111 research outputs found
Towards a Secure Smart Grid Storage Communications Gateway
This research in progress paper describes the role of cyber security measures
undertaken in an ICT system for integrating electric storage technologies into
the grid. To do so, it defines security requirements for a communications
gateway and gives detailed information and hands-on configuration advice on
node and communication line security, data storage, coping with backend M2M
communications protocols and examines privacy issues. The presented research
paves the road for developing secure smart energy communications devices that
allow enhancing energy efficiency. The described measures are implemented in an
actual gateway device within the HORIZON 2020 project STORY, which aims at
developing new ways to use storage and demonstrating these on six different
demonstration sites.Comment: 6 pages, 2 figure
PREDICTING THE UNKNOWN: MACHINE LEARNING TECHNIQUES FOR VIDEO FINGERPRINTING ATTACKS OVER TOR
In recent years, anonymization services such as Tor have become a popular resource for terrorist organizations and violent extremist groups. These adversaries use Tor to access the Dark Web to distribute video media as a way to recruit, train, and incite violence and acts of terrorism worldwide. This research strives to address this issue by examining and analyzing the use and development of video fingerprinting attacks using deep learning models. These high-performing deep learning models are called Deep Fingerprinting, which is used to predict video patterns with high accuracy in a closed-world setting. We pose ourselves as the adversary by passively observing raw network traffic as a user downloads a short video from YouTube. Based on traffic patterns, we can deduce what video the user was streaming with higher accuracy than previously obtained. In addition, our results include identifying the genre of the video. Our results suggest that an adversary may predict the video a user downloads over Tor with up to 83% accuracy, even when the user applies additional defenses to protect online privacy. By comparing different Deep Fingerprinting models with one another, we can better understand which models perform better from both the attacker and user’s perspective.Lieutenant, United States NavyApproved for public release. Distribution is unlimited
ToR K-Anonymity against deep learning watermarking attacks
It is known that totalitarian regimes often perform surveillance and censorship of their
communication networks. The Tor anonymity network allows users to browse the Internet
anonymously to circumvent censorship filters and possible prosecution. This has made
Tor an enticing target for state-level actors and cooperative state-level adversaries, with
privileged access to network traffic captured at the level of Autonomous Systems(ASs) or
Internet Exchange Points(IXPs).
This thesis studied the attack typologies involved, with a particular focus on traffic
correlation techniques for de-anonymization of Tor endpoints. Our goal was to design a
test-bench environment and tool, based on recently researched deep learning techniques
for traffic analysis, to evaluate the effectiveness of countermeasures provided by recent ap-
proaches that try to strengthen Tor’s anonymity protection. The targeted solution is based
on K-anonymity input covert channels organized as a pre-staged multipath network.
The research challenge was to design a test-bench environment and tool, to launch
active correlation attacks leveraging traffic flow correlation through the detection of in-
duced watermarks in Tor traffic. To de-anonymize Tor connection endpoints, our tool
analyses intrinsic time patterns of Tor synthetic egress traffic to detect flows with previ-
ously injected time-based watermarks.
With the obtained results and conclusions, we contributed to the evaluation of the
security guarantees that the targeted K-anonymity solution provides as a countermeasure
against de-anonymization attacks.Já foi extensamente observado que em vários países governados por regimes totalitários
existe monitorização, e consequente censura, nos vários meios de comunicação utilizados.
O Tor permite aos seus utilizadores navegar pela internet com garantias de privacidade e
anonimato, de forma a evitar bloqueios, censura e processos legais impostos pela entidade
que governa. Estas propriedades tornaram a rede Tor um alvo de ataque para vários
governos e ações conjuntas de várias entidades, com acesso privilegiado a extensas zonas
da rede e vários pontos de acesso à mesma.
