Search CORE

360 research outputs found

Efficient Unobservable Anonymous Reporting against Strong Adversaries

Author: Amir Herzberg
Nethanel Gelernter
Publication venue: International Association for Cryptologic Research (IACR)
Publication date: 30/08/2013
Field of study

We present DURP, a decentralized protocol for unobservable, anonymous reporting to an untrusted destination, with low latency and overhead. DURP provably ensures strong anonymity properties, as required for some applications (and not provided by existing systems and practical designs, e.g., Tor), specifically: Provable unobservability against global eavesdropper and malicious participants. Provable source anonymity against a malicious destination. Probable-innocence against a malicious destination which is also a global eavesdropper. DURP design is a modular combination of two modules: a queuing module, ensuring fixed rates for certain events, together with an anonymization module, which can use either Onion-Routing (DURP^OR) or Crowds (DURP^Crowds). We present anal-ysis, backed by simulation results, of the network properties and performance of DURP, and show it has reasonable overhead. We also use the analysis results to create an optimized version of DURP

Cryptology ePrint Archive

Command & Control: Understanding, Denying and Detecting - A review of malware C2 techniques, detection and defences

Author: Cova Marco
Gardiner Joseph
Nagaraja Shishir
Publication venue
Publication date: 05/08/2014
Field of study

In this survey, we first briefly review the current state of cyber attacks, highlighting significant recent changes in how and why such attacks are performed. We then investigate the mechanics of malware command and control (C2) establishment: we provide a comprehensive review of the techniques used by attackers to set up such a channel and to hide its presence from the attacked parties and the security tools they use. We then switch to the defensive side of the problem, and review approaches that have been proposed for the detection and disruption of C2 channels. We also map such techniques to widely-adopted security controls, emphasizing gaps or limitations (and success stories) in current best practices.Comment: Work commissioned by CPNI, available at c2report.org. 38 pages. Listing abstract compressed from version appearing in repor

arXiv.org e-Print Archive

Explore Bristol Research

(Un)Suitability of Anonymous Communication Systems to WSN

Author: Javier Lopez
Ruben Rios
Publication venue
Publication date: 11/04/2020
Field of study

Abstract Anonymous communication systems have been extensively studied by the research community to prevent the disclosure of sensitive information from the analysis of individuals' traffic patterns. Many remarkable solutions have been developed in this area, most of which have proven to be effective in the protection of user privacy against different types of attacks. Recently, the privacy preservation problem has also been considered in the realm of wireless sensor networks (WSNs) due to their imminent adoption in real-world scenarios. A special challenge that arises from the analysis of the flow of sensor nodes' communications is the location privacy problem. In this work we concentrate on analyzing the suitability of traditional anonymous communication systems originally designed for the Internet to the original scenario of sensor networks. The results show that, in most cases, traditional solutions do not provide the adequate protection means for the particular problem of location privacy, while other solutions are too resource-consuming for the restricted capabilities of sensor nodes

CiteSeerX

Fortified End-to-End Location Privacy and Anonymity in Wireless Sensor Networks: a Modular Approach

Author: Abuzneid Abdelshakour A.
Publication venue
Publication date: 20/03/2015
Field of study

Wireless sensor network (WSN) consists of many hosts called sensors. These sensors can sense a phenomenon (motion, temperature, humidity, average, max, min, etc.) and represent what they sense in a form of data. There are many applications for WSNs; including object tracking and monitoring where in most of the cases these objects need protection. In these applications, data privacy itself might not be as important as the privacy of source location. In addition to the source location privacy, sink location privacy should also be provided. Providing an efficient end-to-end privacy solution would be a challenging task to achieve due to the open nature of the WSN. The key schemes needed for end-to-end location privacy are anonymity, observability, capture likelihood, and safety period. We extend this work to allow for countermeasures against multi-local and global adversaries. We present a network model that is protected against a sophisticated threat model: passive /active and local/multi-local/global attacks. This work provides a solution for end-to-end anonymity and location privacy as well. We will introduce a framework called fortified anonymous communication (FAC) protocol for WSN

