BlockTag: Design and applications of a tagging system for blockchain analysis

Annotating blockchains with auxiliary data is useful for many applications. For example, e-crime investigations of illegal Tor hidden services, such as Silk Road, often involve linking Bitcoin addresses, from which money is sent or received, to user accounts and related online activities. We present BlockTag, an open-source tagging system for blockchains that facilitates such tasks. We describe BlockTag's design and present three analyses that illustrate its capabilities in the context of privacy research and law enforcement

Network Performance Improvements for Low-Latency Anonymity Networks

While advances to the Internet have enabled users to easily interact and exchange information online, they have also created several opportunities for adversaries to prey on users’ private information. Whether the motivation for data collection is commercial, where service providers sell data for marketers, or political, where a government censors, blocks and tracks its people, or even personal, for cyberstalking purposes, there is no doubt that the consequences of personal information leaks can be severe. Low-latency anonymity networks have thus emerged as a solution to allow people to surf the Internet without the fear of revealing their identities or locations. In order to provide anonymity to users, anonymity networks route users’ traffic through several intermediate relays, which causes unavoidable extra delays. However, although these networks have been originally designed to support interactive applications, due to a variety of design weaknesses, these networks offer anonymity at the expense of further intolerable performance costs, which disincentivize users from adopting these systems. In this thesis, we seek to improve the network performance of low-latency anonymity networks while maintaining the anonymity guarantees they provide to users today. As an experimentation platform, we use Tor, the most widely used privacy-preserving network that empowers people with low-latency anonymous online access. Since its introduction in 2003, Tor has successfully evolved to support hundreds of thousands of users using thousands of volunteer-operated routers run all around the world. Incidents of sudden increases in Tor’s usage, coinciding with global political events, confirm the importance of the Tor network for Internet users today. We identify four key contributors to the performance problems in low-latency anonymity networks, exemplified by Tor, that significantly impact the experience of low-latency application users. We first consider the lack of resources problem due to the resource-constrained routers, and propose multipath routing and traffic splitting to increase throughput and improve load balancing. Second, we explore the poor quality of service problem, which is exacerbated by the existence of bandwidth-consuming greedy applications in the network. We propose online traffic classification as a means of enabling quality of service for every traffic class. Next, we investigate the poor transport design problem and propose a new transport layer design for anonymous communication networks which addresses the drawbacks of previous proposals. Finally, we address the problem of the lack of congestion control by proposing an ATM-style credit-based hop-by-hop flow control algorithm which caps the queue sizes and allows all relays to react to congestion in the network. Our experimental results confirm the significant performance benefits that can be obtained using our privacy-preserving approaches

Measurement and Analysis of Bitcoin Transactions of Ransomware

Recently, more than 100,000 cases for ransomware attacks were reported in the Middle East, Turkey and Africa region [2]. Ransomware is a malware category that limits the access of users to their files by encrypting them. This malware requires victims to pay in order to get access to the decryption keys. In order to remain anonymous, ransomware requires victims to pay through the Bitcoin network. However, due to an inherent weakness in Bitcoin's anonymity model, it is possible to link identities hidden behind Bitcoin addresses by analyzing the blockchain, Bitcoin's public ledger where all of the history of transactions is stored. In this work, we investigate the feasibility of linking users, as identities represented by Bitcoin's public addresses, to addresses owned by entities operating ransomware. To demonstrate how such linking is possible, we crawled BitcoinTalk, a famous forum for Bitcoin related discussions, and a subset of Twitter public datasets. Out of nearly 5B tweets and 1M forum pages, we found 4.2K and 41K unique online identities, respectively, along with their public personal information and Bitcoin addresses. Then we expanded these datasets of users by using closure analysis, where a Bitcoin address is used to identify a set of other addresses that are highly likely to be controlled by the same user. This allowed us to collect thousands more Bitcoin addresses for the users. By analyzing transactions in the blockchain, we were able to link 6 unique identities to different ransomware operators including CryptoWall [1] and WannaCry [3]. Moreover, in order to get insights into the economy and activity of these Ransomware addresses, we analyzed the money flow of these addresses along with the timestamps associated with transactions involving them. We observed that ransomware addresses were active from 2014 to 2017, with an average lifetime of nearly 62 days. While some addresses were only active during a certain year, others were operating for more than 3 years. We also observed that the revenue of these malware exceeds USD 6M for CryptoWall, and ranges from USD 3.8K to USD 700K for ransomware such as WannaCry and CryptoLocker, with an average number of transactions of nearly 52. One address associated with CryptoLocker ransomware also had a large amount of Bitcoins worth more than USD 34M at the time of writing. Finally, we believe that such type of analysis can potentially be used as a forensic tool to investigate ransomware attacks and possibly help authorities trace the roots of such malware. 1- «Ransom Cryptowall.» Symantec. June 14, 2014. Accessed November 01, 2017. https://www.symantec.com/security_response/writeup.jsp?docid = 2014-061923-2824-99.2- Varghese, Joseph. «Ransomware could be deadly, cyber security expert warns.» Gulf Times. May 05, 2017. Accessed November 01, 2017. http://www.gulf times.com/story/546937/Ransomware-could-be-deadly-cyber-security-expert-w.3- Woollaston, Victoria. «WannaCry ransomware: what is it and how to protect yourself.» WIRED. June 28, 2017. Accessed November 01, 2017. http://www.wired.co.uk/article/wannacry-ransomware-virus-patch.qscienc

