Presentation is loading. Please wait.

Presentation is loading. Please wait.

Phillipa Gill University of Toronto

Published bySuzanna Lewis Modified over 6 years ago

Similar presentations

Presentation on theme: "Phillipa Gill University of Toronto"— Presentation transcript:

1 Phillipa Gill University of Toronto
Dude, where’s that IP? Circumventing measurement-based geolocation Phillipa Gill University of Toronto Yashar Ganjali & David Lie University of Toronto Bernard Wong Cornell University

2 Geolocation applications: Custom content
Local search results Targeted advertisements 11/18/2018 P. Gill - University of Toronto

3 Geolocation applications: Access control
11/18/2018 P. Gill - University of Toronto

4 Geolocation applications: Fraud prevention
Proof of work [Kaiser and Feng 2010] Clients forced to solve computational puzzles, Hardness of puzzle based on distance Online payment fraud Use location to flag suspicious transactions 11/18/2018 P. Gill - University of Toronto

5 P. Gill - University of Toronto
Behind the scenes Web server HTTP GET [ ] Deny access User (Boston, MA) ?? Boston, MA USA 02116 Geolocation Database 11/18/2018 P. Gill - University of Toronto

6 Future application of geolocation
Enforcing regional restrictions in cloud computing Use geolocation to locate virtual machines 11/18/2018 P. Gill - University of Toronto

7 P. Gill - University of Toronto
Motivation Targets have incentive to lie Content providers: Restrict access to content Prevent fraud Cloud computing users: Need the ability to guarantee the result of geolocation 11/18/2018 P. Gill - University of Toronto

8 P. Gill - University of Toronto
Our contributions First to consider measurement-based geolocation of an adversary Two models of adversarial geolocation targets Web client (end host) Cloud provider (network) Evaluation of attacks on delay and topology-based geolocation. 11/18/2018 P. Gill - University of Toronto

9 P. Gill - University of Toronto
Road map Motivation & Contributions Background Adversary models Evaluation Conclusions Ongoing/Future work 11/18/2018 P. Gill - University of Toronto

10 Geolocation background
Databases/passive approaches whois services Commercial databases Quova, MaxMind, etc. Drawbacks: coarse-grained slow to update proxies 11/18/2018 P. Gill - University of Toronto

11 Coarse grained geolocation
traceroute to (Google) ms ms ms ms ms ms ms ms ms ms ms ms ms ms ms ms ms ms ms ms ms ms ms ms ms ms ms LINX(UK) Google (USA?) Delay difference between LINX and google implies google IP is not in the us! 11/18/2018 P. Gill - University of Toronto

12 Coarse grained geolocation
traceroute to (Google) ms ms ms ms ms ms ms ms ms ms ms ms ms ms ms ms ms ms ms ms ms ms ms ms ms ms ms LINX(UK) Google (USA?) 11/18/2018 P. Gill - University of Toronto

13 Delay-based geolocation
Example: Constraint-based geolocation [Gueye et al. ToN ‘06] Ping other landmarks to calibrate Distance-delay “best-line” function Ping! Ping! Ping! 11/18/2018 P. Gill - University of Toronto

14 Delay-based geolocation
Example Constraint-based geolocation [Gueye et al. ToN ‘06] 2. Ping target Ping! Ping! Ping! Ping! 11/18/2018 P. Gill - University of Toronto

15 Delay-based geolocation
Example Constraint-based geolocation [Gueye et al. ToN ‘06] 3. Map delay to distance from target 4. Constrain target location 11/18/2018 P. Gill - University of Toronto

16 Topology-aware geolocation
Delay-based geolocation assumes direct paths “as the crow flies” Ping! Ping! reality 11/18/2018 P. Gill - University of Toronto

17 Topology-aware geolocation
Takes into account circuitous network paths 11/18/2018 P. Gill - University of Toronto

18 Types of measurement-based geolocation:
Delay-based: Constraint-based geolocation (CBG) [Gueye et al. ToN ‘06] Computes region where target may be located Reported average accuracy: km Topology-aware: Octant [Wong et al. NSDI 2007] Considers delay between hops on path Geolocates nodes along the path Reported median accuracy: km 11/18/2018 P. Gill - University of Toronto

19 P. Gill - University of Toronto
Road map Motivation & Contributions Background Adversary models Evaluation Conclusions Future work 11/18/2018 P. Gill - University of Toronto

20 Simple adversary (e.g., Web client)
Knows the geolocation algorithm Able to delay their response to probes i.e., increase observed delays Cannot decrease delay Landmark i 11/18/2018 P. Gill - University of Toronto

21 Sophisticated adversary (e.g., Cloud provider)
Controls the network the target is located in Network has multiple geographically distributed entry points Adversary constructs network paths to mislead topology-aware geolocation tar target 11/18/2018 landmark

22 P. Gill - University of Toronto
Road map Motivation & Contributions Background Adversary models Evaluation Conclusions Future work 11/18/2018 P. Gill - University of Toronto