UB ScholarWorks

ToR K-Anonymity against deep learning watermarking attacks

Author: Horta Miguel Sacadura Paz Santos
Publication venue
Publication date: 01/11/2022
Field of study

It is known that totalitarian regimes often perform surveillance and censorship of their communication networks. The Tor anonymity network allows users to browse the Internet anonymously to circumvent censorship filters and possible prosecution. This has made Tor an enticing target for state-level actors and cooperative state-level adversaries, with privileged access to network traffic captured at the level of Autonomous Systems(ASs) or Internet Exchange Points(IXPs). This thesis studied the attack typologies involved, with a particular focus on traffic correlation techniques for de-anonymization of Tor endpoints. Our goal was to design a test-bench environment and tool, based on recently researched deep learning techniques for traffic analysis, to evaluate the effectiveness of countermeasures provided by recent ap- proaches that try to strengthen Tor’s anonymity protection. The targeted solution is based on K-anonymity input covert channels organized as a pre-staged multipath network. The research challenge was to design a test-bench environment and tool, to launch active correlation attacks leveraging traffic flow correlation through the detection of in- duced watermarks in Tor traffic. To de-anonymize Tor connection endpoints, our tool analyses intrinsic time patterns of Tor synthetic egress traffic to detect flows with previ- ously injected time-based watermarks. With the obtained results and conclusions, we contributed to the evaluation of the security guarantees that the targeted K-anonymity solution provides as a countermeasure against de-anonymization attacks.Já foi extensamente observado que em vários países governados por regimes totalitários existe monitorização, e consequente censura, nos vários meios de comunicação utilizados. O Tor permite aos seus utilizadores navegar pela internet com garantias de privacidade e anonimato, de forma a evitar bloqueios, censura e processos legais impostos pela entidade que governa. Estas propriedades tornaram a rede Tor um alvo de ataque para vários governos e ações conjuntas de várias entidades, com acesso privilegiado a extensas zonas da rede e vários pontos de acesso à mesma. Esta tese realiza o estudo de tipologias de ataques que quebram o anonimato da rede Tor, com especial foco em técnicas de correlação de tráfegos. O nosso objetivo é realizar um ambiente de estudo e ferramenta, baseada em técnicas recentes de aprendizagem pro- funda e injeção de marcas de água, para avaliar a eficácia de contramedidas recentemente investigadas, que tentam fortalecer o anonimato da rede Tor. A contramedida que pre- tendemos avaliar é baseada na criação de multi-circuitos encobertos, recorrendo a túneis TLS de entrada, de forma a acoplar o tráfego de um grupo anonimo de K utilizadores. A solução a ser desenvolvida deve lançar um ataque de correlação de tráfegos recorrendo a técnicas ativas de indução de marcas de água. Esta ferramenta deve ser capaz de correla- cionar tráfego sintético de saída de circuitos Tor, realizando a injeção de marcas de água à entrada com o propósito de serem detetadas num segundo ponto de observação. Aplicada a um cenário real, o propósito da ferramenta está enquadrado na quebra do anonimato de serviços secretos fornecidos pela rede Tor, assim como os utilizadores dos mesmos. Os resultados esperados irão contribuir para a avaliação da solução de anonimato de K utilizadores mencionada, que é vista como contramedida para ataques de desanonimi- zação

Repositório da Universidade Nova de Lisboa

Batched differentially private information retrieval

Author: Albab Kinan Dak
Graffi Kalman
Issa Rawane
Varia Mayank
Publication venue: USENIX Association
Publication date: 12/08/2022
Field of study

