4,920 research outputs found
BitTorrent Sync: Network Investigation Methodology
The volume of personal information and data most Internet users find
themselves amassing is ever increasing and the fast pace of the modern world
results in most requiring instant access to their files. Millions of these
users turn to cloud based file synchronisation services, such as Dropbox,
Microsoft Skydrive, Apple iCloud and Google Drive, to enable "always-on" access
to their most up-to-date data from any computer or mobile device with an
Internet connection. The prevalence of recent articles covering various
invasion of privacy issues and data protection breaches in the media has caused
many to review their online security practices with their personal information.
To provide an alternative to cloud based file backup and synchronisation,
BitTorrent Inc. released an alternative cloudless file backup and
synchronisation service, named BitTorrent Sync to alpha testers in April 2013.
BitTorrent Sync's popularity rose dramatically throughout 2013, reaching over
two million active users by the end of the year. This paper outlines a number
of scenarios where the network investigation of the service may prove
invaluable as part of a digital forensic investigation. An investigation
methodology is proposed outlining the required steps involved in retrieving
digital evidence from the network and the results from a proof of concept
investigation are presented.Comment: 9th International Conference on Availability, Reliability and
Security (ARES 2014
Proceedings of Abstracts Engineering and Computer Science Research Conference 2019
© 2019 The Author(s). This is an open-access work distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited. For further details please see https://creativecommons.org/licenses/by/4.0/. Note: Keynote: Fluorescence visualisation to evaluate effectiveness of personal protective equipment for infection control is © 2019 Crown copyright and so is licensed under the Open Government Licence v3.0. Under this licence users are permitted to copy, publish, distribute and transmit the Information; adapt the Information; exploit the Information commercially and non-commercially for example, by combining it with other Information, or by including it in your own product or application. Where you do any of the above you must acknowledge the source of the Information in your product or application by including or linking to any attribution statement specified by the Information Provider(s) and, where possible, provide a link to this licence: http://www.nationalarchives.gov.uk/doc/open-government-licence/version/3/This book is the record of abstracts submitted and accepted for presentation at the Inaugural Engineering and Computer Science Research Conference held 17th April 2019 at the University of Hertfordshire, Hatfield, UK. This conference is a local event aiming at bringing together the research students, staff and eminent external guests to celebrate Engineering and Computer Science Research at the University of Hertfordshire. The ECS Research Conference aims to showcase the broad landscape of research taking place in the School of Engineering and Computer Science. The 2019 conference was articulated around three topical cross-disciplinary themes: Make and Preserve the Future; Connect the People and Cities; and Protect and Care
A Novel Seed Based Random Interleaving for OFDM System and Its PHY Layer Security Implications
Wireless channels are characterized by multipath and fading that can often cause long
burst of errors. Even though, to date, many very sophisticated error correcting codes have
been designed, yet none can handle long burst of errors efficiently. An interleaver, a
device that distributes a burst of errors, possibly caused by a deep fade, and makes them
appear as simple random errors, therefore, proves to a very useful technique when used in
conjunction with an efficient error correcting code.
In this work, a novel near optimal seed based random interleaver is designed. An optimal
interleaver scatters a given burst of errors uniformly over a fixed block of data - a
property that is measured by so called ‘spread’. The design makes use of a unique seed
based pseudo-random sequence generator or logistic map based chaotic sequence
generator to scramble the given block of data. Since the proposed design is based on a
seed based scrambler, the nature of input is irrelevant. Therefore, the proposed interleaver
can interleave either the bits or the symbols or the packets or even the frames.
Accordingly, in this work, we analyze the suitability of interleaver when introduced
before or after the modulation in single carrier communication systems and show that
interleaving the bits before modulation or interleaving the symbols after modulation has
same advantage. We further show that, in an orthogonal frequency division multiplexing
(OFDM) systems, the position of interleaver, whether before or after constellation
mapper, has no significance, and is interchangeable. However, scrambling symbols is
computationally less expensive than scrambling bits.
For the purpose of analyzing the performance of the proposed seed based random
interleaver, simulations are carried out in MATLAB®. Results show that our proposed
seed based random interleaver has near optimal properties of ‘spread’ and ‘dispersion’.
Furthermore, the proposed interleaver is evaluated in terms of bit error rate (BER) versus
length of burst error in a single carrier system both before and after modulation. The
proposed interleaver out-performs the built in RANDINTLV in MATLAB® when used in
the same system. It shows that proposed interleaver can convert greater amount of burst
errors into simple random errors than that of MATLAB® interleaver. The proposed
interleaver is also tested in IEEE 802.16e based WiMAX system with Stanford University Interim (SUI) channels to compare the performance of average BER versus
SNR for both pre modulation and post modulation interleaver. Results show that pre
modulation interleaver and post modulation has same performance.
