Your Smart Home Can't Keep a Secret: Towards Automated Fingerprinting of IoT Traffic with Neural Networks

The IoT (Internet of Things) technology has been widely adopted in recent years and has profoundly changed the people's daily lives. However, in the meantime, such a fast-growing technology has also introduced new privacy issues, which need to be better understood and measured. In this work, we look into how private information can be leaked from network traffic generated in the smart home network. Although researchers have proposed techniques to infer IoT device types or user behaviors under clean experiment setup, the effectiveness of such approaches become questionable in the complex but realistic network environment, where common techniques like Network Address and Port Translation (NAPT) and Virtual Private Network (VPN) are enabled. Traffic analysis using traditional methods (e.g., through classical machine-learning models) is much less effective under those settings, as the features picked manually are not distinctive any more. In this work, we propose a traffic analysis framework based on sequence-learning techniques like LSTM and leveraged the temporal relations between packets for the attack of device identification. We evaluated it under different environment settings (e.g., pure-IoT and noisy environment with multiple non-IoT devices). The results showed our framework was able to differentiate device types with a high accuracy. This result suggests IoT network communications pose prominent challenges to users' privacy, even when they are protected by encryption and morphed by the network gateway. As such, new privacy protection methods on IoT traffic need to be developed towards mitigating this new issue

Tor Circuit Fingerprinting: Attacks and Defenses

Στην παρούσα διπλωματική εργασία θα μελετήσουμε το δίκτυο ανωνυμίας tor και την διαρροή ιδιωτικότητας μέσω fingerprinting attacks εστιάζοντας στο κομμάτι των hidden services που παρέχει το tor. Το tor είναι το μεγαλύτερο και πιο χρησιμοποιούμενο σύστημα ανωνυμίας, σχεδιασμένο κατά ρεαλιστικών σύγχρονων αντιπάλων. Σε πρόσφατες έρευνες έχει παρουσιαστεί η επιτυχία fingerprinting επιθέσεων ενάντια στο tor μέσω την ανάλυσης της ροής των δεδομένων που παράγονται κατά την διάρκεια της ανώνυμης επικοινωνίας. Η online ανωνυμία και ιδιωτικότητα επιτυγχάνεται με την παρουσία θορύβου στο δίκτυο, αναγκάζοντας τον επιτιθέμενο να μην είναι σε θέση να ξεχωρίσει και κατηγοριοποιήσει την κίνηση του δικτύου όταν και εφόσον είναι σε θέση να την παρατηρήσει. Μελετώντας προηγούμενες έρευνες, θα παρουσιάσουμε ότι τέτοιες επιθέσεις είναι εφικτές ακόμα και όταν το traffic σε application layer επίπεδο είναι ομοιόμορφο χωρίς ιδιαίτερα patterns που μπορούν να οδηγήσουν τον επιτιθέμενο σε άμεσα συμπεράσματα. Σε συνδυασμό με την ανάλυση των επιθέσεων προτείνουμε και αξιολογούμε κάποια defenses που μπορούν να εφαρμοστούν στην ροή της επικοινωνίας και βασίζονται στο ήδη υλοποιημένο defense framework του tor.This thesis studies tor anonymity network circuit fingerprinting problem focusing on the hidden services scope. Tor is the largest and most-used deployed anonymity system, designed against realistic modern adversaries. In recent researches, it has been proved that fingerprint Tor’s circuits is possible, simply by capturing and analyzing traffic traces. Online anonymity and privacy has been based on confusing the adversary by reating indistinguishable network elements. We study the circuit fingerprinting problem, isolating it from website fingerprinting, and revisit previous findings in this model, showing that accurate attacks are possible even when the application-layer traffic is identical. We propose a defense against circuit fingerprinting, using a generic adaptive padding framework that has already been implemented on Tor. We thoroughly evaluate the defense, discovering new subtle fingerprints, but also showing the effectiveness of the defense

Short Paper: Blockcheck the Typechain

Recent efforts have sought to design new smart contract programming languages that make writing blockchain programs safer. But programs on the blockchain are beholden only to the safety properties enforced by the blockchain itself: even the strictest language-only properties can be rendered moot on a language-oblivious blockchain due to inter-contract interactions. Consequently, while safer languages are a necessity, fully realizing their benefits necessitates a language-aware redesign of the blockchain itself. To this end, we propose that the blockchain be viewed as a typechain: a chain of typed programs-not arbitrary blocks-that are included iff they typecheck against the existing chain. Reaching consensus, or blockchecking, validates typechecking in a byzantine fault-tolerant manner. Safety properties traditionally enforced by a runtime are instead enforced by a type system with the aim of statically capturing smart contract correctness. To provide a robust level of safety, we contend that a typechain must minimally guarantee (1) asset linearity and liveness, (2) physical resource availability, including CPU and memory, (3) exceptionless execution, or no early termination, (4) protocol conformance, or adherence to some state machine, and (5) inter-contract safety, including reentrancy safety. Despite their exacting nature, typechains are extensible, allowing for rich libraries that extend the set of verified properties. We expand on typechain properties and present examples of real-world bugs they prevent