Private Information Retrieval (PIR) allows several clients to query a database held by one or more servers, such that the contents of their queries remain private. Prior PIR schemes have achieved sublinear communication and computation by leveraging computational assumptions, federating trust among many servers, relaxing security to permit differentially private leakage, refactoring effort into an offline stage to reduce online costs, or amortizing costs over a large batch of queries. In this work, we present an efficient PIR protocol that combines all of the above techniques to achieve constant amortized communication and computation complexity in the size of the database and constant client work. We leverage differentially private leakage in order to provide better trade-offs between privacy and efficiency. Our protocol achieves speed-ups up to and exceeding 10x in practical settings compared to state of the art PIR protocols, and can scale to batches with hundreds of millions of queries on cheap commodity AWS machines. Our protocol builds upon a new secret sharing scheme that is both incremental and non-malleable, which may be of interest to a wider audience. Our protocol provides security up to abort against malicious adversaries that can corrupt all but one party.1414119 - National Science Foundation; CNS-1718135 - National Science Foundation; CNS-1931714 - National Science Foundation; HR00112020021 - Department of Defense/DARPA; 000000000000000000000000000000000000000000000000000000037211 - SRI Internationalhttps://www.usenix.org/system/files/sec22-albab.pdfPublished versio

Boston University Institutional Repository (OpenBU)

Protecting Contextual Information in WSNs: Source- and Receiver-Location Privacy Solutions

Author: Rios-del-Pozo Ruben
Publication venue: Universidad de Málaga, Servicio de Publicaciones y Divulgación Científica
Publication date: 01/01/2014
Field of study

La privacidad es un derecho fundamental recogido por numerosas leyes y tratados entre los que destaca la Declaración Universal de los Derechos Humanos de las Naciones Unidas. Sin embargo, este derecho fundamental se ha visto vulnerado en numerosas ocasiones a lo largo de la historia; y el desarrollo de la tecnología, en especial la mejora de los sistemas de recolección, analisis y diseminación de información, han tenido gran parte de culpa. En la actualidad nos encontramos en un punto en el que el desarrollo y despliegue de sistemas ubicuos, encabezados por las redes inalámbricas de sensores, puede llegar a suponer un riesgo de privacidad sin precedentes dada su capacidad para recolectar información en cantidades y situaciones hasta el momento insospechadas. Existe, por tanto, una urgente necesidad de desarrollar mecanismos capaces de velar por nuestra información más sensible. Es precisamente éste uno de los objetivos principales de la presente tesis doctoral: facilitar la integración de las redes inalámbricas de sensores en nuestro día a día sin que éstas supongan un grave riesgo de privacidad. Esta tesis se centra en un problema de privacidad particular que viene derivado de la naturaleza inalámbrica de las comunicaciones y de la necesidad imperiosa de ahorrar energía que existe en estas redes de recursos restringidos. Para las redes de sensores, las comunicaciones suponen un gran porcentaje del presupuesto energético y, por ello, los protocolos de encaminamiento empleados tienden a minimizarlas, utilizando protocolos de camino óptimo. Aprovechándose de esta situación, un observador podría, mediante técnicas de análisis de tráfico no demasiado sofisticadas, y sin necesidad de descifrar el contenido de los paquete, determinar el origen y el destino de las comunicaciones. Esto supone, al igual que en los sistemas de comunicación tradicionales, un grave riesgo para la privacidad. Dado que el problema de la privacidad de localización en redes de sensores se reduce a una cuestión de análisis de tráfico, parece razonable pensar que las soluciones desarrolladas a tal fin en redes de computadores pueden ser de utilida. Sin embargo, esta hipótesis ha sido rechazada en varias ocasiones con argumentos vagos al respecto de las limitaciones computacionales y energéticas de las redes de sensores. Nosotros consideramos que esto no es motivo suficiente para descartar estas soluciones ya que, a pesar de la tendencia actual, en el futuro podríamos tener nodos sensores de gran capacidad. Por ello, uno de los objetivos de esta tesis ha sido realizar un análisis exhaustivo sobre la aplicabilidad de estas soluciones al ámbito de las redes de sensores, centrándonos no sólo en los requisitos computacionales sino también en las propiedades de anonimato que se persiguen, en los modelos de atacante y en las posibles limitaciones que podrían derivarse de su aplicación. Por otra parte, se ha realizado un amplio análisis de las soluciones de privacidad de localización existentes para redes de sensores. Este análisis no se ha centrado únicamente en estudiar las técnicas de protección de empleadas sino que además se ha esforzado en destacar las ventajas e inconvenientes de las distintas soluciones. Esto ha permitido desarrollar una completa taxonomía en varios niveles basada en los recursos que se desean proteger, los modelos de adversario a los que hacer frente y las principales características o técnicas empleadas por las diferentes soluciones. Además, a partir de esto se han detectado una serie de problemas abiertos y puntos de mejora del estado del arte actual, que se han plasmado en dos nuevas soluciones; una de las soluciones se ha centrado en la protección de la localización del origen de datos, mientras que la otra se ha enfocado a la protección de la estación base. Ambas soluciones tienen en cuenta atacantes con un rango de escucha parcial y capaces de desplazarse en el terreno para observar las comunicaciones en diferentes zonas de la red. La primera de las soluciones desarrolladas parte de la observación de que los mecanismos actuales se basan principalmente en el envío de paquetes siguiendo caminos aleatorios sin ningún conocimiento acerca de si estos caminos son realmente efectivos para hacer frente a un atacante local. La idea detrás de CALP es aprovechar la capacidad que tienen las redes de sensores para sentir lo que pasa en su entorno para desarrollar mecanismos de protección más inteligentes utilizando información acerca del atacante. De esta forma, se consigue reducir drásticamente el consumo energético de la solución y al mismo tiempo se reduce el retraso de las comunicaciones, ya que el mecanismo sólo se activa ante la presencia de un atacante. Aunque esta idea se ha aplicado únicamente a la protección de los nodos origen de datos, sus características indican que también sería posible aplicarla con éxito a la protección de la estación base. La segunda solución surge tras observar que las soluciones para proteger la estación base son demasiado costosas a nivel energético o, en su defecto, revelan información sobre su localización. Además, hasta la fecha ninguna solución había tenido en cuenta que si un atacante obtiene las tablas de rutas de un nodo obtiene información sobre la estación base. Nuestra solución, HISP-NC, se basa en dos mecanismos complementarios que, por un lado, hacen frente a ataques de análisis de tráfico y, por otro lado, protegen frente al nuevo modelo de atacante desarrollado. El primer mecanismo se basa en la homogeneización del tráfico en el entorno del camino y el segundo en la perturbación de la tabla de rutas, de manera que se dificulta el ataque al tiempo que se asegura la llegada de datos a la estación base

