Application of data analytics - Case studies

Data analytics is the technique of finding knowledge by examining raw data. It is an important tool for researchers to verify existing knowledge or infer new knowledge. In this dissertation, we focus on anonymous traffic and privacy-aware systems. Our research is divided into three data analytics case studies. We use data analytics to learn from and improve existing systems. Tor, an anonymous network, is designed to protect Internet users from traffic analysis attacks. Researchers have shown that traffic analysis like timing attack and website fingerprinting attack are still realistic and can be used to deanonymize Tor users. We first analyze the anonymity of Tor itself; we show that a timing attack can be used to bypass the anonymity provided by Tor. We also propose a schema to identify this type of timing attack. Our second case study is about website fingerprinting. We propose a new realistic cover traffic algorithm to mitigate website fingerprinting attacks. Our algorithm reduces the accuracy of website fingerprinting attacks to 14% with zero latency overhead and 20% bandwidth overhead. Our third case study is about web browser fingerprinting in anonymous communications. We analyze the network traffic generated by web browsers and show that features of web browsers can be inferred with high probability

Google's Android setup process security

Despite considerable research having been carried out into the security of the open-source Android operating system, the vast majority of Android devices run software significantly deviating from the open source core. While many of these changes are introduced by the original equipment manufacturer (OEM), almost every Android device available for sale also features a suite of Google-provided applications and services, which are not part of the Android Open Source Project (AOSP) code. These applications are installed with system-level privileges, and are effectively an extension of the operating system itself. We monitored the process of setting up an Android device, and have identified a number of design weaknesses in the implementation of a number of Google services features which come pre-installed on virtually every Android device on sale today, which could permit skilled and capable attackers to carry out persistent attacks against Android users

Web access monitoring mechanism for Android webview

In addition to conventional web browsers, WebView is used to display web content on Android. WebView is a component that enables the display of web content in mobile applications, and is extensively used. As WebView displays web content without having to redirect the user to web browsers, there is the possibility that unauthorized web access may be performed secretly via Web-View, and information in Android may be stolen or tampered with. Therefore, it is necessary to monitor and analyze web access via WebView, particularly because attacks exploiting WebView have been reported. However, there is no mechanism for monitoring web access viaWebView. In this work, the goals are to monitor web access via WebView and to analyze mobile applications using Web-View. To achieve these goals, we propose a web access monitoring mechanism for Android WebView. In this paper, the design and implementation of a mechanism that does not require any modifications to the Android Framework and Linux kernel are presented for the Chromium Android System WebView app. In addition, this paper presents evaluation results for the proposed mechanism

Efficient, Effective, and Realistic Website Fingerprinting Mitigation

Website fingerprinting attacks have been shown to be able to predict the website visited even if the network connection is encrypted and anonymized. These attacks have achieved accuracies as high as 92%. Mitigations to these attacks are using cover/decoy network traffic to add noise, padding to ensure all the network packets are the same size, and introducing network delays to confuse an adversary. Although these mitigations have been shown to be effective, reducing the accuracy to 10%, the overhead is high. The latency overhead is above 100% and the bandwidth overhead is at least 30%. We introduce a new realistic cover traffic algorithm, based on a user’s previous network traffic, to mitigate website fingerprinting attacks. In simulations, our algorithm reduces the accuracy of attacks to 14% with zero latency overhead and about 20% bandwidth overhead. In real-world experiments, our algorithms reduces the accuracy of attacks to 16% with only 20% bandwidth overhead

TOWARDS REDESIGNING WEB BROWSERS WITH SECURITY PRINCIPLES

Ph.DDOCTOR OF PHILOSOPH

Browser fingerprinting: how to protect machine learning models and data with differential privacy?

As modern communication networks grow more and more complex, manually maintaining an overview of deployed soft- and hardware is challenging. Mechanisms such as fingerprinting are utilized to automatically extract information from ongoing network traffic and map this to a specific device or application, e.g., a browser. Active approaches directly interfere with the traffic and impose security risks or are simply infeasible. Therefore, passive approaches are employed, which only monitor traffic but require a well-designed feature set since less information is available. However, even these passive approaches impose privacy risks. Browser identification from encrypted traffic may lead to data leakage, e.g., the browser history of users. We propose a passive browser fingerprinting method based on explainable features and evaluate two privacy protection mechanisms, namely differentially private classifiers and differentially private data generation. With a differentially private Random Decision Forest, we achieve an accuracy of 0.877. If we train a non-private Random Forest on differentially private synthetic data, we reach an accuracy up to 0.887, showing a reasonable trade-off between utility and privacy

Browser Fingerprinting: How to Protect Machine Learning Models and Data with Differential Privacy?

As modern communication networks grow more and more complex, manually maintaining an overview of deployed soft- and hardware is challenging. Mechanisms such as fingerprinting are utilized to automatically extract information from ongoing network traffic and map this to a specific device or application, e.g., a browser. Active approaches directly interfere with the traffic and impose security risks or are simply infeasible. Therefore, passive approaches are employed, which only monitor traffic but require a well-designed feature set since less information is available. However, even these passive approaches impose privacy risks. Browser identification from encrypted traffic may lead to data leakage, e.g., the browser history of users. We propose a passive browser fingerprinting method based on explainable features and evaluate two privacy protection mechanisms, namely differentially private classifiers and differentially private data generation. With a differentially private Random Decision Forest, we achieve an accuracy of 0.877. If we train a non-private Random Forest on differentially private synthetic data, we reach an accuracy up to 0.887, showing a reasonable trade-off between utility and privacy