Esta tese realiza o estudo de tipologias de ataques que quebram o anonimato da rede
Tor, com especial foco em técnicas de correlação de tráfegos. O nosso objetivo é realizar
um ambiente de estudo e ferramenta, baseada em técnicas recentes de aprendizagem pro-
funda e injeção de marcas de água, para avaliar a eficácia de contramedidas recentemente
investigadas, que tentam fortalecer o anonimato da rede Tor. A contramedida que pre-
tendemos avaliar é baseada na criação de multi-circuitos encobertos, recorrendo a túneis
TLS de entrada, de forma a acoplar o tráfego de um grupo anonimo de K utilizadores. A
solução a ser desenvolvida deve lançar um ataque de correlação de tráfegos recorrendo a
técnicas ativas de indução de marcas de água. Esta ferramenta deve ser capaz de correla-
cionar tráfego sintético de saída de circuitos Tor, realizando a injeção de marcas de água à
entrada com o propósito de serem detetadas num segundo ponto de observação. Aplicada
a um cenário real, o propósito da ferramenta está enquadrado na quebra do anonimato
de serviços secretos fornecidos pela rede Tor, assim como os utilizadores dos mesmos.
Os resultados esperados irão contribuir para a avaliação da solução de anonimato de
K utilizadores mencionada, que é vista como contramedida para ataques de desanonimi-
zação
A Taxonomy for and Analysis of Anonymous Communications Networks
Any entity operating in cyberspace is susceptible to debilitating attacks. With cyber attacks intended to gather intelligence and disrupt communications rapidly replacing the threat of conventional and nuclear attacks, a new age of warfare is at hand. In 2003, the United States acknowledged that the speed and anonymity of cyber attacks makes distinguishing among the actions of terrorists, criminals, and nation states difficult. Even President Obama’s Cybersecurity Chief-elect recognizes the challenge of increasingly sophisticated cyber attacks. Now through April 2009, the White House is reviewing federal cyber initiatives to protect US citizen privacy rights. Indeed, the rising quantity and ubiquity of new surveillance technologies in cyberspace enables instant, undetectable, and unsolicited information collection about entities. Hence, anonymity and privacy are becoming increasingly important issues. Anonymization enables entities to protect their data and systems from a diverse set of cyber attacks and preserves privacy. This research provides a systematic analysis of anonymity degradation, preservation and elimination in cyberspace to enhance the security of information assets. This includes discovery/obfuscation of identities and actions of/from potential adversaries. First, novel taxonomies are developed for classifying and comparing well-established anonymous networking protocols. These expand the classical definition of anonymity and capture the peer-to-peer and mobile ad hoc anonymous protocol family relationships. Second, a unique synthesis of state-of-the-art anonymity metrics is provided. This significantly aids an entity’s ability to reliably measure changing anonymity levels; thereby, increasing their ability to defend against cyber attacks. Finally, a novel epistemic-based mathematical model is created to characterize how an adversary reasons with knowledge to degrade anonymity. This offers multiple anonymity property representations and well-defined logical proofs to ensure the accuracy and correctness of current and future anonymous network protocol design
Revealing the Landscape of Privacy-Enhancing Technologies in the Context of Data Markets for the IoT: A Systematic Literature Review
IoT data markets in public and private institutions have become increasingly
relevant in recent years because of their potential to improve data
availability and unlock new business models. However, exchanging data in
markets bears considerable challenges related to disclosing sensitive
information. Despite considerable research focused on different aspects of
privacy-enhancing data markets for the IoT, none of the solutions proposed so
far seems to find a practical adoption. Thus, this study aims to organize the
state-of-the-art solutions, analyze and scope the technologies that have been
suggested in this context, and structure the remaining challenges to determine
areas where future research is required. To accomplish this goal, we conducted
a systematic literature review on privacy enhancement in data markets for the
IoT, covering 50 publications dated up to July 2020, and provided updates with
24 publications dated up to May 2022. Our results indicate that most research
in this area has emerged only recently, and no IoT data market architecture has
established itself as canonical. Existing solutions frequently lack the
required combination of anonymization and secure computation technologies.