LAReferencia - Red Federada de Repositorios Institucionales de Publicaciones Científicas Latinoamericanas

Repositorio Institucional Universidad de Málaga

Source Anonymity against Global Adversary in WSNs Using Dummy Packet Injections: A Survey

Author: Abuzneid Abdelshakour A.
Bushnag Anas
Mahmood Ausif
Publication venue: 'MDPI AG'
Publication date: 01/10/2018
Field of study

Source anonymity in wireless sensor networks (WSNs) becomes a real concern in several applications such as tracking and monitoring. A global adversary that has sophisticated resources, high computation and full view of the network is an obvious threat to such applications. The network and applications need to be protected and secured to provide the expected outcome. Source anonymity is one of the fundamental WSNs security issues. It is all about preventing the adversary from reaching the origin by analyzing the traffic of the network. There are many methods to provide source anonymity, which is also known as Source Location Privacy (SLP). One of these methods is based on dummy packets. The basic notion is to inject the network with dummy packets to confuse the adversary about the location of the transmitting source node. This paper provides a survey of protocols for anonymity that use dummy packet injections. We discuss each technique from the point of their advantages and disadvantages. Further, We provide a comparison for the most promising techniques provided in the literature which use dummy packet injections. A comparison for the adversary assumptions and capabilities will be provided as well.http://dx.doi.org/10.3390/electronics710025

Multidisciplinary Digital Publishing Institute

UB ScholarWorks

Directory of Open Access Journals