Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS590B/690B Detecting Network Interference (Fall 2016)

Published byBathsheba Barrett Modified over 6 years ago

Similar presentations

Presentation on theme: "CS590B/690B Detecting Network Interference (Fall 2016)"— Presentation transcript:

1 CS590B/690B Detecting Network Interference (Fall 2016)
Lecture 13 Phillipa Gill – Umass Amherst

2 Last time Fingerprinting filtering products Questions?

3 Review questions What is the meaning of “dual use technology” (in the context of filtering products)? How can we learn about what products to suspect in a given network? How can we validate that a given product is installed on a specific IP address? How can we verify that a specific product is being used for censorship? What factors make this challenging? Filtering products can be used in enterprise/academic networks vs. for national censorship User reports, logos on block pages What web Create bogus domains/submit them to the product’s Web site Need to know what categories of content the ISP is blocking. Need to create sites matching that content for submission

4 Today Onion routing Tor (an implementation of onion routing)
Slides by Roger Dingledine (via Jonathan Katz) df lectures/Module5.pdf

5 What is anonymity Informally: You can’t tell who did what
Who wrote this blog post? Who’s been viewing my Web pages? Who’s been ing patent attorneys? Formally: Indistinguishability within an “anonymity set”

6 Anonymity Can’t distinguish? Anonymity set size? Probability distribution within anonymity set?

7 Assumptions… We have to make some assumptions about what the attacker can do

8 Anonymity != Confidentiality
Encryption does not give anonymity. It just protects the contents

9 Why do we care about anonymity?

10 Why anonymity? Regular citizens don’t want to be tracked
People around the world experience censored Internet Their speech on the Internet is also censored… … can lead to arrest, persecution, or worse Not just for dissidents… … if you write something bad about your employer you could be fired Law enforcement needs it too Investigating a suspect: why is alice.fbi.gov reading my Web page? Sting operation: why is alice.fbi.gov selling counterfeits on ebay? Corporations Are your employees reading a competitor’s jobs page? Government Hide list of IPs in Baghdad receiving .gov (untrusted ISP) What does the CIA Google for? (untrusted service)

11 Can’t be anonymous by yourself
… anonymity loves company

12 Can’t be anonymous by yourself
… anonymity loves company

13 Simple anonymity design

14 But an attacker who sees alice can see who she talks to

15 So add encryption

16 But the relay is a single point of failure

17 Also single point to bypass

18 Solution: multiple relays

19 Can tell Alice is talking but not to Whom

20 Can tell someone is talking to bob but not who it is

21 How it works

22 How it works

23 How it works

24 How it works

25 How it works

26 Tor: The Big picture Freely available (open source)
Comes with spec + documentation, translated into 15+ languages Several commercial imitators Focus on usability/scalability/incentives 200,000+ active users including gov’t/law enforcement Began in 1995 Now a 501 (c ) 3 with a handful of employees and many volunteers Volunteers run relays, have options to configure traffic load Issues with being responsible for the traffic exiting from exit nodes

27 Weaknesses/Attacks Eavesdropping AS
AS on path between source and entry node + exit node and destination Applications that leak IP address (technically not something Tor protects against) Bad apple attack Use leaked IP + analyze traffic patterns to deanonymize users Run an exit node and eavesdrop DoS Carefully execute commands to exhaust resources on a relay

28 Stats about Tor

29 Related anonymity systems
Reading presentation: Aqua

30 Hands on activity Install and run Tor
Run Wireshark while connecting through Tor Explore tor metrics data

Download ppt "CS590B/690B Detecting Network Interference (Fall 2016)"

Similar presentations

Tor: The Second-Generation Onion Router

Tor: The Second-Generation Onion Router
 Natural consequence of the way Internet is organized o Best effort service means routers don’t do much processing per packet and store no state – they.

 Natural consequence of the way Internet is organized o Best effort service means routers don’t do much processing per packet and store no state – they.
Web Servers Security: What You Should Know. The World Wide Web (WWW) is one of the best ways to develop an e-commerce business presence and interact with.