SLiFi: Exploiting Visible Light Communication VLC to Authenticate WiFi Access Points

This work presents an effective and efficient solution (SLiFi) to the evil twin attack in wireless networks. The evil twin is a rogue Wifi Access Point (AP) that pretends to be an authentic one by using the same network configuration, including the (i) Service Set Identifier (SSID), (ii) the communication channel, and finally (iii) the MAC address of the purported AP. The evil twin is a trap set-up by an adversary willing to eavesdrop on the user's Internet traffic. The attack is relatively easy to implement, hard to detect and it can have a severe impact on a user's privacy. Many researchers focused on this attack and provided defences from different perspectives: network, access point and client side. Unfortunately, all the solutions provided so far are still not ready for mass deployment since they involve significant modifications to the 802.11 WiFi protocol. In the following, we report some of the most important ones. Gonzales et al. [1] proposed to construct a context vector containing the order of all APs detected at a particular time, with their SSID and RSSI values. This enables the client to compare its future associations with the stored context vector. Bauer et al. [2] proposed SWAT which is a request-response protocol. This approach provides a one-way AP authentication and allows the client to establish a connection to the network through a shared secret key to create a secure session based on the principle of trust-on-first-use (TOFU). Lanze et al. [3] introduced a new technique using the aircrack-ng suite. The tool airbase-ng is set up on all the devices and the beacon frames are collected from various APs. The proposed approach compares the Timing Synchronization Function (TSF) timestamps and their corresponding receiving times in order to spot anomalies due to message proxying and therefore, the presence of a malicious AP. Finally, Gangasagare et al. [4] propose a fingerprinting technique based on network traffic enabling to detect if the AP relays the traffic through another wireless connection. SLiFi does not require any changes to the already existing communication protocols and it enables the access point authentication (by the users) in a fast and reliable way. Indeed, SLiFi enables the user to authenticate the legitimate AP by exploiting a Visible Light Communication (VLC) channel. SLiFi involves two parties, i.e., the (honest) AP provided with a Wi-Fi interface and able to transmit data through a VLC channel, and an end-user, provided with a software that enables data to be read from a VLC channel, e.g., by using a webcam. SLiFi exploits four phases: AP's Public Key (PubKey) broadcast. The AP transmits its own PubKey to the end-user via an authenticated channel (VLC). The PubKey broadcast process is completely transparent to the user since each bit of the PubKey is delivered by quickly switching on and off the light of the room in which the user is. This is achieved by standard techniques of VLC: the human eye cannot perceive the fast blinking light but other devices, such as special webcams, can detect the brightness change. Subsequently, the brightness changes can be translated to a sequence of bit values. Seed generation. The end-user retrieves the public key from the VLC channel by using a webcam and transmits back to the AP a randomly generated seed encrypted with the AP's public key. The PubKey is securely delivered to the user since any other non-authorized light source can be easily spotted. Therefore, only one authorized VLC transmitter will be in place and it will deliver the PubKey of the AP. The client can now use the trusted PubKey to send back to the AP an encrypted seed to be used for the key generation. Secret key generation. The AP receives the user's encrypted seed via the Wi-Fi channel, decrypts the seed using its private key, and sends an acknowledgment message encrypted with the seed back to the end-user. This phase performs the key-agreement and both the AP and the user's device converge to a shared secret key. Encrypted communication. Any further communications between the end-user and the AP will be encrypted with the shared secret key, i.e., the seed generated by the client. SLiFi is compliant with multiple clients, indeed the AP can easily deal with concurrent communications. Moreover, from a practical perspective, SLiFi can be adopted to only generate the shared secret key and passing it to the already existing encryption algorithm, e.g., WPA2 or WPA2-Enterprise. To evaluate SliFi, we built a proof-of-concept using a (1) Raspberry Pi which emulates the AP, a (2) set of LEDs to transmit the PubKey, and (3) standard laptops to act as clients with webcams. All the software components have been implemented and tested. We performed several tests to evaluate the feasibility of our solution. To test reliability of VLC transmission, we ran various experiments to measure the Public key transmission errors as a function of the VLC bit-rate, and we observed that PubKey can reliability transmitted within a reasonable time frame. Finally, our results prove the feasibility of the solution in terms of time to establish the key and robustness to the evil-twin attack. References 1. H. Gonzales, K. Bauer, J. Lindqvist, D. McCoy, and D. Sicker. Practical Defenses for Evil Twin Attacks in 802.11. In IEEE Globecom Communications and Information Security Symposium (Globecom 2010), Miami, FL, December 2010. 2. K. Bauer, H. Gonzales, and D. McCoy. Mitigating Evil Twin Attacks in 802.11. January 2009. 3. F. Lanze, A. Panchenko, T. Engel, and I. Alcaide. Undesired Relatives: Protection Mechanisms against the Evil Twin Attack in IEEE 802.11. 4. M. Gangasagare. Active User-Side Evil Twin Access Point Detection. International Journal of Scientific & Engineering Research, May 2014.qscienc