Presentation is loading. Please wait.

Presentation is loading. Please wait.

I know what you are Sharing

Similar presentations


Presentation on theme: "I know what you are Sharing"— Presentation transcript:

1 I know what you are Sharing
Exploiting BitTorrent Communications to Invade Users’ Privacy Pujol Guilhem & Xiao Wang

2 Plan Background of Research Exploiting Source and downloader addresses
Experimentation Results & Limitation of our research Suggestion for future work

3 Background of Research
1 Security & Privacy Issues in P2P Streaming systems

4 Security & Privacy Issues in P2P Streaming systems
P2P systems serve users worldwides App #Users P2P Skype 560M MSN Live 550M QQ 500M Google Talk 150M A lot of personal information are exposed on P2P systems. VoIP systems

5 Desirable security and privacy features for P2P systems
Category System feature System operation Reliability, Availability, Dependability Node Autonomy, Access Control Content management Authenticity, Integrity, Non-repudiation, Confidentiality, Anonymity

6 Attack targets in P2P streaming
Passive aspect Influenced by Results into Application code Code provider censorship data leaks P2P protocol Peers, superpeers, application code censor, partition, pollution, partitition, DoS, Overlay routing data privacy, QoS overlay routing delays, DoS partitioning, censorship Distributed data data integrity Partitioning Vulnerability Possible attack objectives

7 Two attack models(1/2) 1. Determine the file-sharing usage of identified users Mainly by comparing IP addresses, determine one’s identity and behaviors on P2P systems. 4 Find IP addresses Participating In 50k most Popular BT files 3 Find IP address 2 Determine VoIP ID 1

8 Two attack models(2/2) 2. Exploit sources of public information to identify and profile BitTorrent content providers big downloaders. (locations,behavor pattern, provided content

9 Exploiting Source and downloader addresses
2

10 Objective Identifying the sources of the torrents published on thepiratebay Studying the recent evolutions of the BitTorrent ecosystem and their impact on privacy

11 Retrieving the torrents
HTTP requests on thepiratebay.se/recent New torrent arrival rate ~ 1 per minute Actualisation every 5 second

12 Retrieving the torrents
Extraction of the links that points to the torrent files Retrival of the files that were not yet downloaded

13 Finding the peers Parsing of the bencoded torrent file : retrieval of every tracker available and computation of the info hash

14 Finding the peers Contact with the trackers : now mainly by UDP, often on port 80 Announce request that asks for a subset of peers Request sent to every known tracker for this torrent

15 Results and limitations
3

16 Results 494 torrent downloaded in 6 hours
At least one tracker could be reached for 389 of them The source could be identified in 151 cases (38%)

17 Results Surprisingly, the number of peers one can retrieve in a single request is high (more than 150) No or extremly high limitation on the number of announce requests one can send to a single tracker

18 Results Cumulative frequencies of the number of peers delivered in response to an announce request

19 Results Appearance of magnet links ~ partial torrent files
magnet:?xt=urn:btih:d10db7b1a8d8e2393a32ddc6e683685f8bc24c19&dn=Conspirators.2012.DVDRip.XviD-BeFRee&tr=udp%3A%2F%2Ftracker.openbittorrent.com%3A80&tr=udp%3A%2F%2Ftracker.publicbt.com%3A80&tr=udp%3A%2F%2Ftracker.istole.it%3A6969&tr=udp%3A%2F%2Ftracker.ccc.de%3A80 Trackers tend to be replaced by Distributed Hash Tables

20 Limitations In the best cases, we only retrieve an IP address and a port number They can be altered by the use of a NAT,a proxy, a VPN, TOR, … This should be applied at a larger scale to be really efficient (all torrent are not first uploaded on the piratebay, no central tracker)

21 Suggestions for further research
4

22 Suggestions for further research
DHT Magnet links Variable sites Scrape-all request Combine with research in Skype to identify user identities Observe longer to profile providers and big downloaders in a larger region By exploiting the scrape-all requests, an adversary can learn the identifiers of all the contents for which he can then collect the peers using the announce requests.High-level statistics

23 Reference Gabriela Gheorghe · Renato Lo Cigno ·Alberto Montresor, Security and privacy issues in P2P streaming systems: A survey Stevens Le Blond, Chao Zhang, Arnaud Legout, Keith Ross, Walid Dabbous, I Know Where You are and What You are Sharing: Exploiting P2P Communications to Invade Users’ Privacy Stevens Le Blond, Arnaud Legout, Fabrice Lefessant, Walid Dabbous, Mohamed Ali Kaafar, Spying the World from your Laptop - Identifying and Profiling Content Providers and Big Downloaders in BitTorrent

24 Demonstration

25


Download ppt "I know what you are Sharing"

Similar presentations


Ads by Google