131 research outputs found
Measuring and mitigating AS-level adversaries against Tor
The popularity of Tor as an anonymity system has made it a popular target for
a variety of attacks. We focus on traffic correlation attacks, which are no
longer solely in the realm of academic research with recent revelations about
the NSA and GCHQ actively working to implement them in practice.
Our first contribution is an empirical study that allows us to gain a high
fidelity snapshot of the threat of traffic correlation attacks in the wild. We
find that up to 40% of all circuits created by Tor are vulnerable to attacks by
traffic correlation from Autonomous System (AS)-level adversaries, 42% from
colluding AS-level adversaries, and 85% from state-level adversaries. In
addition, we find that in some regions (notably, China and Iran) there exist
many cases where over 95% of all possible circuits are vulnerable to
correlation attacks, emphasizing the need for AS-aware relay-selection.
To mitigate the threat of such attacks, we build Astoria--an AS-aware Tor
client. Astoria leverages recent developments in network measurement to perform
path-prediction and intelligent relay selection. Astoria reduces the number of
vulnerable circuits to 2% against AS-level adversaries, under 5% against
colluding AS-level adversaries, and 25% against state-level adversaries. In
addition, Astoria load balances across the Tor network so as to not overload
any set of relays.Comment: Appearing at NDSS 201
A Survey on the Evolution of Cryptographic Protocols in ePassports
ePassports are biometric identification documents that contain RFID Tags and are primarily used for border security. The embedded RFID Tags are capable of storing data, performing low cost computations and cryptography, and communicating wirelessly. Since 2004, we have witnessed the development and widespread deployment of three generations of electronic passports - The ICAO First Generation ePassport (2004), Extended Access Control (EAC v1.0) ePassports (2006), and Extended Access Control with Password Authentication and Connection Establishment (EAC v2.1) ePassports (2008). Currently, over thirty million ePassports have been issued around the world. In this paper, we provide an introductory study of the technologies implemented in ePassports - Biometrics, RFID, and Public Key Infrastructures; and then go on to analyze the protocols implemented in each of the three generations of ePassports, finally we point out their shortcomings and scope for future related research
ATOM: A Generalizable Technique for Inferring Tracker-Advertiser Data Sharing in the Online Behavioral Advertising Ecosystem
Data sharing between online trackers and advertisers is a key component in
online behavioral advertising. This sharing can be facilitated through a
variety of processes, including those not observable to the user's browser. The
unobservability of these processes limits the ability of researchers and
auditors seeking to verify compliance with regulations which require complete
disclosure of data sharing partners. Unfortunately, the applicability of
existing techniques to make inferences about unobservable data sharing
relationships is limited due to their dependence on protocol- or case-specific
artifacts of the online behavioral advertising ecosystem (e.g., they work only
when client-side header bidding is used for ad delivery or when advertisers
perform ad retargeting). As behavioral advertising technologies continue to
evolve rapidly, the availability of these artifacts and the effectiveness of
transparency solutions dependent on them remain ephemeral. In this paper, we
propose a generalizable technique, called ATOM, to infer data sharing
relationships between online trackers and advertisers. ATOM is different from
prior work in that it is universally applicable -- i.e., independent of ad
delivery protocols or availability of artifacts. ATOM leverages the insight
that by the very nature of behavioral advertising, ad creatives themselves can
be used to infer data sharing between trackers and advertisers -- after all,
the topics and brands showcased in an ad are dependent on the data available to
the advertiser. Therefore, by selectively blocking trackers and monitoring
changes in the characteristics of ads delivered by advertisers, ATOM is able to
identify data sharing relationships between trackers and advertisers. The
relationships discovered by our implementation of ATOM include those not found
using prior approaches and are validated by external sources.Comment: Accepted at PETS'22 16 Pages 3 Tables 2 Figure
The Inventory is Dark and Full of Misinformation: Understanding the Abuse of Ad Inventory Pooling in the Ad-Tech Supply Chain
Ad-tech enables publishers to programmatically sell their ad inventory to
millions of demand partners through a complex supply chain. Bogus or low
quality publishers can exploit the opaque nature of the ad-tech to deceptively
monetize their ad inventory. In this paper, we investigate for the first time
how misinformation sites subvert the ad-tech transparency standards and pool
their ad inventory with unrelated sites to circumvent brand safety protections.
We find that a few major ad exchanges are disproportionately responsible for
the dark pools that are exploited by misinformation websites. We further find
evidence that dark pooling allows misinformation sites to deceptively sell
their ad inventory to reputable brands. We conclude with a discussion of
potential countermeasures such as better vetting of ad exchange partners,
adoption of new ad-tech transparency standards that enable end-to-end
validation of the ad-tech supply chain, as well as widespread deployment of
independent audits like ours.Comment: To appear at IEEE Symposium on Security & Privacy (Oakland) 202
- …