BitTorrent Sync: Network Investigation Methodology

The volume of personal information and data most Internet users find themselves amassing is ever increasing and the fast pace of the modern world results in most requiring instant access to their files. Millions of these users turn to cloud based file synchronisation services, such as Dropbox, Microsoft Skydrive, Apple iCloud and Google Drive, to enable "always-on" access to their most up-to-date data from any computer or mobile device with an Internet connection. The prevalence of recent articles covering various invasion of privacy issues and data protection breaches in the media has caused many to review their online security practices with their personal information. To provide an alternative to cloud based file backup and synchronisation, BitTorrent Inc. released an alternative cloudless file backup and synchronisation service, named BitTorrent Sync to alpha testers in April 2013. BitTorrent Sync's popularity rose dramatically throughout 2013, reaching over two million active users by the end of the year. This paper outlines a number of scenarios where the network investigation of the service may prove invaluable as part of a digital forensic investigation. An investigation methodology is proposed outlining the required steps involved in retrieving digital evidence from the network and the results from a proof of concept investigation are presented.Comment: 9th International Conference on Availability, Reliability and Security (ARES 2014

Proceedings of Abstracts Engineering and Computer Science Research Conference 2019

© 2019 The Author(s). This is an open-access work distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited. For further details please see https://creativecommons.org/licenses/by/4.0/. Note: Keynote: Fluorescence visualisation to evaluate effectiveness of personal protective equipment for infection control is © 2019 Crown copyright and so is licensed under the Open Government Licence v3.0. Under this licence users are permitted to copy, publish, distribute and transmit the Information; adapt the Information; exploit the Information commercially and non-commercially for example, by combining it with other Information, or by including it in your own product or application. Where you do any of the above you must acknowledge the source of the Information in your product or application by including or linking to any attribution statement specified by the Information Provider(s) and, where possible, provide a link to this licence: http://www.nationalarchives.gov.uk/doc/open-government-licence/version/3/This book is the record of abstracts submitted and accepted for presentation at the Inaugural Engineering and Computer Science Research Conference held 17th April 2019 at the University of Hertfordshire, Hatfield, UK. This conference is a local event aiming at bringing together the research students, staff and eminent external guests to celebrate Engineering and Computer Science Research at the University of Hertfordshire. The ECS Research Conference aims to showcase the broad landscape of research taking place in the School of Engineering and Computer Science. The 2019 conference was articulated around three topical cross-disciplinary themes: Make and Preserve the Future; Connect the People and Cities; and Protect and Care

A Novel Seed Based Random Interleaving for OFDM System and Its PHY Layer Security Implications

Wireless channels are characterized by multipath and fading that can often cause long burst of errors. Even though, to date, many very sophisticated error correcting codes have been designed, yet none can handle long burst of errors efficiently. An interleaver, a device that distributes a burst of errors, possibly caused by a deep fade, and makes them appear as simple random errors, therefore, proves to a very useful technique when used in conjunction with an efficient error correcting code. In this work, a novel near optimal seed based random interleaver is designed. An optimal interleaver scatters a given burst of errors uniformly over a fixed block of data - a property that is measured by so called ‘spread’. The design makes use of a unique seed based pseudo-random sequence generator or logistic map based chaotic sequence generator to scramble the given block of data. Since the proposed design is based on a seed based scrambler, the nature of input is irrelevant. Therefore, the proposed interleaver can interleave either the bits or the symbols or the packets or even the frames. Accordingly, in this work, we analyze the suitability of interleaver when introduced before or after the modulation in single carrier communication systems and show that interleaving the bits before modulation or interleaving the symbols after modulation has same advantage. We further show that, in an orthogonal frequency division multiplexing (OFDM) systems, the position of interleaver, whether before or after constellation mapper, has no significance, and is interchangeable. However, scrambling symbols is computationally less expensive than scrambling bits. For the purpose of analyzing the performance of the proposed seed based random interleaver, simulations are carried out in MATLAB®. Results show that our proposed seed based random interleaver has near optimal properties of ‘spread’ and ‘dispersion’. Furthermore, the proposed interleaver is evaluated in terms of bit error rate (BER) versus length of burst error in a single carrier system both before and after modulation. The proposed interleaver out-performs the built in RANDINTLV in MATLAB® when used in the same system. It shows that proposed interleaver can convert greater amount of burst errors into simple random errors than that of MATLAB® interleaver. The proposed interleaver is also tested in IEEE 802.16e based WiMAX system with Stanford University Interim (SUI) channels to compare the performance of average BER versus SNR for both pre modulation and post modulation interleaver. Results show that pre modulation interleaver and post modulation has same performance. There is also a side advantage of this seed based interleaver, in that it generates a variety of unique random-looking interleaving sequences. Only a receiver that has the knowledge of the input seed can generate this sequence and no one else. If the interleaving patterns are kept secure then it can possibly be used to introduce an extra layer of security at physical (PHY) layer. In that way, at PHY layer, one builds an additional entry barrier to break through and it comes with no extra cost. This property has been investigated by carrying out key sensitivity analysis to show that the attacks to guess key can be very futile, as difference at 4th decimal place in the initial condition can lead to entirely different scrambling

Multimedia streaming adaptation IMS-networks

Introduction Multimedia services such as video, gaming and music marked the close of the last century and have become inextricably linked with our lives in the current century. The success and popularity of these services was fuelled by the explosive expansion of the Internet and the furious penetration of broadband networks. In particular, the use of multimedia streaming services on portable devices has been popular whenever both the content and the perceived delivery quality have met the expectations of end users. This chapter of the book does not address content aspects of multimedia streaming services. Such matters are left to media gurus and other researchers. Rather, this chapter focuses on the delivery quality of multimedia streaming services. Particular attention is paid to quality adaptation techniques intended to improve end users' experience of such services. Our scope includes heterogeneous networks and devices. The solutions presented are applicable to the telecommunications industry

