Hidden and Uncontrolled - On the Emergence of Network Steganographic Threats

Network steganography is the art of hiding secret information within innocent network transmissions. Recent findings indicate that novel malware is increasingly using network steganography. Similarly, other malicious activities can profit from network steganography, such as data leakage or the exchange of pedophile data. This paper provides an introduction to network steganography and highlights its potential application for harmful purposes. We discuss the issues related to countering network steganography in practice and provide an outlook on further research directions and problems.Comment: 11 page

Systematizing Decentralization and Privacy: Lessons from 15 Years of Research and Deployments

Decentralized systems are a subset of distributed systems where multiple authorities control different components and no authority is fully trusted by all. This implies that any component in a decentralized system is potentially adversarial. We revise fifteen years of research on decentralization and privacy, and provide an overview of key systems, as well as key insights for designers of future systems. We show that decentralized designs can enhance privacy, integrity, and availability but also require careful trade-offs in terms of system complexity, properties provided, and degree of decentralization. These trade-offs need to be understood and navigated by designers. We argue that a combination of insights from cryptography, distributed systems, and mechanism design, aligned with the development of adequate incentives, are necessary to build scalable and successful privacy-preserving decentralized systems

Establishing Peer-to-Peer Distributed File Sharing System With Mobile Host

Viimase kümne aasta jooksul on mobiilsed seadmed nagu näiteks nutitelefonid, sülearvutid, pihuarvutid jne saanud lahutamatuks osaks igapäeva elust. See aga on tekitanud nõudluse võimsamate, kiiremate ja energiasäästlikumate seadmete järgi. Lisaks on iOSi ja Androidi operatsioonisüsteemide väljalaske tõttu suurenenud nii mobiilirakenduste arv kui ka keerukus. Sarnane areng on toimunud ka veebiteenuste valdkonnas ja nutitelefonides on ligi-pääs veebiteenustele muutunud elementaarseks. See aga on viinud järgmise sammuni – veebiteenuste pakkumine otse nutitelefonidest. See kontseptsioon pole uus ja seda on põh-jalikult uurinud S. N. Srirama, kes pakkus välja Mobile Host (Mobiilne Veebiteenuse Pak-kuja) lahenduse 2006. aastal, ning mida on C. Paniagua uuendanud Android OS’ile aastal 2012 kasutades REST arhitektuuri ja OSGi’t. P2P (Peer-to-Peer ehk partnervõrk) põhinevad programmid nagu näiteks failide jagamine ja sõnumite saatmine on tänapäeval arvutikasutajate seas laialdaselt levinud. Ar-vutid üle maailma on ühendatud omavahel ja jagavad ressursse selles süsteemis ilma keskse serverita. Iga arvuti selles võrgus on võrdne sel moel, et on võimeline ligi pääsema ja alla laadima ressursse teistest masinatest selles süsteemis. Töö kirjeldab põgusalt Mobile Hosti, P2P arhitektuuri, valitud P2P BitTorrenti pro-tokolli ja kuidas neid tehnoloogiaid kasutati P2P hajusa failide jagamise süsteemi loomi-seks. Uurimuse käigus arendati välja hajus failide jagamise süsteem Mobile Hosti lisana kasutades BitTorrenti protokollil põhinevat C++ keeles kirjutatud Libtorrenti teeki. Valmi-nud programm on võimeline looma torrent faili, avama ja laadima ning jagama vastavaid faile. Lisaks on võimalik muuta failide hoiustamise asukohta ja määrata mõningaid ses-siooni seadeid nagu näiteks alla ja üles laadimise kiirust piirata ning porti määrata. Failide jagamise teenust pakkuvate seadmete otsingu lihtsustamiseks seati üles Apache SOLR 4.2.0 veebiteenus mcrlabs.net serverisse millega suhtlus käib automaatselt.Mobile devices such as tablets, PDAs, mobile phones etc. have developed rapidly during last decade and become inseparable part of people’s everyday life. These devices are equipped with embedded sensors, camera, touchscreen, more memory, powerful processor, mobile 3G and 4G networks and Wi-Fi capability as well as efficient power consumption mechanisms. These improvements have led to mobile devices being able to perform tasks that usually personal computers are capable of. What is more due to release of Android OS and iOS applications for such mobile devices have increased as well as their complexity. Being online has become ubiquitous as Wi-Fi and mobile data networks are available in most of the places. For example over 45% of world’s population is covered by 3G mobile network [2]. Needlessly to say that makes using web services form mobile devices a com-mon thing. Such improvements lead to next generation of services which can be provided not only from dedicated servers but also from mobile phones. The concept of mobile web services provisioning is not new and has been in the ground for some time. Srirama et al. proposed the concept of Mobile Host [3] in 2006 where the mobile device acts as service provider. Mobile Host enables seamless integration of user specific services to the enterprise by following web service standards, also on the radio link and via resources constrained smart phones. Moreover Mobile Host fosters the new generation of ubiquitous and context-aware applications enabling the consumption of web services anywhere at any time from the handset. Mobile Host has been updated to latest technologies like for example REST archi-tecture which replaced SOAP so web services would be focused on systems resources. Early versions of Mobile Host were developed in PersonalJava and J2ME and meant for Symbian devices but as now the biggest share in smart phones market is held by Android then Mobile Host was upgraded for that platform by Paniagua [4] in 2012. Contribution of this thesis was to develop Peer-to-Peer (P2P) distributed file shar-ing system to Mobile Host for Android. This feature comes in handy when we talk about services that enables file sharing. As Mobile Host by its nature can join or leave network at any moment then accessing files that client is interested in becomes critical as file to be downloaded would be offered only by one provider as in regular client-server architecture. P2P distributed file sharing capability for Mobile Host provides users more reliable file sharing environment in distributed manner as files are downloaded as pieces from all the online peers who have pieces of desired file. What is more, small metadata torrent files are hosted by Mobile Hosts and published as a service. This setup assures the independency from other platforms and hosts

