142 research outputs found
DNS over Https (DoH)
DNS over HTTPS (DoH) is a new form of DNS encryption where DNS requests are no
longer in plaintext but are sent over Port 443, which is the port meant for HTTPS. The focus of
this paper is mainly on determining if fingerprinting can decrypt DoH queries because DoH is
built to protect and allow for DNS queries to be confidential and secure meaning not be left in
plaintext. If fingerprinting methods can decrypt DoH queries, the whole premise would be
invalid since an adversary could easily use fingerprinting to extract the DoH query data and
make it just as weak as the current role of DNS queries now. The use of Fingerprinting methods
such as ja3 and ja3s allows for the testing of fingerprinting techniques. Determining whether
there are clear signs to differentiate web pages hosted on the same server is essential. Under
DoH, there is enough obfuscation that differentiating web pages should not be possible. Leading
to protecting the confidentiality of the specific web page a client is trying to reach. We are using
the fingerprinting methods of ja3 and ja3s because all DoH requests require a TLS handshake,
and even under the new TLS standard TLS 1.3, the initial handshake is in plaintext meaning the
initial handshake is readable while the other handshakes after are not. The analysis will see if the
specific content and web pages are readable rather than just the generic server information
detailed during the initial handshake. The study will see how easy or difficult it is to identify
each set of requests and compare it to other requests that are made. Using ja3 and ja3s and the
results will help determine if minimal fingerprinting methods are valid in identifying and
differentiating between certain web pages hosted on the same server. From the analysis, though
the connected server information is public, there is no definite way to identify precisely which
web page on the server a client is visiting using the MD5 hash. Since DoH only connects the web
browser to the server, no specific information regarding the web page and its contents will be
available to view.Undergraduat
Web Tracking: Mechanisms, Implications, and Defenses
This articles surveys the existing literature on the methods currently used
by web services to track the user online as well as their purposes,
implications, and possible user's defenses. A significant majority of reviewed
articles and web resources are from years 2012-2014. Privacy seems to be the
Achilles' heel of today's web. Web services make continuous efforts to obtain
as much information as they can about the things we search, the sites we visit,
the people with who we contact, and the products we buy. Tracking is usually
performed for commercial purposes. We present 5 main groups of methods used for
user tracking, which are based on sessions, client storage, client cache,
fingerprinting, or yet other approaches. A special focus is placed on
mechanisms that use web caches, operational caches, and fingerprinting, as they
are usually very rich in terms of using various creative methodologies. We also
show how the users can be identified on the web and associated with their real
names, e-mail addresses, phone numbers, or even street addresses. We show why
tracking is being used and its possible implications for the users (price
discrimination, assessing financial credibility, determining insurance
coverage, government surveillance, and identity theft). For each of the
tracking methods, we present possible defenses. Apart from describing the
methods and tools used for keeping the personal data away from being tracked,
we also present several tools that were used for research purposes - their main
goal is to discover how and by which entity the users are being tracked on
their desktop computers or smartphones, provide this information to the users,
and visualize it in an accessible and easy to follow way. Finally, we present
the currently proposed future approaches to track the user and show that they
can potentially pose significant threats to the users' privacy.Comment: 29 pages, 212 reference
Hosting Industry Centralization and Consolidation
There have been growing concerns about the concentration and centralization
of Internet infrastructure. In this work, we scrutinize the hosting industry on
the Internet by using active measurements, covering 19 Top-Level Domains
(TLDs). We show how the market is heavily concentrated: 1/3 of the domains are
hosted by only 5 hosting providers, all US-based companies. For the
country-code TLDs (ccTLDs), however, hosting is primarily done by local,
national hosting providers and not by the large American cloud and content
providers. We show how shared languages (and borders) shape the hosting market
-- German hosting companies have a notable presence in Austrian and Swiss
markets, given they all share German as official language. While hosting
concentration has been relatively high and stable over the past four years, we
see that American hosting companies have been continuously increasing their
presence in the market related to high traffic, popular domains within ccTLDs
-- except for Russia, notably.Comment: to appear in IEEE/IFIP Network Operations and Management Symposium
https://noms2022.ieee-noms.org
TorSH: Obfuscating consumer Internet-of-Things traffic with a collaborative smart-home router network
When consumers install Internet-connected smart devices in their homes, metadata arising from the communications between these devices and their cloud-based service providers enables adversaries privy to this traffic to profile users, even when adequate encryption is used. Internet service providers (ISPs) are one potential adversary privy to users’ incom- ing and outgoing Internet traffic and either currently use this insight to assemble and sell consumer advertising profiles or may in the future do so. With existing defenses against such profiling falling short of meeting user preferences and abilities, there is a need for a novel solution that empowers consumers to defend themselves against profiling by ISP-like actors and that is more in tune with their wishes. In this thesis, we present The Onion Router for Smart Homes (TorSH), a network of smart-home routers working collaboratively to defend smart-device traffic from analysis by ISP-like adversaries. We demonstrate that TorSH succeeds in deterring such profiling while preserving smart-device experiences and without encumbering latency-sensitive, non-smart-device experiences like web browsing
- …