Download presentation
Presentation is loading. Please wait.
Published byJeffery Preston Modified over 8 years ago
1
Anonymity in Peer-assisted CDNs: Inference Attacks and Mitigation Yaoqi Jia, Guangdong Bai, Prateek Saxena, and Zhenkai Liang National University of Singapore 0
2
Popular websites receive millions of hits per day – A fast way to deliver web content Options to deliver content: – Own servers Amazon EC2, Azure – Content delivery networks (CDN) Akamai, CloudFlare Web Content Delivery 1
3
Peer-assisted CDNs Insight: Involve web clients to serve content – Akamai NetSession, Swarmify, Maygh – NetSession offloads 70-80% traffic [NSDI12, IMC 13] – Swarmify reduces over 60% network latency Server Client Server Client 2 Privacy issue: Infer neighbors’ contents
4
Contributions Inference attacks on real-world services – i.e., Swarmify, BemTV and P2PSP Anonymous Peer-assisted CDN (APAC) – Involves browsers as peers – Preserve high level of anonymity – Desired performance – Compatible with browsers 3
5
Inference Attacks in Peer-assisted CDNs 4
6
Inference Attacks Goal – Infer what content a victim user has requested or delivered (browsing history) Implication – Revealing a user’s browsing history significantly leaks the user’s privacy A user’s digital identity can be revealed [S&P 10] A user’s geolocation/political orientation [W2SP 14] 5
7
Inference Attacks in Peer-assisted CDNs Passive attacks: adversary pre-stores all content potentially interesting to the victim Active attacks: adversary traverses all content potentially served by the victim Server Adversary Victim Server Adversary Victim PassiveActive 6 Request Deliver Fetch Request
8
Real-world Case Studies Swarmify, BemTV & P2PSP – A deployed site with 10 images and 2 videos – A victim peer requests and stores resources – An adversary in the same LAN frequently requests and serves resources No defense against inference attacks – Adversary can observe all resources from/to the victim – Even open for content pollution attacks 7 How to mitigate inference attacks?
9
Anonymous Peer-assisted CDN 8
10
Threat Model Initiator: peer initiates the request Responder: peer responds the request Honest-but-curious adversary – Follow protocols Out of scope – Sybil attacks – Denial-of-service attacks (DoS) 9
11
Anonymous Peer-assisted CDN (APAC) Goal – Anonymity: conceal a user’s identity to unlink her id with her online trace – Performance: acceptable network latency – Compatibility: no (or minor) changes on websites and clients Intuition – Onion-routing (OR) techniques 10
12
Onion Routing, but with Careful Parameter Selection OR: Messages are encapsulated in layers of encryption (onions) Limitations: – Only initiator anonymity – Non-negligible circuit setup latency – Nodes randomly chosen 11 Encryption Decryption Circuit
13
Overview of APAC Peer server constructs the circuit for each request instead of peers (anonymity) Region-based circuit construction (performance) – Choose intermediate nodes in three regions: near-initiator, near-responder and globally random Communications via WebRTC (compatibility) 12
14
Initiation in APAC Peers fetch resources from the content server Content Server Peer v A Peer v B Fetch Store 13
15
Content Delivery via Peers Peers fetch resources from other peers Peer Server Peer v A (Initiator) Peer v B (Intermediate) Request Peer v B (Responder) Request via OR circuit Reply Report 14
16
Region-based Circuit Construction Peer Server Peer v A (Initiator) Peer v B (Intermediate) Peer v B (Responder) 15
17
Anonymity Analysis for APAC 16
18
Degree of Anonymity Def 1: The degree of initiator anonymity provided by a system is defined by: Result: The degree of initiator anonymity can be represented as: 17
19
Parameter Selection Level of anonymity – The maximum number of intermediate nodes L max – Distribution factors: the fraction of intermediate nodes near the initiator/responder α init / α res – The total number of peers N and the number of peers having requested resources N R 18 When Lmax ≥ 2, APAC can preserve the standard degree of anonymity (i.e., 0.8) achieved by previous work
20
Performance Evaluation 19
21
Measurement Setup Scenario: CDN operators place edges servers in major cities, but users are not located in those cities Deployed site provides images 1KB–2 MB Content server / peer server in City A (New York) 100 Peers in City B (Singapore) 20
22
Network Latency Reduction (NLR) For a 4-node circuit where APAC provides a latency reduction (49.7%) lower than the performance obtained for Swarmify (69.4%) and non-anonymous setting (76.1%). 21 %
23
Effect of Distribution Factors Locating intermediate nodes near initiator/responder reduces network latency 22 #Nodes in each region
24
Sweet Spot With up-to 2 intermediate nodes, APAC preserves adequate degree of anonymity (i.e., 0.8) and desired performance (e.g., 97.3% bandwidth savings) 23 Degree of Anonymity Sweet Spot
25
Conclusion Inference attacks on peer-assisted CDNs Anonymous Peer-assisted CDN (APAC) – High degree of anonymity – Desired network latency reduction and bandwidth savings – Compatible with current browsers 24
26
Thanks You Q & A E-mail: jiayaoqi@comp.nus.edu.sg 25
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.