736 research outputs found
CYCLOSA: Decentralizing Private Web Search Through SGX-Based Browser Extensions
By regularly querying Web search engines, users (unconsciously) disclose
large amounts of their personal data as part of their search queries, among
which some might reveal sensitive information (e.g. health issues, sexual,
political or religious preferences). Several solutions exist to allow users
querying search engines while improving privacy protection. However, these
solutions suffer from a number of limitations: some are subject to user
re-identification attacks, while others lack scalability or are unable to
provide accurate results. This paper presents CYCLOSA, a secure, scalable and
accurate private Web search solution. CYCLOSA improves security by relying on
trusted execution environments (TEEs) as provided by Intel SGX. Further,
CYCLOSA proposes a novel adaptive privacy protection solution that reduces the
risk of user re- identification. CYCLOSA sends fake queries to the search
engine and dynamically adapts their count according to the sensitivity of the
user query. In addition, CYCLOSA meets scalability as it is fully
decentralized, spreading the load for distributing fake queries among other
nodes. Finally, CYCLOSA achieves accuracy of Web search as it handles the real
query and the fake queries separately, in contrast to other existing solutions
that mix fake and real query results
Fighting Authorship Linkability with Crowdsourcing
Massive amounts of contributed content -- including traditional literature,
blogs, music, videos, reviews and tweets -- are available on the Internet
today, with authors numbering in many millions. Textual information, such as
product or service reviews, is an important and increasingly popular type of
content that is being used as a foundation of many trendy community-based
reviewing sites, such as TripAdvisor and Yelp. Some recent results have shown
that, due partly to their specialized/topical nature, sets of reviews authored
by the same person are readily linkable based on simple stylometric features.
In practice, this means that individuals who author more than a few reviews
under different accounts (whether within one site or across multiple sites) can
be linked, which represents a significant loss of privacy.
In this paper, we start by showing that the problem is actually worse than
previously believed. We then explore ways to mitigate authorship linkability in
community-based reviewing. We first attempt to harness the global power of
crowdsourcing by engaging random strangers into the process of re-writing
reviews. As our empirical results (obtained from Amazon Mechanical Turk)
clearly demonstrate, crowdsourcing yields impressively sensible reviews that
reflect sufficiently different stylometric characteristics such that prior
stylometric linkability techniques become largely ineffective. We also consider
using machine translation to automatically re-write reviews. Contrary to what
was previously believed, our results show that translation decreases authorship
linkability as the number of intermediate languages grows. Finally, we explore
the combination of crowdsourcing and machine translation and report on the
results
The Evolution of Embedding Metadata in Blockchain Transactions
The use of blockchains is growing every day, and their utility has greatly
expanded from sending and receiving crypto-coins to smart-contracts and
decentralized autonomous organizations. Modern blockchains underpin a variety
of applications: from designing a global identity to improving satellite
connectivity. In our research we look at the ability of blockchains to store
metadata in an increasing volume of transactions and with evolving focus of
utilization. We further show that basic approaches to improving blockchain
privacy also rely on embedding metadata. This paper identifies and classifies
real-life blockchain transactions embedding metadata of a number of major
protocols running essentially over the bitcoin blockchain. The empirical
analysis here presents the evolution of metadata utilization in the recent
years, and the discussion suggests steps towards preventing criminal use.
Metadata are relevant to any blockchain, and our analysis considers primarily
bitcoin as a case study. The paper concludes that simultaneously with both
expanding legitimate utilization of embedded metadata and expanding blockchain
functionality, the applied research on improving anonymity and security must
also attempt to protect against blockchain abuse.Comment: 9 pages, 6 figures, 1 table, 2018 International Joint Conference on
Neural Network
I Know Where You are and What You are Sharing: Exploiting P2P Communications to Invade Users' Privacy
In this paper, we show how to exploit real-time communication applications to
determine the IP address of a targeted user. We focus our study on Skype,
although other real-time communication applications may have similar privacy
issues. We first design a scheme that calls an identified targeted user
inconspicuously to find his IP address, which can be done even if he is behind
a NAT. By calling the user periodically, we can then observe the mobility of
the user. We show how to scale the scheme to observe the mobility patterns of
tens of thousands of users. We also consider the linkability threat, in which
the identified user is linked to his Internet usage. We illustrate this threat
by combining Skype and BitTorrent to show that it is possible to determine the
file-sharing usage of identified users. We devise a scheme based on the
identification field of the IP datagrams to verify with high accuracy whether
the identified user is participating in specific torrents. We conclude that any
Internet user can leverage Skype, and potentially other real-time communication
systems, to observe the mobility and file-sharing usage of tens of millions of
identified users.Comment: This is the authors' version of the ACM/USENIX Internet Measurement
Conference (IMC) 2011 pape
Introducing Accountability to Anonymity Networks
Many anonymous communication (AC) networks rely on routing traffic through
proxy nodes to obfuscate the originator of the traffic. Without an
accountability mechanism, exit proxy nodes risk sanctions by law enforcement if
users commit illegal actions through the AC network. We present BackRef, a
generic mechanism for AC networks that provides practical repudiation for the
proxy nodes by tracing back the selected outbound traffic to the predecessor
node (but not in the forward direction) through a cryptographically verifiable
chain. It also provides an option for full (or partial) traceability back to
the entry node or even to the corresponding user when all intermediate nodes
are cooperating. Moreover, to maintain a good balance between anonymity and
accountability, the protocol incorporates whitelist directories at exit proxy
nodes. BackRef offers improved deployability over the related work, and
introduces a novel concept of pseudonymous signatures that may be of
independent interest.
We exemplify the utility of BackRef by integrating it into the onion routing
(OR) protocol, and examine its deployability by considering several
system-level aspects. We also present the security definitions for the BackRef
system (namely, anonymity, backward traceability, no forward traceability, and
no false accusation) and conduct a formal security analysis of the OR protocol
with BackRef using ProVerif, an automated cryptographic protocol verifier,
establishing the aforementioned security properties against a strong
adversarial model
- …