Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS590B/690B Detecting Network Interference (FALL 2016)

Published byBeryl McDaniel Modified over 6 years ago

Similar presentations

Presentation on theme: "CS590B/690B Detecting Network Interference (FALL 2016)"— Presentation transcript:

1 CS590B/690B Detecting Network Interference (FALL 2016)
Lecture 17 Phillipa Gill – Umass -- Amherst

2 Where we are Last time: Attacks on Tor Timing attacks Today:
Review/discussion Covert channels Why imitating existing protocols doesn’t work.

3 Review questions – Tor basics
What does it mean to be anonymous? Informally? Formally? Where might an adversary compromise an anonymity network? Why is confidentiality not enough to ensure anonymity? Why might law enforcement want to be anonymous? Why might dissidents want to be anonymous? Why do you need multiple groups to ensure anonymity? What is onion routing? What are some weaknesses of Tor?

4 Review – Relay-based Timing Attacks
Why are these plots different for the different applications when we consider exit-relay or guard+exit-relay compromises but the same when we only consider guard-relay compromise? Exit relay Guard+Exit relay Guard relay

5 Review – AS AWARE Tor clients
What are three fundamental challenges faced by AS-aware Tor clients? How do users get routed and holding all the ASes differ in their approach to predicting network paths? List the AS-level attacks discussed in RAPTor What challenges do these attacks post to researchers developing AS-aware Tor clients? How does an adversary on the reverse path learn packet timings and sizes? Why is increasing the AS-level diversity of Tor relays challenging?

6 Where we are Today: Review/discussion Covert channels
Why imitating existing protocols doesn’t work.

7 Challenge Circumvention tools can get around censorship, but have a hard time not being observable Ie., they generally cannot hide the fact that users are using them E.g., Tor is not completely effective for circumvention because a censor can just block the IPs of known relays Users who are seen using these tools may face trouble from the government .. And the censor can leverage observability to stop the system Reduce availability

8 freewave Traffic obfuscation: Hide covert traffic *within* an *actual* implementation of an application. Server obfuscation: Leverage oblivious participants in VOIP network

9 FreeWave: IP over Voice-over-IP
Target protocol: Voice-over IP (VoIP) Why VoIP Widely used protocol (only 663 Million Skype users) Collateral damage to block Encrypted How to hide? The dial-up modems are back! NDSS 2013

10 FreeWave architecture
Server Client NDSS 2013

11 Threat model + Goals User connects to the Internet via a censoring ISP which precludes access to specific destinations. + limits access to circumvention tools ISP does not want to compromise usability of the network E.g. political/economic pressures Goals Unblockability: the systems needs to be unblockable by censors Unobservability: should hide the fact that users are using the circumvention system Security: anonymity, privacy and confidentiality of users need to be protected Deployment feasibilty: avoid dependencies on other systems (e.g ISPs) QoS: Needs to provide adequate bandwidth and latency appropriate for Web browsing.

12 Basic idea of Freewave User downloads the Freewave Client and enters her VoIP ID and makes a call to the FreeWave server (by entering its VoIP ID). Server is set up such that connections will go via an oblivious VoIP client (e.g., Skype supernode). Since VoIP connection is encrypted censor cannot ID server’s VoIP ID and censor it. Components: VoIP client Virtual Sound Card (virtual sound card interface: any application can use it the same way a physical sound card is utilized). MoDem: application that translates network traffic into acoustic signals and vice versa (aka Modulator Demodulator) Proxy: Server uses this to relay traffic received via VoIP connections to its final destination.

13 Basic components

14 Performance 16-19 kbps

15 FreeWave’s unobservability
Traffic analysis (packet rates and sizes) Fixed rate codecs (e.g., G.7 series) Not an issue  Variable bit-rates (e.g., Skype’s SILK) Simple analysis Superimpose with recoded conversation NDSS 2013

Download ppt "CS590B/690B Detecting Network Interference (FALL 2016)"

Similar presentations

I Want My Voice to Be Heard: IP over Voice-over-IP for Unobservable Censorship Circumvention Amir Houmansadr (The University of Texas at Austin) Thomas.

