296 research outputs found
Why (and How) Networks Should Run Themselves
The proliferation of networked devices, systems, and applications that we
depend on every day makes managing networks more important than ever. The
increasing security, availability, and performance demands of these
applications suggest that these increasingly difficult network management
problems be solved in real time, across a complex web of interacting protocols
and systems. Alas, just as the importance of network management has increased,
the network has grown so complex that it is seemingly unmanageable. In this new
era, network management requires a fundamentally new approach. Instead of
optimizations based on closed-form analysis of individual protocols, network
operators need data-driven, machine-learning-based models of end-to-end and
application performance based on high-level policy goals and a holistic view of
the underlying components. Instead of anomaly detection algorithms that operate
on offline analysis of network traces, operators need classification and
detection algorithms that can make real-time, closed-loop decisions. Networks
should learn to drive themselves. This paper explores this concept, discussing
how we might attain this ambitious goal by more closely coupling measurement
with real-time control and by relying on learning for inference and prediction
about a networked application or system, as opposed to closed-form analysis of
individual protocols
Automatically Generating a Large, Culture-Specific Blocklist for China
Internet censorship measurements rely on lists of websites to be tested, or
"block lists" that are curated by third parties. Unfortunately, many of these
lists are not public, and those that are tend to focus on a small group of
topics, leaving other types of sites and services untested. To increase and
diversify the set of sites on existing block lists, we use natural language
processing and search engines to automatically discover a much wider range of
websites that are censored in China. Using these techniques, we create a list
of 1125 websites outside the Alexa Top 1,000 that cover Chinese politics,
minority human rights organizations, oppressed religions, and more.
Importantly, . The list that we develop not only vastly expands the set
of sites that current Internet measurement tools can test, but it also deepens
our understanding of the nature of content that is censored in China. We have
released both this new block list and the code for generating it
A Developer-Friendly Library for Smart Home IoT Privacy-Preserving Traffic Obfuscation
The number and variety of Internet-connected devices have grown enormously in
the past few years, presenting new challenges to security and privacy. Research
has shown that network adversaries can use traffic rate metadata from consumer
IoT devices to infer sensitive user activities. Shaping traffic flows to fit
distributions independent of user activities can protect privacy, but this
approach has seen little adoption due to required developer effort and overhead
bandwidth costs. Here, we present a Python library for IoT developers to easily
integrate privacy-preserving traffic shaping into their products. The library
replaces standard networking functions with versions that automatically
obfuscate device traffic patterns through a combination of payload padding,
fragmentation, and randomized cover traffic. Our library successfully preserves
user privacy and requires approximately 4 KB/s overhead bandwidth for IoT
devices with low send rates or high latency tolerances. This overhead is
reasonable given normal Internet speeds in American homes and is an improvement
on the bandwidth requirements of existing solutions.Comment: 6 pages, 6 figure
Machine Learning DDoS Detection for Consumer Internet of Things Devices
An increasing number of Internet of Things (IoT) devices are connecting to
the Internet, yet many of these devices are fundamentally insecure, exposing
the Internet to a variety of attacks. Botnets such as Mirai have used insecure
consumer IoT devices to conduct distributed denial of service (DDoS) attacks on
critical Internet infrastructure. This motivates the development of new
techniques to automatically detect consumer IoT attack traffic. In this paper,
we demonstrate that using IoT-specific network behaviors (e.g. limited number
of endpoints and regular time intervals between packets) to inform feature
selection can result in high accuracy DDoS detection in IoT network traffic
with a variety of machine learning algorithms, including neural networks. These
results indicate that home gateway routers or other network middleboxes could
automatically detect local IoT device sources of DDoS attacks using low-cost
machine learning algorithms and traffic data that is flow-based and
protocol-agnostic.Comment: 7 pages, 3 figures, 3 tables, appears in the 2018 Workshop on Deep
Learning and Security (DLS '18
Evaluating the Contextual Integrity of Privacy Regulation: Parents' IoT Toy Privacy Norms Versus COPPA
Increased concern about data privacy has prompted new and updated data
protection regulations worldwide. However, there has been no rigorous way to
test whether the practices mandated by these regulations actually align with
the privacy norms of affected populations. Here, we demonstrate that surveys
based on the theory of contextual integrity provide a quantifiable and scalable
method for measuring the conformity of specific regulatory provisions to
privacy norms. We apply this method to the U.S. Children's Online Privacy
Protection Act (COPPA), surveying 195 parents and providing the first data that
COPPA's mandates generally align with parents' privacy expectations for
Internet-connected "smart" children's toys. Nevertheless, variations in the
acceptability of data collection across specific smart toys, information types,
parent ages, and other conditions emphasize the importance of detailed
contextual factors to privacy norms, which may not be adequately captured by
COPPA.Comment: 18 pages, 1 table, 4 figures, 2 appendice
- …