropper from linking initiator and the responder. Mixes- Each relay in the network is a ‘mix’

Mix Cascade’s String A, B and C are passed as packets to Mix1 Mix 1 randomly forwards it to Mix 2, Mix 3, Mix 4 A cascade is several such mixes put in a relay It is extremely difficult for an adversary to make an end to end connection between sender and reveiver in case of mix cascade

Layered Encryption: ‘Onion’ Several layers of data The data being sent is encapsulated in something similar to an ‘onion’. At each hop in the mixed cascade the onion is peeled to find the next relay point. This concept forms the basis paradigm of the onion routing project. Address of first relay Address of the 2 nd relay Data

Overview of Tor Architecture What is Tor ? - The Onion Routing Project (currently in second gen.) Key Features: - Network of proxies - Uses “3-hop” relays (ORs) by default - – The three relay points are called Entry Node, Middleman and Exit Node. * Although can be extended to as many hops as possible. - Many connections can be multiplexed over the same Tor Circuit.

Key Features(continued...) - Encrypted connections to connect the Entry Node, Middle Man and Exit Node(uses SSL encryption) - All the information is not stored in a single Onion Router (makes it more secure) - Provides hidden services: - Services not accessible for an outsider - Tor creates a new url for the server (a string, NOT DNS NAME) within the.onion domain.

The Tor circuit Client (Alice) fetches the directory listing of ORs from the directory service (Dave) Here Dave contains all the addresses of the complete Tor network. Alice creates the onion with complete addresses of all the relay points it has to pass through. : 9002

Circut made completely...

Sources of Vulnerabilities for Anonymizers Attacks strategies are mostly based on monitoring internet activity Statistics being used are ◦ Round Trip Time ◦ Throughput ◦ Latency ◦ Clock Skew: TCP timestamp clock drift error, helps in identifying hosts which have a similar drift An attack by a truly ‘Global Passive Adversary’ cannot be defended.

Conclusion Anonymity is Necessary!!! Used in places to maintain secrecy in blogspots or for journalists making comments on contentious issues. Hiding personal information mantained in histories of several servers Secure Banking passwords Avoiding Spams

References 1. D. L. Chaum. Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms. Communincations of the ACM, 24(2):84–90, February R. Dingledine, N. Mathewson, and P. Syverson Tor: The Second-Generation Onion Router. In Proceedings of the 13th USENIX Security Symposium, pages 303–319, August 2004.

Thank You

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.