Furthermore, there is no consensus on the appropriate use of blockchain
technology for IoT data markets and a low degree of leveraging existing
libraries or reusing generic data market architectures. We also identified
significant challenges remaining, such as the copy problem and the recursive
enforcement problem that-while solutions have been suggested to some extent-are
often not sufficiently addressed in proposed designs. We conclude that
privacy-enhancing technologies need further improvements to positively impact
data markets so that, ultimately, the value of data is preserved through data
scarcity and users' privacy and businesses-critical information are protected.Comment: 49 pages, 17 figures, 11 table
SECURITY AND PRIVACY ISSUES IN MOBILE NETWORKS, DIFFICULTIES AND SOLUTIONS
Mobile communication is playing a vital role in the daily life for the last two decades; in turn its fields gained the research attention, which led to the introduction of new technologies, services and applications. These new added facilities aimed to ease the connectivity and reachability; on the other hand, many security and privacy concerns were not taken into consideration. This opened the door for the malicious activities to threaten the deployed systems and caused vulnerabilities for users, translated in the loss of valuable data and major privacy invasions. Recently, many attempts have been carried out to handle these concerns, such as improving systems’ security and implementing different privacy enhancing mechanisms. This research addresses these problems and provides a mean to preserve privacy in particular. In this research, a detailed description and analysis of the current security and privacy situation in the deployed systems is given. As a result, the existing shortages within these systems are pointed out, to be mitigated in development. Finally a privacy preserving prototype model is proposed. This research has been conducted as an extensive literature review about the most relevant references and researches in the field, using the descriptive and evaluative research methodologies. The main security models, parameters, modules and protocols are presented, also a detailed description of privacy and its related arguments, dimensions and factors is given. The findings include that mobile networks’ security along with users are vulnerable due to the weaknesses of the key exchange procedures, the difficulties that face possession, repudiation, standardization, compatibility drawbacks and lack of configurability. It also includes the need to implement new mechanisms to protect security and preserve privacy, which include public key cryptography, HIP servers, IPSec, TLS, NAT and DTLS-SRTP. Last but not least, it shows that privacy is not absolute and it has many conflicts, also privacy requires sophisticated systems, which increase the load and cost of the system.fi=Opinnäytetyö kokotekstinä PDF-muodossa.|en=Thesis fulltext in PDF format.|sv=Lärdomsprov tillgängligt som fulltext i PDF-format
Producer Anonymity based on Onion Routing in Named Data Networking
Named Data Networking (NDN) is one of promising next generation Internet architectures that aim to realize efficient content distribution. However, in terms of producer anonymity, NDN has a serious problem that adversaries can easily learn who publishes what content due to its feature that content is inherently tied to the producer by the content name and the signature. In this paper, we first define producer anonymity rigorously in terms of content-producer unlinkability, and then design a system to achieve it. Our design is based on hidden service, which is an onion routing-based system in IP, however, we improve it to take full advantage of NDN. We demonstrate that our system provides a level of anonymity comparable to hidden service with lower overhead through analysis and experiment
Defense Extensions for Website Fingerprinting Attacks on Nginx Web Server
Το Website Fingerprinting είναι μια προσπάθεια αναγνώρισης της σελίδας που
επισκέπτεται κάποιος υπό ανώνυμη και κρυπτογραφημένη δικτυακή κίνηση. Παρόλο που
αυτού του είδους η επίθεση μπορεί να μην είναι ιδιαίτερα αποτελεσματική στον παγκόσμιο
ιστό, στο δίκτυο του tor, οι ιστοσελίδες μπορούν να αναγνωριστούν με ακρίβεια 90%
περισσότερο από τις κανονικές ιστοσελίδες του παγκόσμιου ιστού.
Προκειμένου να το αντιμετωπίσουμε αυτό, έχουμε αναπτύξει το ALPaCA το οποίο αρχικά
προτάθηκε από τους Giovanni Cherubin, Jamie Hayes, Marc Juarez και σημαίνει
“Application Layer Padding Concerns Adversaries”.
Το ALPaCA είναι ένας μηχανισμός άμυνας από την πλευρά του εξυπηρετητή το οποίο
αποκρύπτει το πραγματικό μέγεθος του περιεχομένου μιας ιστοσελίδας, αλλάζοντας τα
μεγέθη των διαφορετικών στοιχείων της που αποστέλλονται στον πελάτη ή προσθέτοντας
νέα εικονικά στοιχεία.
