DOCSLIB.ORG

Network Security

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Network Security Cristina Nita-Rotaru CS6740: Network security Anonymity. Sources 1. Crowds: http://avirubin.com/crowds.pdf 2. Chaum mix: http://www.ovmj.org/GNUnet/papers/p84-chaum.pdf 3. To r : https://svn.torproject.org/svn/projects/design-paper/tor-design.pdf 4. Predecessors attack: http://prisms.cs.umass.edu/brian/pubs/wright-tissec.pdf 5. Also based on slides prepared by Chi-Cun Chan. 2 Anonymity systems. 1: Motivation Anonymity Anonymity (``without name’’) means that a person is not identifiable within a set of subjects } Unlinkability of action and identity } For example, sender and his email are no more related after adversary’s observations than they were before } Who talks to whom } Unobservability } Adversary cannot tell whether someone is using a particular system and/or protocol 4 Anonymity systems. There is no anonymity on the Internet } Your IP address can be linked directly to you } ISPs store communications records } Usually for several years (Data Retention Laws) } Law enforcement can subpoena these records } Your browser is being tracked } Cookies, Flash cookies, E-Tags, HTML5 Storage } Browser fingerprinting } Your activities can be used to identify you } Unique websites and apps that you use } Types of links that you click 5 Anonymity systems. Wiretapping is ubiquitous } Wireless traffic can be trivially intercepted } Airsnort, Firesheep, etc. } Wifi and Cellular traffic! } Encryption helps, if it’s strong } WEP and WPA are both vulnerable! } Tier 1 ASs and IXPs are compromised } NSA, GCHQ, “5 Eyes” } ~1% of all Internet traffic } Focus on encrypted traffic 6 Anonymity systems. Who uses anonymity systems? } “If you’re not doing anything wrong, you shouldn’t have anything to hide.” } Implies that anonymous communication is for criminals } The truth: who uses Tor? } Journalists } Law enforcement ¤ Business executives } Human rights activists ¤ Military/intelligence personnel } Normal people ¤ Abuse victims } In fact, the predecesor of Tor was developed by the U.S. Naval Research Laboratory. 7 Anonymity systems. Why do we need anonymity? } To protect privacy } Avoid tracking by advertising companies } Viewing sensitive content } Information on medical conditions } Advice on bankruptcy } Protection from prosecution } Not every country guarantees free speech } Downloading copyrighted material } To prevent chilling-effects } It’s easier to voice unpopular or controversial opinions if you are anonymous 8 Anonymity systems. Relevant applications } Anonymous communication } Anonymizing bulletin board and email } Electronic voting } Incident reporting } Anonymous e-commerce } Private information retrieval 9 Anonymity systems. Anonymity layer Application } Function: } Hide the source, destination, and Anonymity content of Internet flows from eavesdroppers Presentation } Key challenge: } Defining and quantifying anonymity Session } Building systems that are resilient to Transport deanonymization Network } Maintaining performance Data Link Physical10 Anonymity systems. 2: Terminology Quantifying anonymity: Anonymity set } Hiding one’s action in many others’ actions } Anonymity set: a group of users in which every one is equally-probable to be associated with a given action ⇒ every one has certain degree of innocence or deniability to an action u1 u2 u3 u4 12 Anonymity systems. More definitions } Unlinkability } From the adversaries perspective, the inability the link two or more items of interess; E.g. packets, events, people, actions, etc. } Three parts: } Sender anonymity (who sent this?) } Receiver anonymity (who is the destination?) } Relationship anonymity (are sender A and receiver B linked?) } Unobservability } From the adversaries perspective, items of interest are indistinguishable from all other items 13 Anonymity systems. Types of adversary } Passive/Active } Passive: eavesdrop traffic } Active: able to observe, delay, alter and drop messages in the system } Local/Global } Local: able to observe traffic to/form user’s network link, within LAN } Global: able to observe effectively large amount or all network links, across LAN boundaries } Internal/External } Internal: participants in the anonymity system, adversary-operated nodes } External: not participate in the protocol but may be able to observe, inject or modify traffic in the system 14 Anonymity systems. TLS does not provide anonymity Data Traffic } Content is unobservable } Due to encryption } Source and destination are trivially linkable } No anonymity! 15 Anonymity systems. Anonymizing proxies HTTPS Proxy No anonymity! } Source is known ¨ Destination is } Destination known anonymity ¨ Source anonymity 16 Anonymity systems. Anonymizing VPNs VPN Gateway No anonymity! } Source is known Ø Destination is } Destination known anonymity Ø Source anonymity 17 Anonymity systems. Using content to Deanonymize HTTPS Proxy • Reading Gmail • Looking up directions to home No anonymity! • Updating your Facebook profile • Etc… 18 Anonymity systems. Statistical inference attacks VPN Gateway } Statistical analysis of traffic patterns can compromise anonymity, i.e. the timing and/or volume of packets 19 Anonymity systems. Data to protect } Personally Identifiable Information (PII) } Name, address, phone number, etc. } OS and browser information } Cookies, etc. } Language information } IP address } Amount of data sent and received } Traffic timing 20 Anonymity systems. Key systems/concepts } Mixes and mixnets } Crowds } Onion routing 21 Anonymity systems. 3: Mixnets. MIX-based systems } Introduced by David Chaum (1981) for anonymous email; has been generalized to TCP traffic } Uses relay servers (MIXes) for anonymous communication } Goals } Sender anonymity } Unlinkability against global eavesdroppers } Idea: Messages from sender “look” (contents, time) differently than messages to recipient } Had impact on other ideas such as: onion routing, traffic mixing, dummy traffic (a.k.a. cover traffic) 23 Anonymity systems. MIX – basic operations } A mix is a store-and-forward relay } Batching } collect fixed-length messages from different sources } accumulate a batch of n messages } Mixing } cryptographically transform collected messages } forwarding messages to their recipients in random order 24 Anonymity systems. MIX - example } Each mix has a public key } Each sender encrypts its message (with randomness) using public key of mix u1 1. Collects messages 2. Discards repeated messages u2 3 .Decrypts messages and accumulates in batch u3 4. Reorder messages in batch and delivers u4 Mix 25 Anonymity systems. MIX - variants } Single mix (also single point of trust, attack and failure) } Mix cascade } Mix network } Different ways of batch and mix operations u1 u2 Batch and Batch and Mix Mix u3 u4 Mix Mix 26 Anonymity systems. MIX (cont.) } Traditional designs are message-based } Advantage: Hinders timing attacks } Messages may be artificially delayed } Temporal correlation is warped } Disadvantage: high latency and asynchronous due to batch and mix operations } may be acceptable for applications like email } frustrating user experience in low latency or interactive applications: web browsing, instant messaging, SSH } Alternatives: circuit-based designs 27 Anonymity systems. Return Traffic } In a mix network, how can the destination respond to the sender? } During path establishment, the sender places keys at each mix along the path } Data is re-encrypted as it travels the reverse path K <KP1 , KS1> KP1 KP2 P3 <KP2 , KS2> <KP3 , KS3> 28 Anonymity systems. Node flushing attack } Intended to defeat MIX-based systems } Flooding attack, (n-1) attack } Flood a node with identifiable fake messages but leave a room for a single message to be traced } Link user’s input message with messages leaving the node A A A u1 Mix 29 Anonymity systems. Trickle attack } Trickle, flushing attack - referred as blending attack } Suppose a MIX accumulates and emits messages in rounds } An active attacker holds a target message until the mix emits a batch of messages } He then submits target message to mix while blocking other incoming messages } Only the target message is emitted in the next round } Requires control over traffic flow 30 Anonymity systems. Packet counting attack } Count the number of messages entering a node and leaving an anonymous tunnel } Constant link padding may help: } Two nodes exchange a constant number of same-sized packets per time unit } Generate dummy traffic on idle or lightly loaded links } Costly 102 521 520 node 99 3 X 65 62 31 Anonymity systems. Dummy / Cover Traffic } Simple idea: } Send useless traffic to help obfuscate real traffic 32 Anonymity systems. Summary for Mixes } Key idea is to gather a bunch of messages, then mix them and output in random order } Can be used as a network } Resilient to timing attacks but possible attacks include packet counting, flushing, etc } Disadvantage is that it is slow 33 Anonymity systems. 4: Crowds Crowds } Key idea } Users’ traffic blends into a crowd of users } Eavesdroppers and end-hosts don’t know which user originated what traffic } High-level implementation } Every user runs a proxy on their system } Proxy is called a jondo } From “John Doe,” i.e. an unknown person } When a message is received, select x � [0, 1] } If x > pf: forward the message to a random jondo } Else: deliver the message to the actual receiver 35 Anonymity systems. Crowds } Anonymous web browsing } Dynamic collecting users (jondo) in a group (crowd) } Member list maintained in a central server (blender) j2 j4 s1 Crowd j1 s2 j3 Web servers 36 Anonymity systems. Crowds
Load more