23 P. Gill - University of Toronto
Evaluation Questions: How accurately can an adversary mislead geolocation? Can they be detected? Error for the adversary Geolocation result True location False location Distance of attempted move 11/18/2018 P. Gill - University of Toronto

24 P. Gill - University of Toronto
Methodology Collected traceroutes between 50 PlanetLab nodes Each node takes turn as target Each target moved to a set of forged locations Landmarks Forged Locations 11/18/2018 P. Gill - University of Toronto

25 P. Gill - University of Toronto
Results overview Adversary Type Simple Sophisticated Delay-based Topology-aware Geolocation method 11/18/2018 P. Gill - University of Toronto

26 P. Gill - University of Toronto
Results overview Adversary Type Simple Sophisticated Delay-based Topology-aware ? ? Geolocation method 11/18/2018 P. Gill - University of Toronto

27 P. Gill - University of Toronto
Delay adding attack Increase delay by time to travel g2-g1 Challenge: how to map distance to delay Our attack: V1: Speed of light approximation V2: Adversary knows “best-line” function Note this does not work if g2 < g1 g2 False location g1 True location 11/18/2018 P. Gill - University of Toronto

28 P. Gill - University of Toronto
Delay-adding attack Landmark 1 Landmark 3 Landmark 2 11/18/2018 P. Gill - University of Toronto

29 P. Gill - University of Toronto
Delay-adding attack Landmark 1 Landmark 3 Landmark 2 11/18/2018 P. Gill - University of Toronto

30 P. Gill - University of Toronto
Can it be detected? Area of intersection increases as delay is added Abnormally large region sizes can reveal results that have been tampered with 11/18/2018 P. Gill - University of Toronto

31 How accurate can the attack be?
700 M/KM NYC-SFO 400 M/KM Trade off between accuracy and detectability 11/18/2018 P. Gill - University of Toronto

32 Detectable using region size
Results overview Adversary Type Simple Sophisticated Delay-based Topology-aware Limited Accuracy Detectable using region size Geolocation method ? 11/18/2018 P. Gill - University of Toronto

33 Adding delay to topology-aware geolocation
Landmark 1 add delay Landmark 1 Landmark 2 add delay Landmark 2 11/18/2018 P. Gill - University of Toronto

34 Adding delay to topology-aware geolocation
Landmark 1 add delay Detectable! Landmark 1 Landmark 2 add delay Landmark 2 11/18/2018 P. Gill - University of Toronto

35 Detectable using region size
Results overview Adversary Type Simple Sophisticated Delay-based Topology-aware Limited Accuracy Detectable using region size Geolocation method ? 11/18/2018 P. Gill - University of Toronto

36 P. Gill - University of Toronto
Hop-adding attack Sophisticated adversary Can alter traceroute paths after they enter the adversary’s network Has a WAN with multiple entry points Challenge: how to design the non-existent paths Our attack: Leverage existing network entry points Use a non-existent (simulated) network to generate fake paths 11/18/2018 P. Gill - University of Toronto

37 Hop-adding attack: Simulated network
Multiple network entry points In-degree 3 for each node Fake node next to each forged location 11/18/2018 P. Gill - University of Toronto

38 How accurate can the attack be?
Adversary can move from EU to US 100% of the time. NYC-SFO Even moving long distances sophisticated adversary has high accuracy 11/18/2018 P. Gill - University of Toronto

39 P. Gill - University of Toronto
Can it be detected? Region size does not increase Hop adding is able to mislead the algorithm without increasing region size! 11/18/2018 P. Gill - University of Toronto

40 Detectable using region size
Results overview Adversary Type Simple Sophisticated Delay-based Topology-aware Limited Accuracy Detectable using region size Geolocation method High accuracy Difficult to detect 11/18/2018 P. Gill - University of Toronto

41 P. Gill - University of Toronto
Road map Motivation Background Adversary models Evaluation Conclusions Future work 11/18/2018 P. Gill - University of Toronto

42 P. Gill - University of Toronto
Conclusions Current geolocation approaches are susceptible to malicious targets Databases misled by proxies Measurement-based geolocation by attacks on delay and topology measurements Developed and evaluated adversary models for measurement-based geolocation techniques Topology-aware geolocation better in benign case, worse in adversarial setting! 11/18/2018 P. Gill - University of Toronto

43 P. Gill - University of Toronto
Future work Develop a framework for secure geolocation Require the adversary to prove they are in the correct location Goals: Provable security: Upper bound on what an adversary can get away with. Practical framework: Should be tolerant of variations in network delay 11/18/2018 P. Gill - University of Toronto

44 Paper appears in: Usenix Security 2010
Thanks! Paper appears in: Usenix Security 2010 Contact: 11/18/2018 P. Gill - University of Toronto

Download ppt "Phillipa Gill University of Toronto"

Similar presentations

Pune, India, 13 – 15 December 2010 ITU-T Kaleidoscope 2010 Beyond the Internet? - Innovations for future networks and services Dr. Bamba Gueye Joint work.

Pune, India, 13 – 15 December 2010 ITU-T Kaleidoscope 2010 Beyond the Internet? - Innovations for future networks and services Dr. Bamba Gueye Joint work.
Dude, where’s that IP? Circumventing measurement-based IP geolocation Presented by: Steven Zittrower.

