10,320 research outputs found
Systemization of Pluggable Transports for Censorship Resistance
An increasing number of countries implement Internet censorship at different
scales and for a variety of reasons. In particular, the link between the
censored client and entry point to the uncensored network is a frequent target
of censorship due to the ease with which a nation-state censor can control it.
A number of censorship resistance systems have been developed thus far to help
circumvent blocking on this link, which we refer to as link circumvention
systems (LCs). The variety and profusion of attack vectors available to a
censor has led to an arms race, leading to a dramatic speed of evolution of
LCs. Despite their inherent complexity and the breadth of work in this area,
there is no systematic way to evaluate link circumvention systems and compare
them against each other. In this paper, we (i) sketch an attack model to
comprehensively explore a censor's capabilities, (ii) present an abstract model
of a LC, a system that helps a censored client communicate with a server over
the Internet while resisting censorship, (iii) describe an evaluation stack
that underscores a layered approach to evaluate LCs, and (iv) systemize and
evaluate existing censorship resistance systems that provide link
circumvention. We highlight open challenges in the evaluation and development
of LCs and discuss possible mitigations.Comment: Content from this paper was published in Proceedings on Privacy
Enhancing Technologies (PoPETS), Volume 2016, Issue 4 (July 2016) as "SoK:
Making Sense of Censorship Resistance Systems" by Sheharbano Khattak, Tariq
Elahi, Laurent Simon, Colleen M. Swanson, Steven J. Murdoch and Ian Goldberg
(DOI 10.1515/popets-2016-0028
Adaptive Traffic Fingerprinting for Darknet Threat Intelligence
Darknet technology such as Tor has been used by various threat actors for
organising illegal activities and data exfiltration. As such, there is a case
for organisations to block such traffic, or to try and identify when it is used
and for what purposes. However, anonymity in cyberspace has always been a
domain of conflicting interests. While it gives enough power to nefarious
actors to masquerade their illegal activities, it is also the cornerstone to
facilitate freedom of speech and privacy. We present a proof of concept for a
novel algorithm that could form the fundamental pillar of a darknet-capable
Cyber Threat Intelligence platform. The solution can reduce anonymity of users
of Tor, and considers the existing visibility of network traffic before
optionally initiating targeted or widespread BGP interception. In combination
with server HTTP response manipulation, the algorithm attempts to reduce the
candidate data set to eliminate client-side traffic that is most unlikely to be
responsible for server-side connections of interest. Our test results show that
MITM manipulated server responses lead to expected changes received by the Tor
client. Using simulation data generated by shadow, we show that the detection
scheme is effective with false positive rate of 0.001, while sensitivity
detecting non-targets was 0.016+-0.127. Our algorithm could assist
collaborating organisations willing to share their threat intelligence or
cooperate during investigations.Comment: 26 page
Characterizing and Improving the Reliability of Broadband Internet Access
In this paper, we empirically demonstrate the growing importance of
reliability by measuring its effect on user behavior. We present an approach
for broadband reliability characterization using data collected by many
emerging national initiatives to study broadband and apply it to the data
gathered by the Federal Communications Commission's Measuring Broadband America
project. Motivated by our findings, we present the design, implementation, and
evaluation of a practical approach for improving the reliability of broadband
Internet access with multihoming.Comment: 15 pages, 14 figures, 6 table
A Survey on Handover Management in Mobility Architectures
This work presents a comprehensive and structured taxonomy of available
techniques for managing the handover process in mobility architectures.
Representative works from the existing literature have been divided into
appropriate categories, based on their ability to support horizontal handovers,
vertical handovers and multihoming. We describe approaches designed to work on
the current Internet (i.e. IPv4-based networks), as well as those that have
been devised for the "future" Internet (e.g. IPv6-based networks and
extensions). Quantitative measures and qualitative indicators are also
presented and used to evaluate and compare the examined approaches. This
critical review provides some valuable guidelines and suggestions for designing
and developing mobility architectures, including some practical expedients
(e.g. those required in the current Internet environment), aimed to cope with
the presence of NAT/firewalls and to provide support to legacy systems and
several communication protocols working at the application layer
- …