There is also a side advantage of this seed based interleaver, in that it generates a variety
of unique random-looking interleaving sequences. Only a receiver that has the knowledge
of the input seed can generate this sequence and no one else. If the interleaving patterns
are kept secure then it can possibly be used to introduce an extra layer of security at
physical (PHY) layer. In that way, at PHY layer, one builds an additional entry barrier to
break through and it comes with no extra cost. This property has been investigated by
carrying out key sensitivity analysis to show that the attacks to guess key can be very
futile, as difference at 4th decimal place in the initial condition can lead to entirely
different scrambling
Multimedia streaming adaptation IMS-networks
Introduction Multimedia services such as video, gaming and music marked the close of the last century and have become inextricably linked with our lives in the current century. The success and popularity of these services was fuelled by the explosive expansion of the Internet and the furious penetration of broadband networks. In particular, the use of multimedia streaming services on portable devices has been popular whenever both the content and the perceived delivery quality have met the expectations of end users. This chapter of the book does not address content aspects of multimedia streaming services. Such matters are left to media gurus and other researchers. Rather, this chapter focuses on the delivery quality of multimedia streaming services. Particular attention is paid to quality adaptation techniques intended to improve end users' experience of such services. Our scope includes heterogeneous networks and devices. The solutions presented are applicable to the telecommunications industry
Secure service proxy : a CoAP(s) intermediary for a securer and smarter web of things
As the IoT continues to grow over the coming years, resource-constrained devices and networks will see an increase in traffic as everything is connected in an open Web of Things. The performance- and function-enhancing features are difficult to provide in resource-constrained environments, but will gain importance if the WoT is to be scaled up successfully. For example, scalable open standards-based authentication and authorization will be important to manage access to the limited resources of constrained devices and networks. Additionally, features such as caching and virtualization may help further reduce the load on these constrained systems. This work presents the Secure Service Proxy (SSP): a constrained-network edge proxy with the goal of improving the performance and functionality of constrained RESTful environments. Our evaluations show that the proposed design reaches its goal by reducing the load on constrained devices while implementing a wide range of features as different adapters. Specifically, the results show that the SSP leads to significant savings in processing, network traffic, network delay and packet loss rates for constrained devices. As a result, the SSP helps to guarantee the proper operation of constrained networks as these networks form an ever-expanding Web of Things
TORKAMELEON. IMPROVING TOR’S CENSORSHIP RESISTANCE WITH K-ANONYMIZATION MEDIA MORPHING COVERT INPUT CHANNELS
Anonymity networks such as Tor and other related tools are powerful means of increas-
ing the anonymity and privacy of Internet users’ communications. Tor is currently the
most widely used solution by whistleblowers to disclose confidential information and
denounce censorship measures, including violations of civil rights, freedom of expres-
sion, or guarantees of free access to information. However, recent research studies have
shown that Tor is vulnerable to so-called powerful correlation attacks carried out by
global adversaries or collaborative Internet censorship parties. In the Tor ”arms race”
scenario, we can see that as new censorship, surveillance, and deep correlation tools have
been researched, new, improved solutions for preserving anonymity have also emerged.
In recent research proposals, unobservable encapsulation of IP packets in covert media
channels is one of the most promising defenses against such threat models. They leverage
WebRTC-based covert channels as a robust and practical approach against powerful traf-
fic correlation analysis. At the same time, these solutions are difficult to combat through
the traffic-blocking measures commonly used by censorship authorities.
In this dissertation, we propose TorKameleon, a censorship evasion solution de-
signed to protect Tor users with increased censorship resistance against powerful traffic
correlation attacks executed by global adversaries. The system is based on flexible K-
anonymization input circuits that can support TLS tunneling and WebRTC-based covert
channels before forwarding users’ original input traffic to the Tor network. Our goal
is to protect users from machine and deep learning correlation attacks between incom-
ing user traffic and observed traffic at different Tor network relays, such as middle and
egress relays. TorKameleon is the first system to implement a Tor pluggable transport
based on parameterizable TLS tunneling and WebRTC-based covert channels. We have
implemented the TorKameleon prototype and performed extensive validations to ob-
serve the correctness and experimental performance of the proposed solution in the Tor
environment. With these evaluations, we analyze the necessary tradeoffs between the
performance of the standard Tor network and the achieved effectiveness and performance
of TorKameleon, capable of preserving the required unobservability properties.Redes de anonimização como o Tor e soluções ou ferramentas semelhantes são meios
poderosos de aumentar a anonimidade e a privacidade das comunicações de utilizadores
da Internet . O Tor é atualmente a rede de anonimato mais utilizada por delatores para
divulgar informações confidenciais e denunciar medidas de censura tais como violações
de direitos civis e da liberdade de expressão, ou falhas nas garantias de livre acesso à
informação. No entanto, estudos recentes mostram que o Tor é vulnerável a adversários
globais ou a entidades que colaboram entre si para garantir a censura online. Neste
cenário competitivo e de jogo do “gato e do rato”, é possível verificar que à medida que
novas soluções de censura e vigilância são investigadas, novos sistemas melhorados para
a preservação de anonimato são também apresentados e refinados. O encapsulamento de
pacotes IP em túneis encapsulados em protocolos de media são uma das mais promissoras
soluções contra os novos modelos de ataque à anonimidade. Estas soluções alavancam
canais encobertos em protocolos de media baseados em WebRTC para resistir a poderosos
ataques de correlação de tráfego e a medidas de bloqueios normalmente usadas pelos
censores.
Nesta dissertação propomos o TorKameleon, uma solução desenhada para protoger
os utilizadores da rede Tor contra os mais recentes ataques de correlação feitos por um
modelo de adversário global. O sistema é baseado em estratégias de anonimização e
reencaminhamento do tráfego do utilizador através de K nós, utilizando também encap-
sulamento do tráfego em canais encobertos em túneis TLS ou WebRTC. O nosso objetivo
é proteger os utilizadores da rede Tor de ataques de correlação implementados através
de modelos de aprendizagem automática feitos entre o tráfego do utilizador que entra
na rede Tor e esse mesmo tráfego noutro segmento da rede, como por exemplo nos nós
de saída da rede. O TorKameleon é o primeiro sistema a implementar um Tor pluggable
transport parametrizável, baseado em túneis TLS ou em canais encobertos em protocolos
media. Implementamos um protótipo do sistema e realizamos uma extensa avalição expe-
rimental, inserindo a solução no ambiente da rede Tor. Com base nestas avaliações, anali-
zamos o tradeoff necessário entre a performance da rede Tor e a eficácia e a performance
obtida do TorKameleon, que garante as propriedades de preservação de anonimato
- …