Exploiting the power of multiplicity: a holistic survey of network-layer multipath

The Internet is inherently a multipath network: For an underlying network with only a single path, connecting various nodes would have been debilitatingly fragile. Unfortunately, traditional Internet technologies have been designed around the restrictive assumption of a single working path between a source and a destination. The lack of native multipath support constrains network performance even as the underlying network is richly connected and has redundant multiple paths. Computer networks can exploit the power of multiplicity, through which a diverse collection of paths is resource pooled as a single resource, to unlock the inherent redundancy of the Internet. This opens up a new vista of opportunities, promising increased throughput (through concurrent usage of multiple paths) and increased reliability and fault tolerance (through the use of multiple paths in backup/redundant arrangements). There are many emerging trends in networking that signify that the Internet's future will be multipath, including the use of multipath technology in data center computing; the ready availability of multiple heterogeneous radio interfaces in wireless (such as Wi-Fi and cellular) in wireless devices; ubiquity of mobile devices that are multihomed with heterogeneous access networks; and the development and standardization of multipath transport protocols such as multipath TCP. The aim of this paper is to provide a comprehensive survey of the literature on network-layer multipath solutions. We will present a detailed investigation of two important design issues, namely, the control plane problem of how to compute and select the routes and the data plane problem of how to split the flow on the computed paths. The main contribution of this paper is a systematic articulation of the main design issues in network-layer multipath routing along with a broad-ranging survey of the vast literature on network-layer multipathing. We also highlight open issues and identify directions for future work

