Conscript Your Friends into Larger Anonymity Sets with JavaScript

We present the design and prototype implementation of ConScript, a framework for using JavaScript to allow casual Web users to participate in an anonymous communication system. When a Web user visits a cooperative Web site, the site serves a JavaScript application that instructs the browser to create and submit "dummy" messages into the anonymity system. Users who want to send non-dummy messages through the anonymity system use a browser plug-in to replace these dummy messages with real messages. Creating such conscripted anonymity sets can increase the anonymity set size available to users of remailer, e-voting, and verifiable shuffle-style anonymity systems. We outline ConScript's architecture, we address a number of potential attacks against ConScript, and we discuss the ethical issues related to deploying such a system. Our implementation results demonstrate the practicality of ConScript: a workstation running our ConScript prototype JavaScript client generates a dummy message for a mix-net in 81 milliseconds and it generates a dummy message for a DoS-resistant DC-net in 156 milliseconds.Comment: An abbreviated version of this paper will appear at the WPES 2013 worksho

Synthetic steganography: Methods for generating and detecting covert channels in generated media

Issues of privacy in communication are becoming increasingly important. For many people and businesses, the use of strong cryptographic protocols is sufficient to protect their communications. However, the overt use of strong cryptography may be prohibited or individual entities may be prohibited from communicating directly. In these cases, a secure alternative to the overt use of strong cryptography is required. One promising alternative is to hide the use of cryptography by transforming ciphertext into innocuous-seeming messages to be transmitted in the clear. ^ In this dissertation, we consider the problem of synthetic steganography: generating and detecting covert channels in generated media. We start by demonstrating how to generate synthetic time series data that not only mimic an authentic source of the data, but also hide data at any of several different locations in the reversible generation process. We then design a steganographic context-sensitive tiling system capable of hiding secret data in a variety of procedurally-generated multimedia objects. Next, we show how to securely hide data in the structure of a Huffman tree without affecting the length of the codes. Next, we present a method for hiding data in Sudoku puzzles, both in the solved board and the clue configuration. Finally, we present a general framework for exploiting steganographic capacity in structured interactions like online multiplayer games, network protocols, auctions, and negotiations. Recognizing that structured interactions represent a vast field of novel media for steganography, we also design and implement an open-source extensible software testbed for analyzing steganographic interactions and use it to measure the steganographic capacity of several classic games. ^ We analyze the steganographic capacity and security of each method that we present and show that existing steganalysis techniques cannot accurately detect the usage of the covert channels. We develop targeted steganalysis techniques which improve detection accuracy and then use the insights gained from those methods to improve the security of the steganographic systems. We find that secure synthetic steganography, and accurate steganalysis thereof, depends on having access to an accurate model of the cover media

Revealing the unseen: how to expose cloud usage while protecting user privacy

Cloud users have little visibility into the performance characteristics and utilization of the physical machines underpinning the virtualized cloud resources they use. This uncertainty forces users and researchers to reverse engineer the inner workings of cloud systems in order to understand and optimize the conditions their applications operate. At Massachusetts Open Cloud (MOC), as a public cloud operator, we'd like to expose the utilization of our physical infrastructure to stop this wasteful effort. Mindful that such exposure can be used maliciously for gaining insight into other user's workloads, in this position paper we argue for the need for an approach that balances openness of the cloud overall with privacy for each tenant inside of it. We believe that this approach can be instantiated via a novel combination of several security and privacy technologies. We discuss the potential benefits, implications of transparency for cloud systems and users, and technical challenges/possibilities.Accepted manuscrip

Discovering New Vulnerabilities in Computer Systems

Vulnerability research plays a key role in preventing and defending against malicious computer system exploitations. Driven by a multi-billion dollar underground economy, cyber criminals today tirelessly launch malicious exploitations, threatening every aspect of daily computing. to effectively protect computer systems from devastation, it is imperative to discover and mitigate vulnerabilities before they fall into the offensive parties\u27 hands. This dissertation is dedicated to the research and discovery of new design and deployment vulnerabilities in three very different types of computer systems.;The first vulnerability is found in the automatic malicious binary (malware) detection system. Binary analysis, a central piece of technology for malware detection, are divided into two classes, static analysis and dynamic analysis. State-of-the-art detection systems employ both classes of analyses to complement each other\u27s strengths and weaknesses for improved detection results. However, we found that the commonly seen design patterns may suffer from evasion attacks. We demonstrate attacks on the vulnerabilities by designing and implementing a novel binary obfuscation technique.;The second vulnerability is located in the design of server system power management. Technological advancements have improved server system power efficiency and facilitated energy proportional computing. However, the change of power profile makes the power consumption subjected to unaudited influences of remote parties, leaving the server systems vulnerable to energy-targeted malicious exploit. We demonstrate an energy abusing attack on a standalone open Web server, measure the extent of the damage, and present a preliminary defense strategy.;The third vulnerability is discovered in the application of server virtualization technologies. Server virtualization greatly benefits today\u27s data centers and brings pervasive cloud computing a step closer to the general public. However, the practice of physical co-hosting virtual machines with different security privileges risks introducing covert channels that seriously threaten the information security in the cloud. We study the construction of high-bandwidth covert channels via the memory sub-system, and show a practical exploit of cross-virtual-machine covert channels on virtualized x86 platforms

