An Empirical Study of the I2P Anonymity Network and its Censorship Resistance

Tor and I2P are well-known anonymity networks used by many individuals to protect their online privacy and anonymity. Tor's centralized directory services facilitate the understanding of the Tor network, as well as the measurement and visualization of its structure through the Tor Metrics project. In contrast, I2P does not rely on centralized directory servers, and thus obtaining a complete view of the network is challenging. In this work, we conduct an empirical study of the I2P network, in which we measure properties including population, churn rate, router type, and the geographic distribution of I2P peers. We find that there are currently around 32K active I2P peers in the network on a daily basis. Of these peers, 14K are located behind NAT or firewalls. Using the collected network data, we examine the blocking resistance of I2P against a censor that wants to prevent access to I2P using address-based blocking techniques. Despite the decentralized characteristics of I2P, we discover that a censor can block more than 95% of peer IP addresses known by a stable I2P client by operating only 10 routers in the network. This amounts to severe network impairment: a blocking rate of more than 70% is enough to cause significant latency in web browsing activities, while blocking more than 90% of peer IP addresses can make the network unusable. Finally, we discuss the security consequences of the network being blocked, and directions for potential approaches to make I2P more resistant to blocking.Comment: 14 pages, To appear in the 2018 Internet Measurement Conference (IMC'18

Active and Passive Immunization Protects against Lethal, Extreme Drug Resistant-Acinetobacter baumannii Infection

Extreme-drug-resistant (XDR) Acinetobacter baumannii is a rapidly emerging pathogen causing infections with unacceptably high mortality rates due to inadequate available treatment. New methods to prevent and treat such infections are a critical unmet medical need. To conduct a rational vaccine discovery program, OmpA was identified as the primary target of humoral immune response after intravenous infection by A. baumannii in mice. OmpA was >99% conserved at the amino acid level across clinical isolates harvested between 1951 and 2009 from cerebrospinal fluid, blood, lung, and wound infections, including carbapenem-resistant isolates, and was ≥89% conserved among other sequenced strains, but had minimal homology to the human proteome. Vaccination of diabetic mice with recombinant OmpA (rOmpA) with aluminum hydroxide adjuvant markedly improved survival and reduced tissue bacterial burden in mice infected intravenously. Vaccination induced high titers of anti-OmpA antibodies, the levels of which correlated with survival in mice. Passive transfer with immune sera recapitulated protection. Immune sera did not enhance complement-mediated killing but did enhance opsonophagocytic killing of A. baumannii. These results define active and passive immunization strategies to prevent and treat highly lethal, XDR A. baumannii infections

Protected or porous: a comparative analysis of threat detection capability of IoT safeguards

Consumer Internet of Things (IoT) devices are increasingly common, from smart speakers to security cameras, in homes. Along with their benefits come potential privacy and security threats. To limit these threats a number of commercial services have become available (IoT safeguards). The safeguards claim to provide protection against IoT privacy risks and security threats. However, the effectiveness and the associated privacy risks of these safeguards remains a key open question. In this paper, we investigate the threat detection capabilities of IoT safeguards for the first time. We develop and release an approach for automated safeguards experimentation to reveal their response to common security threats and privacy risks. We perform thousands of automated experiments using popular commercial IoT safeguards when deployed in a large IoT testbed. Our results indicate not only that these devices may be ineffective in preventing risks, but also their cloud interactions and data collection operations may introduce privacy risks for the households that adopt them