BlindSignedID: Mitigating Denial-of-Service Attacks on Digital Contact Tracing

Due to the recent outbreak of COVID-19, many governments suspended outdoor activities and imposed social distancing policies to prevent the transmission of SARS-CoV-2. These measures have had severe impact on the economy and peoples' daily lives. An alternative to widespread lockdowns is effective contact tracing during an outbreak's early stage. However, mathematical models suggest that epidemic control for SARS-CoV-2 transmission with manual contact tracing is implausible. To reduce the effort of contact tracing, many digital contact tracing projects (e.g., PEPP-PT, DP-3T, TCN, BlueTrace, Google/Apple Exposure Notification, and East/West Coast PACT) are being developed to supplement manual contact tracing. However, digital contact tracing has drawn scrutiny from privacy advocates, since governments or other parties may attempt to use contact tracing protocols for mass surveillance. As a result, many digital contact tracing projects build privacy-preserving mechanisms to limit the amount of privacy-sensitive information leaked by the protocol. In this paper, we examine how these architectures resist certain classes of attacks, specifically DoS attacks, and present BlindSignedIDs, a privacy-preserving digital contact tracing mechanism, which are verifiable ephemeral identifiers to limit the effectiveness of MAC-compliant DoS attacks. In our evaluations, we showed BlindSignedID can effectively deny bogus EphIDs, mitigating DoS attacks on the local storage beyond 90% of stored EphIDs. Our example DoS attacks showed that using 4 attackers can cause the gigabyte level DoS attacks within normal working hours and days.Comment: 10 pages, 6 figure

Energy efficient privacy preserved data gathering in wireless sensor networks having multiple sinks

Wireless sensor networks (WSNs) generally have a many-to-one structure so that event information flows from sensors to a unique sink. In recent WSN applications, many-tomany structures are evolved due to need for conveying collected event information to multiple sinks at the same time. This study proposes an anonymity method bases on k-anonymity for preventing record disclosure of collected event information in WSNs. Proposed method takes the anonymity requirements of multiple sinks into consideration by providing different levels of privacy for each destination sink. Attributes, which may identify of an event owner, are generalized or encrypted in order to meet the different anonymity requirements of sinks. Privacy guaranteed event information can be multicasted to all sinks instead of sending to each sink one by one. Since minimization of energy consumption is an important design criteria for WSNs, our method enables us to multicast the same event information to multiple sinks and reduce energy consumption

Nonintrusive tracing in the Internet

Intruders that log in through a series of machines when conducting an attack are hard to trace because of the complex architecture of the Internet. The thumbprinting method provides an efficient way of tracing such intruders by determining whether two connections are part of the same connection chain. Because many connections are transient and therefore short in length, choosing the best time interval to thumbprint over can be an issue. In this paper, we provide a way to shorten the time interval used for thumbprinting. We then study some special properties of the thumbprinting function. We also study another mechanism for tracing intruders in the Internet based on a timestamping approach, which passively monitors flows between source and destination pairs. Given a potentially suspicious source, we identify its true destination. We compute the error probability of our algorithm and show that its value decreases exponentially as the observation time increases. Our simulation results show that our approach performs well