205 research outputs found
Fingerprinting Smart Devices Through Embedded Acoustic Components
The widespread use of smart devices gives rise to both security and privacy
concerns. Fingerprinting smart devices can assist in authenticating physical
devices, but it can also jeopardize privacy by allowing remote identification
without user awareness. We propose a novel fingerprinting approach that uses
the microphones and speakers of smart phones to uniquely identify an individual
device. During fabrication, subtle imperfections arise in device microphones
and speakers which induce anomalies in produced and received sounds. We exploit
this observation to fingerprint smart devices through playback and recording of
audio samples. We use audio-metric tools to analyze and explore different
acoustic features and analyze their ability to successfully fingerprint smart
devices. Our experiments show that it is even possible to fingerprint devices
that have the same vendor and model; we were able to accurately distinguish
over 93% of all recorded audio clips from 15 different units of the same model.
Our study identifies the prominent acoustic features capable of fingerprinting
devices with high success rate and examines the effect of background noise and
other variables on fingerprinting accuracy
X-Vine: Secure and Pseudonymous Routing Using Social Networks
Distributed hash tables suffer from several security and privacy
vulnerabilities, including the problem of Sybil attacks. Existing social
network-based solutions to mitigate the Sybil attacks in DHT routing have a
high state requirement and do not provide an adequate level of privacy. For
instance, such techniques require a user to reveal their social network
contacts. We design X-Vine, a protection mechanism for distributed hash tables
that operates entirely by communicating over social network links. As with
traditional peer-to-peer systems, X-Vine provides robustness, scalability, and
a platform for innovation. The use of social network links for communication
helps protect participant privacy and adds a new dimension of trust absent from
previous designs. X-Vine is resilient to denial of service via Sybil attacks,
and in fact is the first Sybil defense that requires only a logarithmic amount
of state per node, making it suitable for large-scale and dynamic settings.
X-Vine also helps protect the privacy of users social network contacts and
keeps their IP addresses hidden from those outside of their social circle,
providing a basis for pseudonymous communication. We first evaluate our design
with analysis and simulations, using several real world large-scale social
networking topologies. We show that the constraints of X-Vine allow the
insertion of only a logarithmic number of Sybil identities per attack edge; we
show this mitigates the impact of malicious attacks while not affecting the
performance of honest nodes. Moreover, our algorithms are efficient, maintain
low stretch, and avoid hot spots in the network. We validate our design with a
PlanetLab implementation and a Facebook plugin.Comment: 15 page
A Network Congestion control Protocol (NCP)
The transmission control protocol (TCP) which is the dominant
congestion control protocol at the transport layer is proved to have
many performance problems with the growth of the Internet. TCP for
instance results in throughput degradation for high bandwidth delay
product networks and is unfair for flows with high round trip delays.
There have been many patches and modifications to TCP all of which
inherit the problems of TCP in spite of some performance improve-
ments.
On the other hand there are clean-slate design approaches of the
Internet. The eXplicit Congestion control Protocol (XCP) and the
Rate Control Protocol (RCP) are the prominent clean slate congestion
control protocols. Nonetheless, the XCP protocol is also proved to
have its own performance problems some of which are its unfairness
to long flows (flows with high round trip delay), and many per-packet
computations at the router. As shown in this paper RCP also makes
gross approximation to its important component that it may only give
the performance reports shown in the literature for specific choices of
its parameter values and traffic patterns.
In this paper we present a new congestion control protocol called
Network congestion Control Protocol (NCP). We show that NCP can
outperform both TCP, XCP and RCP in terms of among other things
fairness and file download times.unpublishe
Tiresias: Online Anomaly Detection for Hierarchical Operational Network Data
Operational network data, management data such as customer care call logs and
equipment system logs, is a very important source of information for network
operators to detect problems in their networks. Unfortunately, there is lack of
efficient tools to automatically track and detect anomalous events on
operational data, causing ISP operators to rely on manual inspection of this
data. While anomaly detection has been widely studied in the context of network
data, operational data presents several new challenges, including the
volatility and sparseness of data, and the need to perform fast detection
(complicating application of schemes that require offline processing or
large/stable data sets to converge).
To address these challenges, we propose Tiresias, an automated approach to
locating anomalous events on hierarchical operational data. Tiresias leverages
the hierarchical structure of operational data to identify high-impact
aggregates (e.g., locations in the network, failure modes) likely to be
associated with anomalous events. To accommodate different kinds of operational
network data, Tiresias consists of an online detection algorithm with low time
and space complexity, while preserving high detection accuracy. We present
results from two case studies using operational data collected at a large
commercial IP network operated by a Tier-1 ISP: customer care call logs and
set-top box crash logs. By comparing with a reference set verified by the ISP's
operational group, we validate that Tiresias can achieve >94% accuracy in
locating anomalies. Tiresias also discovered several previously unknown
anomalies in the ISP's customer care cases, demonstrating its effectiveness
Defending Tor from Network Adversaries: A Case Study of Network Path Prediction
The Tor anonymity network has been shown vulnerable to traffic analysis
attacks by autonomous systems and Internet exchanges, which can observe
different overlay hops belonging to the same circuit. We aim to determine
whether network path prediction techniques provide an accurate picture of the
threat from such adversaries, and whether they can be used to avoid this
threat. We perform a measurement study by running traceroutes from Tor relays
to destinations around the Internet. We use the data to evaluate the accuracy
of the autonomous systems and Internet exchanges that are predicted to appear
on the path using state-of-the-art path inference techniques; we also consider
the impact that prediction errors have on Tor security, and whether it is
possible to produce a useful overestimate that does not miss important threats.
Finally, we evaluate the possibility of using these predictions to actively
avoid AS and IX adversaries and the challenges this creates for the design of
Tor
Population structure of Acrotrichis xanthocera (Matthews) (Coleoptera: Ptiliidae) in the Klamath Ecoregion of northwestern California, inferred from mitochondrial DNA sequence variation
The Klamath-Siskiyou Ecoregion of northern California and southern Oregon has extremely high biodiversity, but conservation centers on the protection of habitat for the northern spotted owl. A network of late successional reserves has been established without consideration of potential for protecting overall biodiversity, including genetic diversity. Mitochondrial DNA sequences are used to examine the population structure of Acrotrichis xanthocera (Coleoptera: Ptiliidae) sampled from five late successional reserves within the Klamath-Siskiyou Ecoregion and five comparison sites from northern California. Measures of gene flow, phylogenetic analysis, and nested clade analysis are employed to infer historical demographic and phylogeographic processes. Results show that A. xanthocera populations have undergone past range expansion, but gene flow is currently limited. Individual late successional reserves do not adequately protect the genetic variation in this species. Although further research is needed, these results are likely to be congruent for other edaphic arthropod species. Improvement of the late successional reserve system is warranted for maximum protection of the genetic diversity of soil arthropod populations
- …