Secure service proxy : a CoAP(s) intermediary for a securer and smarter web of things

As the IoT continues to grow over the coming years, resource-constrained devices and networks will see an increase in traffic as everything is connected in an open Web of Things. The performance- and function-enhancing features are difficult to provide in resource-constrained environments, but will gain importance if the WoT is to be scaled up successfully. For example, scalable open standards-based authentication and authorization will be important to manage access to the limited resources of constrained devices and networks. Additionally, features such as caching and virtualization may help further reduce the load on these constrained systems. This work presents the Secure Service Proxy (SSP): a constrained-network edge proxy with the goal of improving the performance and functionality of constrained RESTful environments. Our evaluations show that the proposed design reaches its goal by reducing the load on constrained devices while implementing a wide range of features as different adapters. Specifically, the results show that the SSP leads to significant savings in processing, network traffic, network delay and packet loss rates for constrained devices. As a result, the SSP helps to guarantee the proper operation of constrained networks as these networks form an ever-expanding Web of Things

TORKAMELEON. IMPROVING TOR’S CENSORSHIP RESISTANCE WITH K-ANONYMIZATION MEDIA MORPHING COVERT INPUT CHANNELS

Anonymity networks such as Tor and other related tools are powerful means of increas- ing the anonymity and privacy of Internet users’ communications. Tor is currently the most widely used solution by whistleblowers to disclose confidential information and denounce censorship measures, including violations of civil rights, freedom of expres- sion, or guarantees of free access to information. However, recent research studies have shown that Tor is vulnerable to so-called powerful correlation attacks carried out by global adversaries or collaborative Internet censorship parties. In the Tor ”arms race” scenario, we can see that as new censorship, surveillance, and deep correlation tools have been researched, new, improved solutions for preserving anonymity have also emerged. In recent research proposals, unobservable encapsulation of IP packets in covert media channels is one of the most promising defenses against such threat models. They leverage WebRTC-based covert channels as a robust and practical approach against powerful traf- fic correlation analysis. At the same time, these solutions are difficult to combat through the traffic-blocking measures commonly used by censorship authorities. In this dissertation, we propose TorKameleon, a censorship evasion solution de- signed to protect Tor users with increased censorship resistance against powerful traffic correlation attacks executed by global adversaries. The system is based on flexible K- anonymization input circuits that can support TLS tunneling and WebRTC-based covert channels before forwarding users’ original input traffic to the Tor network. Our goal is to protect users from machine and deep learning correlation attacks between incom- ing user traffic and observed traffic at different Tor network relays, such as middle and egress relays. TorKameleon is the first system to implement a Tor pluggable transport based on parameterizable TLS tunneling and WebRTC-based covert channels. We have implemented the TorKameleon prototype and performed extensive validations to ob- serve the correctness and experimental performance of the proposed solution in the Tor environment. With these evaluations, we analyze the necessary tradeoffs between the performance of the standard Tor network and the achieved effectiveness and performance of TorKameleon, capable of preserving the required unobservability properties.Redes de anonimização como o Tor e soluções ou ferramentas semelhantes são meios poderosos de aumentar a anonimidade e a privacidade das comunicações de utilizadores da Internet . O Tor é atualmente a rede de anonimato mais utilizada por delatores para divulgar informações confidenciais e denunciar medidas de censura tais como violações de direitos civis e da liberdade de expressão, ou falhas nas garantias de livre acesso à informação. No entanto, estudos recentes mostram que o Tor é vulnerável a adversários globais ou a entidades que colaboram entre si para garantir a censura online. Neste cenário competitivo e de jogo do “gato e do rato”, é possível verificar que à medida que novas soluções de censura e vigilância são investigadas, novos sistemas melhorados para a preservação de anonimato são também apresentados e refinados. O encapsulamento de pacotes IP em túneis encapsulados em protocolos de media são uma das mais promissoras soluções contra os novos modelos de ataque à anonimidade. Estas soluções alavancam canais encobertos em protocolos de media baseados em WebRTC para resistir a poderosos ataques de correlação de tráfego e a medidas de bloqueios normalmente usadas pelos censores. Nesta dissertação propomos o TorKameleon, uma solução desenhada para protoger os utilizadores da rede Tor contra os mais recentes ataques de correlação feitos por um modelo de adversário global. O sistema é baseado em estratégias de anonimização e reencaminhamento do tráfego do utilizador através de K nós, utilizando também encap- sulamento do tráfego em canais encobertos em túneis TLS ou WebRTC. O nosso objetivo é proteger os utilizadores da rede Tor de ataques de correlação implementados através de modelos de aprendizagem automática feitos entre o tráfego do utilizador que entra na rede Tor e esse mesmo tráfego noutro segmento da rede, como por exemplo nos nós de saída da rede. O TorKameleon é o primeiro sistema a implementar um Tor pluggable transport parametrizável, baseado em túneis TLS ou em canais encobertos em protocolos media. Implementamos um protótipo do sistema e realizamos uma extensa avalição expe- rimental, inserindo a solução no ambiente da rede Tor. Com base nestas avaliações, anali- zamos o tradeoff necessário entre a performance da rede Tor e a eficácia e a performance obtida do TorKameleon, que garante as propriedades de preservação de anonimato