1,436 research outputs found
BitTorrent Sync: Network Investigation Methodology
The volume of personal information and data most Internet users find
themselves amassing is ever increasing and the fast pace of the modern world
results in most requiring instant access to their files. Millions of these
users turn to cloud based file synchronisation services, such as Dropbox,
Microsoft Skydrive, Apple iCloud and Google Drive, to enable "always-on" access
to their most up-to-date data from any computer or mobile device with an
Internet connection. The prevalence of recent articles covering various
invasion of privacy issues and data protection breaches in the media has caused
many to review their online security practices with their personal information.
To provide an alternative to cloud based file backup and synchronisation,
BitTorrent Inc. released an alternative cloudless file backup and
synchronisation service, named BitTorrent Sync to alpha testers in April 2013.
BitTorrent Sync's popularity rose dramatically throughout 2013, reaching over
two million active users by the end of the year. This paper outlines a number
of scenarios where the network investigation of the service may prove
invaluable as part of a digital forensic investigation. An investigation
methodology is proposed outlining the required steps involved in retrieving
digital evidence from the network and the results from a proof of concept
investigation are presented.Comment: 9th International Conference on Availability, Reliability and
Security (ARES 2014
One Bad Apple Spoils the Bunch: Exploiting P2P Applications to Trace and Profile Tor Users
Tor is a popular low-latency anonymity network. However, Tor does not protect
against the exploitation of an insecure application to reveal the IP address
of, or trace, a TCP stream. In addition, because of the linkability of Tor
streams sent together over a single circuit, tracing one stream sent over a
circuit traces them all. Surprisingly, it is unknown whether this linkability
allows in practice to trace a significant number of streams originating from
secure (i.e., proxied) applications. In this paper, we show that linkability
allows us to trace 193% of additional streams, including 27% of HTTP streams
possibly originating from "secure" browsers. In particular, we traced 9% of Tor
streams carried by our instrumented exit nodes. Using BitTorrent as the
insecure application, we design two attacks tracing BitTorrent users on Tor. We
run these attacks in the wild for 23 days and reveal 10,000 IP addresses of Tor
users. Using these IP addresses, we then profile not only the BitTorrent
downloads but also the websites visited per country of origin of Tor users. We
show that BitTorrent users on Tor are over-represented in some countries as
compared to BitTorrent users outside of Tor. By analyzing the type of content
downloaded, we then explain the observed behaviors by the higher concentration
of pornographic content downloaded at the scale of a country. Finally, we
present results suggesting the existence of an underground BitTorrent ecosystem
on Tor
Compromising Tor Anonymity Exploiting P2P Information Leakage
Privacy of users in P2P networks goes far beyond their current usage and is a
fundamental requirement to the adoption of P2P protocols for legal usage. In a
climate of cold war between these users and anti-piracy groups, more and more
users are moving to anonymizing networks in an attempt to hide their identity.
However, when not designed to protect users information, a P2P protocol would
leak information that may compromise the identity of its users. In this paper,
we first present three attacks targeting BitTorrent users on top of Tor that
reveal their real IP addresses. In a second step, we analyze the Tor usage by
BitTorrent users and compare it to its usage outside of Tor. Finally, we depict
the risks induced by this de-anonymization and show that users' privacy
violation goes beyond BitTorrent traffic and contaminates other protocols such
as HTTP
Systematizing Decentralization and Privacy: Lessons from 15 Years of Research and Deployments
Decentralized systems are a subset of distributed systems where multiple
authorities control different components and no authority is fully trusted by
all. This implies that any component in a decentralized system is potentially
adversarial. We revise fifteen years of research on decentralization and
privacy, and provide an overview of key systems, as well as key insights for
designers of future systems. We show that decentralized designs can enhance
privacy, integrity, and availability but also require careful trade-offs in
terms of system complexity, properties provided, and degree of
decentralization. These trade-offs need to be understood and navigated by
designers. We argue that a combination of insights from cryptography,
distributed systems, and mechanism design, aligned with the development of
adequate incentives, are necessary to build scalable and successful
privacy-preserving decentralized systems
Measuring Infringement of Intellectual Property Rights
© Crown Copyright 2014. You may re-use this information (excluding logos) free of charge in any format or medium, under the terms of the Open Government Licence. To view this licence, visit http://www.nationalarchives.gov. uk/doc/open-government-licence/ Where we have identified any third party copyright information you will need to obtain permission from the copyright holders concernedThe review is wide-ranging in scope and overall our findings evidence a lack of appreciation among those producing research for the high-level principles of measurement and assessment of scale. To date, the approaches adopted by industry seem more designed for internal consumption and are usually contingent on particular technologies and/or sector perspectives. Typically, there is a lack of transparency in the methodologies and data used to form the basis of claims, making much of this an unreliable basis for policy formulation. The research approaches we found are characterised by a number of features that can be summarised as a preference for reactive approaches that look to establish snapshots of an important issue at the time of investigation. Most studies are ad hoc in nature and on the whole we found a lack of sustained longitudinal approaches that would develop the appreciation of change. Typically the studies are designed to address specific hypotheses that might serve to support the position of the particular commissioning body. To help bring some structure to this area, we propose a framework for the assessment of the volume of infringement in each different area. The underlying aim is to draw out a common approach wherever possible in each area, rather than being drawn initially to the differences in each field. We advocate on-going survey tracking of the attitudes, perceptions and, where practical, behaviours of both perpetrators and claimants in IP infringement. Clearly, the nature of perpetrators, claimants and enforcement differs within each IPR but in our view the assessment for each IPR should include all of these elements. It is important to clarify that the key element of the survey structure is the adoption of a survey sampling methodology and smaller volumes of representative participation. Once selection is given the appropriate priority, a traditional offline survey will have a part to play, but as the opportunity arises, new technological methodologies, particularly for the voluntary monitoring of online behaviour, can add additional detail to the overall assessment of the scale of activity. This framework can be applied within each of the IP right sectors: copyright, trademarks,patents, and design rights. It may well be that the costs involved with this common approach could be mitigated by a syndicated approach to the survey elements. Indeed, a syndicated approach has a number of advantages in addition to cost. It could be designed to reduce any tendency either to hide inappropriate/illegal activity or alternatively exaggerate its volume to fit with the theme of the survey. It also has the scope to allow for monthly assessments of attitudes rather than being vulnerable to unmeasured seasonal impacts
- …