Strategic Options for Iran: Balancing Pressure with Diplomacy

This third report from The Iran Project, considers the successes, shortfalls, and risks of strategies designed to pressure the Iranian government into changing its policies. It explores some of the advantages and disadvantages for U.S. interests in the Middle East that might flow from bilateral negotiations with Iran to achieve a nuclear deal, and propose steps that the President might take to establish a framework for direct talks with Iran's leadership that would build on the latest round of multilateral negotiations and proposals. Iran's actions -- particularly with regard to its nuclear program -- pose complex and dangerous challenges to U.S. interests and security, as well as to the security of Israel and possibly to stability in the Middle East. This paper sets out a response to these serious challenges. A strengthened U.S. diplomatic initiative would not replace the pressure track; rather, it would build on pressure already applied. Some measure of sanctions relief will have to be offered as part of a negotiated settlement; but pressure should not be eased without firm and verifiable Iranian commitments to greater transparency and agreed limits on Iran's nuclear program. The proposed bilateral discussions between the U.S. and Iran would not replace the multilateral negotiations that are now underway. Bilateral talks would have to proceed on a basis understood and ideally supported by the P5+1 (the five permanent members of the UN Security Council, plus Germany) and U.S. allies. This paper differs from earlier Iran Project publications in that it takes policy positions and makes recommendations for government action. The authors have sought to base these suggestions on factual, objective, nonpartisan analyses, consulting with nearly 20 former government officials and experts and seeking advice from a larger group of signatories

Management of covert brain infarction survey: A call to care for and trial this neglected population

BACKGROUND Covert brain infarction (CBI) is highly prevalent and linked with stroke risk factors, increased mortality, and morbidity. Evidence to guide management is sparse. We sought to gain information on current practice and attitudes toward CBI and to compare differences in management according to CBI phenotype. METHODS We conducted a web-based, structured, international survey from November 2021 to February 2022 among neurologists and neuroradiologists. The survey captured respondents' baseline characteristics, general approach toward CBI and included two case scenarios designed to evaluate management decisions taken upon incidental detection of an embolic-phenotype and a small-vessel-disease phenotype. RESULTS Of 627 respondents (38% vascular neurologists, 24% general neurologists, and 26% neuroradiologists), 362 (58%) had a partial, and 305 (49%) a complete response. Most respondents were university hospital senior faculty members experienced in stroke, mostly from Europe and Asia. Only 66 (18%) of respondents had established institutional written protocols to manage CBI. The majority indicated that they were uncertain regarding useful investigations and further management of CBI patients (median 67 on a slider 0-100, 95% CI 35-81). Almost all respondents (97%) indicated that they would assess vascular risk factors. Although most would investigate and treat similarly to ischemic stroke for both phenotypes, including initiating antithrombotic treatment, there was considerable diagnostic and therapeutic heterogeneity. Less than half of respondents (42%) would assess cognitive function or depression. CONCLUSIONS There is a high degree of uncertainty and heterogeneity regarding management of two common types of CBI, even among experienced stroke physicians. Respondents were more proactive regarding the diagnostic and therapeutic management than the minimum recommended by current expert opinions. More data are required to guide management of CBI; meantime, more consistent approaches to identification and consistent application of current knowledge, that also consider cognition and mood, would be promising first steps to improve consistency of care

Name-passing calculi and crypto-primitives: A survey

The paper surveys the literature on high-level name-passing process calculi, and their extensions with cryptographic primitives. The survey is by no means exhaustive, for essentially two reasons. First, in trying to provide a coherent presentation of different ideas and techniques, one inevitably ends up leaving out the approaches that do not fit the intended roadmap. Secondly, the literature on the subject has been growing at very high rate over the years. As a consequence, we decided to concentrate on few papers that introduce the main ideas, in the hope that discussing them in some detail will provide sufficient insight for further reading