METADATA: TRACKING AND ENCRYPTION. METADATA EXAMPLES Microsoft Word document properties Telephone/email metadata Camera/image metadata Web browser identification.

Slides:

Advertisements

Similar presentations

SOCIAL WEB MEDIA privacy and data mining part 2 4/12/2010.

Advertisements

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

CSE 461 Section. “Transport Layer Security” protocol Standard protocol for encrypting Internet traffic Previously known as SSL (Secure Sockets Layer),

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

Introduction to the Internet September 7, 2005 Lecture 1.

Privacy Protection In Grid Computing System Presented by Jiaying Shi.

7.3 Network Security Controls 1Network Security / G.Steffen.

Lecture 22 Internet Security Protocols and Standards

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.

The Internet Useful Definitions and Concepts About the Internet.

CMSC 414 Computer (and Network) Security Lecture 16 Jonathan Katz.

Information Networking Security and Assurance Lab National Chung Cheng University Guidelines on Electronic Mail Security

Privacy on the Web Gertzman Lora Krakov Lena. Why privacy? Privacy is the number one consumer issue facing the internet. An eavesdropper (server, service.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.

Nasca Internet Ch. 5Internet Ch. 8 Networking and Security Ch. 6 Networking and Security Ch. 8.

Chapter 10: Electronic Commerce Security. Electronic Commerce, Seventh Annual Edition2 Impact of Security on E-Commerce In 2006 an estimated $913 million.

Anonymizing Network Technologies Some slides modified from Dingledine, Mathewson, Syverson, Xinwen Fu, and Yinglin Sun Presenter: Chris Zachor 03/23/2011.

4/19/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

Overview of Exchange 2013 Architecture Transport components shipping with Exchange 2013 Mail Routing Scenarios Transport High Availability SMTP Client.

Tor (Anonymity Network) Scott Pardue. Tor Network  Nodes with routers within the network (entry, middle, exit)  Directory servers  Socket Secure (SOCKS)

By Swapnesh Chaubal Rohit Bhat. BEAST : Browser Exploit Against SSL/TLS Julianno Rizzo and Thai Duong demonstrated this attack.

Computer Concepts 2014 Chapter 7 The Web and .

© Copyright 2012 STI INNSBRUCK Tor project: Anonymity online.

Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.

1 3 Web Proxies Web Protocols and Practice. 2 Topics Web Protocols and Practice WEB PROXIES  Web Proxy Definition  Three of the Most Common Intermediaries.

Computer Networking From LANs to WANs: Hardware, Software, and Security Chapter 12 Electronic Mail.

Security Awareness Chapter 3 Internet Security. Security Awareness, 3 rd Edition2 Objectives After completing this chapter, you should be able to do the.

Ladd Van Tol Senior Software Engineer Security on the Web Part One - Vulnerabilities.

CPT 123 [299] Internet Skills Overview of the Internet Session One Class Notes DMWilliamson 1998.

Chapter 4 Networking and the Internet. © 2005 Pearson Addison-Wesley. All rights reserved 4-2 Chapter 4: Networking and the Internet 4.1 Network Fundamentals.

Chapter 8 Safeguarding the Internet. Firewalls Firewalls: hardware & software that are built using routers, servers and other software A point between.

Crowds: Anonymity for Web Transactions Michael K. Reiter Aviel D. Rubin Jan 31, 2006Presented by – Munawar Hafiz.

Lecture 11 Page 1 Advanced Network Security Cryptography and Networks: IPSec and SSL/TLS Advanced Network Security Peter Reiher August, 2014.

SETTING UP AN INTERNET NETWORK What you’ll need Your options How does data travel the Internet? Different terminology.

Microsoft MVP (Enterprise Security) Microsoft Certified Trainer (18 years) Founder: Cybercrime Security Forum! Winner: Microsoft Speaker Idol 2006 Author:

NETWORK HARDWARE AND SOFTWARE MR ROSS UNIT 3 IT APPLICATIONS.