Dude, where’s that IP? Circumventing measurement-based IP geolocation Presented by: Steven Zittrower.
Understanding Geolocation Accuracy using Network Geometry Brian Eriksson Technicolor Palo Alto Mark Crovella Boston University.

Understanding Geolocation Accuracy using Network Geometry Brian Eriksson Technicolor Palo Alto Mark Crovella Boston University.
Design of a reliable communication system for grid-style traffic light networks Junghoon Lee Dept. of Computer science and statistics Jeju National University.

Design of a reliable communication system for grid-style traffic light networks Junghoon Lee Dept. of Computer science and statistics Jeju National University.
I have a DREAM! (DiffeRentially privatE smArt Metering) Gergely Acs and Claude Castelluccia {gergely.acs, INRIA 2011.

I have a DREAM! (DiffeRentially privatE smArt Metering) Gergely Acs and Claude Castelluccia {gergely.acs, INRIA 2011.
Intel Research Internet Coordinate Systems - 03/03/2004 Internet Coordinate Systems Marcelo Pias Intel Research Cambridge

Intel Research Internet Coordinate Systems - 03/03/2004 Internet Coordinate Systems Marcelo Pias Intel Research Cambridge
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 7.3 Secure and Resilient Location Discovery in Wireless.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 7.3 Secure and Resilient Location Discovery in Wireless.
Phillipa Gill, Yashar Ganijali Dept. of CS University of Toronto Bernard Wong Dept. of CS Cornell University David Lie Dept. of Electrical and Computer.

Phillipa Gill, Yashar Ganijali Dept. of CS University of Toronto Bernard Wong Dept. of CS Cornell University David Lie Dept. of Electrical and Computer.
Fabián E. Bustamante, 2007 Meridian: A lightweight network location service without virtual coordinates B. Wong, A. Slivkins and E. Gün Sirer SIGCOM 2005.

Fabián E. Bustamante, 2007 Meridian: A lightweight network location service without virtual coordinates B. Wong, A. Slivkins and E. Gün Sirer SIGCOM 2005.
On the Hardness of Evading Combinations of Linear Classifiers Daniel Lowd University of Oregon Joint work with David Stevens.

On the Hardness of Evading Combinations of Linear Classifiers Daniel Lowd University of Oregon Joint work with David Stevens.
By Hitesh Ballani, Paul Francis, Xinyang Zhang Slides by Benson Luk for CS 217B.

By Hitesh Ballani, Paul Francis, Xinyang Zhang Slides by Benson Luk for CS 217B.
SIA: Secure Information Aggregation in Sensor Networks Bartosz Przydatek, Dawn Song, Adrian Perrig Carnegie Mellon University Carl Hartung CSCI 7143: Secure.

SIA: Secure Information Aggregation in Sensor Networks Bartosz Przydatek, Dawn Song, Adrian Perrig Carnegie Mellon University Carl Hartung CSCI 7143: Secure.
Geolocation Les Cottrell – SLAC University of Helwan / Egypt, Sept 18 – Oct 3, 2010 Partially funded by DOE/MICS Field Work Proposal on Internet End-to-end.

Geolocation Les Cottrell – SLAC University of Helwan / Egypt, Sept 18 – Oct 3, 2010 Partially funded by DOE/MICS Field Work Proposal on Internet End-to-end.
Loss and Delay Accountability for the Internet by Presented by:Eric Chan Kai Chen.

Loss and Delay Accountability for the Internet by Presented by:Eric Chan Kai Chen.
A Detailed Path-latency Model for Router Geolocation Sándor Laki *, Péter Mátray, Péter Hága, István Csabai and Gábor Vattay Department of Physics of Complex.

A Detailed Path-latency Model for Router Geolocation Sándor Laki *, Péter Mátray, Péter Hága, István Csabai and Gábor Vattay Department of Physics of Complex.
SybilGuard: Defending Against Sybil Attacks via Social Networks Haifeng Yu, Michael Kaminsky, Phillip B. Gibbons, and Abraham Flaxman Presented by Ryan.

SybilGuard: Defending Against Sybil Attacks via Social Networks Haifeng Yu, Michael Kaminsky, Phillip B. Gibbons, and Abraham Flaxman Presented by Ryan.
Internet Quarantine: Requirements for Containing Self-Propagating Code David Moore et. al. University of California, San Diego.

Internet Quarantine: Requirements for Containing Self-Propagating Code David Moore et. al. University of California, San Diego.
 Structured peer to peer overlay networks are resilient – but not secure.  Even a small fraction of malicious nodes may result in failure of correct.

 Structured peer to peer overlay networks are resilient – but not secure.  Even a small fraction of malicious nodes may result in failure of correct.
Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks Locations.

Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks Locations.
 Zhichun Li  The Robust and Secure Systems group at NEC Research Labs  Northwestern University  Tsinghua University 2.

 Zhichun Li  The Robust and Secure Systems group at NEC Research Labs  Northwestern University  Tsinghua University 2.

Similar presentations

Ads by Google