Private inter-network routing for wireless sensor networks and the Internet of Things

As computing becomes increasingly pervasive, different heterogeneous networks are connected and integrated. This is especially true in the Internet of Things (IoT) and Wireless Sensor Networks (WSN) settings. However, as different networks managed by different parties and with different security requirements are integrated, security becomes a primary concern. WSN nodes, in particular, are often deployed "in the open", where a potential attacker can gain physical access to the device. As nodes can be deployed in hostile or difficult scenarios, such as military battlefields or disaster recovery settings, it is crucial to avoid escalation from successful attacks on a single node to the whole network, and from there to other connected networks. It is therefore crucial to secure the communication within the WSN, and in particular, maintain context information, such as the network topology and the location and identity of base stations (which collect data gathered by the sensors) private. In this paper, we propose a protocol achieving anonymous routing between different interconnected IoT or WSN networks, based on the Spatial Bloom Filter (SBF) data structure. The protocol enables communications between the nodes through the use of anonymous identifiers, thus hiding the location and identity of the nodes within the network. The proposed routing strategy preserves context privacy, and prevents adversaries from learning the network structure and topology, as routing information is encrypted using a homomorphic encryption scheme, and computed only in the encrypted domain. Preserving context privacy is crucial in preventing adversaries from gaining valuable network information from a successful attacks on a single node of the network, and reduces the potential for attack escalation

An Empirical Study of the I2P Anonymity Network and its Censorship Resistance

Tor and I2P are well-known anonymity networks used by many individuals to protect their online privacy and anonymity. Tor's centralized directory services facilitate the understanding of the Tor network, as well as the measurement and visualization of its structure through the Tor Metrics project. In contrast, I2P does not rely on centralized directory servers, and thus obtaining a complete view of the network is challenging. In this work, we conduct an empirical study of the I2P network, in which we measure properties including population, churn rate, router type, and the geographic distribution of I2P peers. We find that there are currently around 32K active I2P peers in the network on a daily basis. Of these peers, 14K are located behind NAT or firewalls. Using the collected network data, we examine the blocking resistance of I2P against a censor that wants to prevent access to I2P using address-based blocking techniques. Despite the decentralized characteristics of I2P, we discover that a censor can block more than 95% of peer IP addresses known by a stable I2P client by operating only 10 routers in the network. This amounts to severe network impairment: a blocking rate of more than 70% is enough to cause significant latency in web browsing activities, while blocking more than 90% of peer IP addresses can make the network unusable. Finally, we discuss the security consequences of the network being blocked, and directions for potential approaches to make I2P more resistant to blocking.Comment: 14 pages, To appear in the 2018 Internet Measurement Conference (IMC'18

An Extensive Evaluation of the Internet's Open Proxies

Open proxies forward traffic on behalf of any Internet user. Listed on open proxy aggregator sites, they are often used to bypass geographic region restrictions or circumvent censorship. Open proxies sometimes also provide a weak form of anonymity by concealing the requestor's IP address. To better understand their behavior and performance, we conducted a comprehensive study of open proxies, encompassing more than 107,000 listed open proxies and 13M proxy requests over a 50 day period. While previous studies have focused on malicious open proxies' manipulation of HTML content to insert/modify ads, we provide a more broad study that examines the availability, success rates, diversity, and also (mis)behavior of proxies. Our results show that listed open proxies suffer poor availability--more than 92% of open proxies that appear on aggregator sites are unresponsive to proxy requests. Much more troubling, we find numerous examples of malicious open proxies in which HTML content is manipulated to mine cryptocurrency (that is, cryptojacking). We additionally detect TLS man-in-the-middle (MitM) attacks, and discover numerous instances in which binaries fetched through proxies were modified to include remote access trojans and other forms of malware. As a point of comparison, we conduct and discuss a similar measurement study of the behavior of Tor exit relays. We find no instances in which Tor relays performed TLS MitM or manipulated content, suggesting that Tor offers a far more reliable and safe form of proxied communication

Synthesis and biological evaluation of radio-iodinated benzimidazoles as SPECT imaging agents for NR2B subtype of NMDA receptor.

In this study, the benzimidazole derivatives were synthesized and evaluated as imaging agents for the NR2B subtype of NMDA receptor. Among these ligands, 2-{[4-(4-iodobenzyl)piperidin-1-yl]methyl}benzimidazol-5-ol (8) and N-{2-[4-(4-iodobenzyl)-piperidin-1-ylmethyl]benzoimidazol-5-yl}-methanesulfonamide (9) exhibited high affinity for the NR2B subunit (K(i) values; 7.28 nM for 8 and 5.75 nM for 9). In vitro autoradiography experiments demonstrated high accumulation in the forebrain regions but low in the cerebellum for both [(125)I]8 and [(125)I]9. These regional distributions of the radioligands correlated with the expression of the NR2B subunit. The in vitro binding of these ligands was inhibited by NR2B antagonist but not by other site ligands, which suggested the high selectivity of [(125)I]8 and [(125)I]9 for the NR2B subunit. In mice, the regional brain uptakes of [(125)I]8 and [(125)I]9 at 5-180 min after administration were 0.42-0.56% and 0.44-0.67% dose/g, respectively. The brain-to-blood ratio of [(125)I]8 at 180 min was reduced by 34% in the presence of non-radioactive ligands and by 59% in the presence of the NR2B ligand Ro-25,6981. These results indicated that [(125)I]8 could be partially bound to the NR2B subunit in vivo. Although the brain uptake of these benzimidazole derivatives was too low to allow for in vivo SPECT imaging, these compounds might be useful scaffolds for the development of imaging probes specific for the NMDA receptors

USENIX Association Proceedings of the

Permission is granted for noncommercial reproduction of the work for educational or research purposes

Anonymous secure data haven

Thesis (S.B. and M.Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2000.Includes bibliographical references (p. 127-133).by Roger R. Dingledine.S.B.and M.Eng

Mixminion: Strong Anonymity for Financial Cryptography

Abstract. Anonymous communication is a valuable but underused tool for securing financial communications. As early as the first commercial telegraph codes, businesses have recognized the value of cryptography to protect their communication from prying eyes. But cryptography alone still allows adversaries to discover confidential business relationships by performing traffic analysis to reveal the presence of such communication. Mixminion is an open source, deployed system under active development. It resists known forms of traffic analysis, allowing parties to communicate without revealing their identities