Estudo do IPFS como protocolo de distribuição de conteúdos em redes veiculares

Over the last few years, vehicular ad-hoc networks (VANETs) have been the focus of great progress due to the interest in autonomous vehicles and in distributing content not only between vehicles, but also to the Cloud. Performing a download/upload to/from a vehicle typically requires the existence of a cellular connection, but the costs associated with mobile data transfers in hundreds or thousands of vehicles quickly become prohibitive. A VANET allows the costs to be several orders of magnitude lower - while keeping the same large volumes of data - because it is strongly based in the communication between vehicles (nodes of the network) and the infrastructure. The InterPlanetary File System (IPFS) is a protocol for storing and distributing content, where information is addressed by its content, instead of its location. It was created in 2014 and it seeks to connect all computing devices with the same system of files, comparable to a BitTorrent swarm exchanging Git objects. It has been tested and deployed in wired networks, but never in an environment where nodes have intermittent connectivity, such as a VANET. This work focuses on understanding IPFS, how/if it can be applied to the vehicular network context, and comparing it with other content distribution protocols. In this dissertation, IPFS has been tested in a small and controlled network to understand its working applicability to VANETs. Issues such as neighbor discoverability times and poor hashing performance have been addressed. To compare IPFS with other protocols (such as Veniam’s proprietary solution or BitTorrent) in a relevant way and in a large scale, an emulation platform was created. The tests in this emulator were performed in different times of the day, with a variable number of files and file sizes. Emulated results show that IPFS is on par with Veniam’s custom V2V protocol built specifically for V2V, and greatly outperforms BitTorrent regarding neighbor discoverability and data transfers. An analysis of IPFS’ performance in a real scenario was also conducted, using a subset of STCP’s vehicular network in Oporto, with the support of Veniam. Results from these tests show that IPFS can be used as a content dissemination protocol, showing it is up to the challenge provided by a constantly changing network topology, and achieving throughputs up to 2.8 MB/s, values similar or in some cases even better than Veniam’s proprietary solution.Nos últimos anos, as redes veiculares (VANETs) têm sido o foco de grandes avanços devido ao interesse em veículos autónomos e em distribuir conteúdos, não só entre veículos mas também para a "nuvem" (Cloud). Tipicamente, fazer um download/upload de/para um veículo exige a utilização de uma ligação celular (SIM), mas os custos associados a fazer transferências com dados móveis em centenas ou milhares de veículos rapidamente se tornam proibitivos. Uma VANET permite que estes custos sejam consideravelmente inferiores - mantendo o mesmo volume de dados - pois é fortemente baseada na comunicação entre veículos (nós da rede) e a infraestrutura. O InterPlanetary File System (IPFS - "sistema de ficheiros interplanetário") é um protocolo de armazenamento e distribuição de conteúdos, onde a informação é endereçada pelo conteúdo, em vez da sua localização. Foi criado em 2014 e tem como objetivo ligar todos os dispositivos de computação num só sistema de ficheiros, comparável a um swarm BitTorrent a trocar objetos Git. Já foi testado e usado em redes com fios, mas nunca num ambiente onde os nós têm conetividade intermitente, tal como numa VANET. Este trabalho tem como foco perceber o IPFS, como/se pode ser aplicado ao contexto de rede veicular e compará-lo a outros protocolos de distribuição de conteúdos. Numa primeira fase o IPFS foi testado numa pequena rede controlada, de forma a perceber a sua aplicabilidade às VANETs, e resolver os seus primeiros problemas como os tempos elevados de descoberta de vizinhos e o fraco desempenho de hashing. De modo a poder comparar o IPFS com outros protocolos (tais como a solução proprietária da Veniam ou o BitTorrent) de forma relevante e em grande escala, foi criada uma plataforma de emulação. Os testes neste emulador foram efetuados usando registos de mobilidade e conetividade veicular de alturas diferentes de um dia, com um número variável de ficheiros e tamanhos de ficheiros. Os resultados destes testes mostram que o IPFS está a par do protocolo V2V da Veniam (desenvolvido especificamente para V2V e VANETs), e que o IPFS é significativamente melhor que o BitTorrent no que toca ao tempo de descoberta de vizinhos e transferência de informação. Uma análise do desempenho do IPFS em cenário real também foi efetuada, usando um pequeno conjunto de nós da rede veicular da STCP no Porto, com o apoio da Veniam. Os resultados destes testes demonstram que o IPFS pode ser usado como protocolo de disseminação de conteúdos numa VANET, mostrando-se adequado a uma topologia constantemente sob alteração, e alcançando débitos até 2.8 MB/s, valores parecidos ou nalguns casos superiores aos do protocolo proprietário da Veniam.Mestrado em Engenharia de Computadores e Telemátic