I Want My Voice to Be Heard: IP over Voice-over-IP for Unobservable Censorship Circumvention Amir Houmansadr (The University of Texas at Austin) Thomas.
Censorship Resistance: Decoy Routing Amir Houmansadr CS660: Advanced Information Assurance Spring 2015 Content may be borrowed from other resources. See.

Censorship Resistance: Decoy Routing Amir Houmansadr CS660: Advanced Information Assurance Spring 2015 Content may be borrowed from other resources. See.
The Sniper Attack: Anonymously Deanonymizing and Disabling the Tor Network Rob Jansen et. al NDSS 2014 Presenter: Yue Li Part of slides adapted from R.

The Sniper Attack: Anonymously Deanonymizing and Disabling the Tor Network Rob Jansen et. al NDSS 2014 Presenter: Yue Li Part of slides adapted from R.
Onion Routing Security Analysis Aaron Johnson U.S. Naval Research Laboratory DC-Area Anonymity, Privacy, and Security Seminar.

Onion Routing Security Analysis Aaron Johnson U.S. Naval Research Laboratory DC-Area Anonymity, Privacy, and Security Seminar.
 Guarantee that EK is safe  Yes because it is stored in and used by hw only  No because it can be obtained if someone has physical access but this can.

 Guarantee that EK is safe  Yes because it is stored in and used by hw only  No because it can be obtained if someone has physical access but this can.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.

By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.
Aaron Johnson U.S. Naval Research Laboratory CSci 6545 George Washington University 11/18/2013.

Aaron Johnson U.S. Naval Research Laboratory CSci 6545 George Washington University 11/18/2013.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
Censorship Resistance: Parrots Amir Houmansadr CS660: Advanced Information Assurance Spring 2015 Content may be borrowed from other resources. See the.

Censorship Resistance: Parrots Amir Houmansadr CS660: Advanced Information Assurance Spring 2015 Content may be borrowed from other resources. See the.
Polycom Conference Firewall Solutions. 2 The use of Video Conferencing Is Rapidly Growing More and More people are adopting IP conferencing Audio and.

Polycom Conference Firewall Solutions. 2 The use of Video Conferencing Is Rapidly Growing More and More people are adopting IP conferencing Audio and.
Jeremiah O’Connor CS 683 Fall 2012 CensorSpoofer: Asymmetric Communication using IP Spoofing for Censorship-Resistant Web Browsing.

Jeremiah O’Connor CS 683 Fall 2012 CensorSpoofer: Asymmetric Communication using IP Spoofing for Censorship-Resistant Web Browsing.
On the Anonymity of Anonymity Systems Andrei Serjantov (anonymous)

On the Anonymity of Anonymity Systems Andrei Serjantov (anonymous)
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
The Parrot is Dead: Observing Unobservable Network Communications

The Parrot is Dead: Observing Unobservable Network Communications
VoIP Security in Service Provider Environment Bogdan Materna Chief Technology Officer Yariba Systems.

VoIP Security in Service Provider Environment Bogdan Materna Chief Technology Officer Yariba Systems.
Routing Around Decoys Max Schuchard, John Geddes, Christopher Thompson, Nicholas Hopper Proposed in FOCI'11, USINIX Security'11 and CCS'11 Presented by:

Routing Around Decoys Max Schuchard, John Geddes, Christopher Thompson, Nicholas Hopper Proposed in FOCI'11, USINIX Security'11 and CCS'11 Presented by:
CSE 592 INTERNET CENSORSHIP (FALL 2015) LECTURE 20 PHILLIPA GILL - STONY BROOK U.

CSE 592 INTERNET CENSORSHIP (FALL 2015) LECTURE 20 PHILLIPA GILL - STONY BROOK U.
CSE 592 INTERNET CENSORSHIP (FALL 2015) LECTURE 22 PHILLIPA GILL - STONY BROOK U.

CSE 592 INTERNET CENSORSHIP (FALL 2015) LECTURE 22 PHILLIPA GILL - STONY BROOK U.
CSE 592 INTERNET CENSORSHIP (FALL 2015) LECTURE 19 PHILLIPA GILL - STONY BROOK U.

CSE 592 INTERNET CENSORSHIP (FALL 2015) LECTURE 19 PHILLIPA GILL - STONY BROOK U.

Similar presentations

Ads by Google