© 2010 Computer Science Faculty, Kabul University HTTP CONTINUED… 4 TH LECTURE 2, May, 2010 Baseer Ahmad Baheer.

Organisations and Data Management 1 Data Collection: Why organisations & individuals acquire data & supply data via websites 2Techniques used by organisations.

Onion Routing R. Newman. Topics Defining anonymity Need for anonymity Defining privacy Threats to anonymity and privacy Mechanisms to provide anonymity.

The Tor Network BY: CONOR DOHERTY AND KENNETH CABRERA.

Supplemental Information on TOR (The Onion Router) CEH ed 8, Rev 4 CS3695 – Network Vulnerability Assessment & Risk Mitigation–

Nathaniel Ley CIS235 Dec. 09, Why do we need Tor?  Encryption is not enough to ensure complete anonymity, since packet headers can still reveal.

Strengthening Tor against Eavesdropping Correlation Attacks Robert Thomas CSCE APR 2015 Audio:

Chapter 7 – Confidentiality Using Symmetric Encryption.

Modified Onion Routing GYANRANJAN HAZARIKA AND KARAN MIRANI.

Tor Bruce Maggs relying on materials from

Introduction Web analysis includes the study of users’ behavior on the web Traffic analysis – Usage analysis Behavior at particular website or across.

Can SSL and TOR be intercepted? Secure Socket Layer.

1 Anonymity. 2 Overview  What is anonymity?  Why should anyone care about anonymity?  Relationship with security and in particular identification 

CIW LESSON 7 PART A. INTRODUCTION TO BUSINESS ELECTRONIC MAIL The use of has given rise to the term ______________________, which is a slang term.

Modified Onion Routing GYANRANJAN HAZARIKA AND KARAN MIRANI.

Benjamin Knapic Nicholas Johnson.  “Tor is free software and an open network that helps you defend against a form of network surveillance that threatens.

Hiding in the Dark: The Internet You Cannot See Marc Visnick

Systems Architecture Anonymous Key Agreement Dominik Oepen

BUILD SECURE PRODUCTS AND SERVICES

Tor Internals and Hidden Services

Anonymous Communication

Introduction and Overview of Network and Telecommunications (contd.)

CIW Lesson 7 Part A Name: _______________________________________

Deanonymization of Clients in Bitcoin P2P Network

By: Conor Doherty and Kenneth Cabrera

0x1A Great Papers in Computer Security

Modelling the internet

Anonymous Communication

Modelling the internet

Part of Chapter 1 Key Concepts Networks

Just Because I’m Paranoid Doesn’t Mean I’m Not Being Followed

Anonymous Communication

Presentation transcript:

METADATA: TRACKING AND ENCRYPTION

METADATA EXAMPLES Microsoft Word document properties Telephone/ metadata Camera/image metadata Web browser identification and tracking

MICROSOFT WORD – DOCUMENT INSPECTOR

TELEPHONE & Similar to postal mail: Information needed to route and deliver the message In many cases, content is less valuable than metadata

CAMERA / IMAGE METADATA EXIF Date & time Camera settings (e.g. aperture, shutter speed, ISO speed) GPS location

WEBPAGE METADATA Evercookie Panopticlick Do Not Track HTTP Header

SOCIAL NETWORKING METADATA Sleeping Time Please Rob Me

INTERLUDE – SHOPPING METADATA

METADATA PRIVACY LAWS Video Privacy Protection Act (VPPA) Driver's Privacy Protection Act of 1994 (DPPA)

ENCRYPTION Doesn’t apply to metadata that is needed for routing (in most cases)

TOR – THE ONION ROUTER Origin node randomly selects three network nodes Data is wrapped in three layers of encryption

TOR - WEAKNESSES Tracking cookies Exit node eavesdropping Traffic (timing) analysis Site operators may block Tor traffic Heartbleed

HEARTBLEED Exploits a flaw in TLS “heartbeat” extension Affects servers and clients Heartbeat message consists of a payload and a buffer Attack consists of sending a maliciously constructed heartbeat message