Ο κώδικας της πτυχιακής βρίσκεται στον ακόλουθο σύνδεσμο:
https://github.com/LefterisDs/ngx_http_alpaca_moduleWebsite Fingerprinting is an attempt to identify a website, visited in anonymized and encrypted network traffic. Whilst this type of attack might not be very effective on the wide
web, on the tor network, the websites can be distinguished with an accuracy of 90% more
than regular sites.
To deal with this, we have developed ALPaCA, which was originally proposed by
Giovanni Cherubin, Jamie Hayes, Marc Juarez, and stands for “Application Layer
Padding Concerns Adversaries”.
This is a server-side defense mechanism that obscures the real content size of a website by changing the sizes of different objects sent to the client or by adding fake new ones.
The code of this thesis can be found at the following link: https://github.com/LefterisDs/ngx_http_alpaca_modul
Post-Quantum Era Privacy Protection for Intelligent Infrastructures
As we move into a new decade, the global world of Intelligent Infrastructure (II) services integrated into the Internet of Things (IoT) are at the forefront of technological advancements. With billions of connected devices spanning continents through interconnected networks, security and privacy protection techniques for the emerging II services become a paramount concern. In this paper, an up-to-date privacy method mapping and relevant use cases are surveyed for II services. Particularly, we emphasize on post-quantum cryptography techniques that may (or must when quantum computers become a reality) be used in the future through concrete products, pilots, and projects. The topics presented in this paper are of utmost importance as (1) several recent regulations such as Europe's General Data Protection Regulation (GDPR) have given privacy a significant place in digital society, and (2) the increase of IoT/II applications and digital services with growing data collection capabilities are introducing new threats and risks on citizens' privacy. This in-depth survey begins with an overview of security and privacy threats in IoT/IIs. Next, we summarize some selected Privacy-Enhancing Technologies (PETs) suitable for privacy-concerned II services, and then map recent PET schemes based on post-quantum cryptographic primitives which are capable of withstanding quantum computing attacks. This paper also overviews how PETs can be deployed in practical use cases in the scope of IoT/IIs, and maps some current projects, pilots, and products that deal with PETs. A practical case study on the Internet of Vehicles (IoV) is presented to demonstrate how PETs can be applied in reality. Finally, we discuss the main challenges with respect to current PETs and highlight some future directions for developing their post-quantum counterparts
Scalable and Anonymous Group Communication
Today\u27s Internet is not designed to protect the privacy of its users against network surveillance, and source and destination of any communication is easily exposed to third party observer. Tor, a volunteer-operated anonymity network, offers low-latency practical performance for unicast anonymous communication without central point of trust. However, Tor is known to be slow and it can not support group communication with scalable performance. Despite the extensive public interest in anonymous group communication, there is no system that provides anonymous group communication without central point of trust.
This dissertation presents MTor, a low-latency anonymous group communication system. We construct MTor as an extension to Tor, allowing the construction of multi-source multicast trees on top of the existing Tor infrastructure. MTor does not depend on an external service (e.g., an IRC server or Google Hangouts) to broker the group communication, and avoids central points of failure and trust. MTor\u27s substantial bandwidth savings and graceful scalability enable new classes of anonymous applications that are currently too bandwidth-intensive to be viable through traditional unicast Tor communication---e.g., group file transfer, collaborative editing, streaming video, and real-time audio conferencing.
We detail the design of MTor and then analyze its performance and anonymity. By simulating MTor in Shadow and TorPS using realistic models of the live Tor network\u27s topology and recent consensus records from the live Tor network, we show that MTor achieves 29% savings in network bandwidth and 73% reduction in transmission time as compared to the baseline approach for anonymous group communication among 20 group members. We also demonstrate that MTor scales gracefully with the number of group participants, and allows dynamic group composition over time. Importantly, as more Tor users switch to group communication, we show that the overall performance and bandwidth utilization for group communication improves. Finally, we discuss the anonymity implications of MTor and measure its resistance to traffic correlation attacks
- …