Web Servers Security: What You Should Know. The World Wide Web (WWW) is one of the best ways to develop an e-commerce business presence and interact with.
CMSC 414 Computer (and Network) Security Lecture 16 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 16 Jonathan Katz.
ToR. Tor: anonymity online Tor is a toolset for a wide range of organizations and people that want to improve their safety and security on the Internet.

ToR. Tor: anonymity online Tor is a toolset for a wide range of organizations and people that want to improve their safety and security on the Internet.
A Usability Evaluation of the Tor Anonymity Network By Gregory Norcie.

A Usability Evaluation of the Tor Anonymity Network By Gregory Norcie.
By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.

By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.
UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.

UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Anonymizing Network Technologies Some slides modified from Dingledine, Mathewson, Syverson, Xinwen Fu, and Yinglin Sun Presenter: Chris Zachor 03/23/2011.

Anonymizing Network Technologies Some slides modified from Dingledine, Mathewson, Syverson, Xinwen Fu, and Yinglin Sun Presenter: Chris Zachor 03/23/2011.
Hafez Barghouthi. Model for Network Access Security (our concern) Patrick BoursAuthentication Course 2007/20082.

Hafez Barghouthi. Model for Network Access Security (our concern) Patrick BoursAuthentication Course 2007/20082.
Protecting your Family From the dark places on the Internet Going beyond the standard PC Filter, and dealing with the multiple devices that access the.

Protecting your Family From the dark places on the Internet Going beyond the standard PC Filter, and dealing with the multiple devices that access the.
Www.sti-innsbruck.at © Copyright 2012 STI INNSBRUCK www.sti-innsbruck.at Tor project: Anonymity online.

© Copyright 2012 STI INNSBRUCK Tor project: Anonymity online.
CSE 486/586, Spring 2012 CSE 486/586 Distributed Systems Case Study: TOR Anonymity Network Bahadir Ismail Aydin Computer Sciences and Engineering University.

CSE 486/586, Spring 2012 CSE 486/586 Distributed Systems Case Study: TOR Anonymity Network Bahadir Ismail Aydin Computer Sciences and Engineering University.
Firewalls Nathan Long Computer Science 481. What is a firewall? A firewall is a system or group of systems that enforces an access control policy between.

Firewalls Nathan Long Computer Science 481. What is a firewall? A firewall is a system or group of systems that enforces an access control policy between.
Crowds: Anonymity for Web Transactions Michael K. Reiter Aviel D. Rubin Jan 31, 2006Presented by – Munawar Hafiz.

Crowds: Anonymity for Web Transactions Michael K. Reiter Aviel D. Rubin Jan 31, 2006Presented by – Munawar Hafiz.
Module 4 Quiz. 1. Which of the following statements about Network Address Translation (NAT) are true? Each correct answer represents a complete solution.

Module 4 Quiz. 1. Which of the following statements about Network Address Translation (NAT) are true? Each correct answer represents a complete solution.
7400 Samsung Confidential & Proprietary Information Copyright 2006, All Rights Reserved. -0/17- OfficeServ 7400 Enterprise IP Solutions Quick Install Guide.

7400 Samsung Confidential & Proprietary Information Copyright 2006, All Rights Reserved. -0/17- OfficeServ 7400 Enterprise IP Solutions Quick Install Guide.
CSE 592 INTERNET CENSORSHIP (FALL 2015) LECTURE 08 PHILLIPA GILL – STONY BROOK UNIVERSITY.

CSE 592 INTERNET CENSORSHIP (FALL 2015) LECTURE 08 PHILLIPA GILL – STONY BROOK UNIVERSITY.
CSE 592 INTERNET CENSORSHIP (FALL 2015) LECTURE 20 PHILLIPA GILL - STONY BROOK U.

CSE 592 INTERNET CENSORSHIP (FALL 2015) LECTURE 20 PHILLIPA GILL - STONY BROOK U.

Similar presentations

Ads by Google