Recommended publications
  • Nor'easter News Volume 2 Issue 5
    Established 2007 N ...........R'EASTER NEWS Make a Dif­ Setting the Re­ ference, Be a cord Straight Mentor on Housing BY ANDREW FREDETTE BY MICHAEL CAMPINELL Nor'easter Staff Nor'easter Staff Have you ever wondered Right after the hous­ what it would be like to have a ing selection for the 2009 - 2010 mentor when you where growing school year happened, rumors up? Wonder what the experience starting spreading like wildfire. might do for you and the experi­ This article is to help set those ru­ ence you might gain? Growing mors straight. Information in this up is a part of life that not ev­ article was received from Jennifer eryone wants to do. But there are Deburro-Jones, the Director oJ ways to revert to your child hood Residential Life at UNE. She and and feel like a kid again. UNE is I have spoke on several occasions running a mentor program with about the many different aspects the College Community Men­ of housing at UNE and she has toring Program. also sent me answers to specific The program consists of 55 questions about the housing se­ mentors right now who are all lection process and what is hap­ UNE students, and the group of TY GOWEN, NOR'EASTER NEWS pening next year. BUSH CENTER: George H.W. and Barbara Bush address UNE at the dedication ceremony on October 3, 2008. children they work with are any One of the first rumors is that where from kindergarten all the housing selection numbers are way to 8th grade. The age of the International Center not actually random.
    [Show full text]
  • Introduction Points
    Introduction Points Ahmia.fi - Clearnet search engine for Tor Hidden Services (allows you to add new sites to its database) TORLINKS Directory for .onion sites, moderated. Core.onion - Simple onion bootstrapping Deepsearch - Another search engine. DuckDuckGo - A Hidden Service that searches the clearnet. TORCH - Tor Search Engine. Claims to index around 1.1 Million pages. Welcome, We've been expecting you! - Links to basic encryption guides. Onion Mail - SMTP/IMAP/POP3. ***@onionmail.in address. URSSMail - Anonymous and, most important, SECURE! Located in 3 different servers from across the globe. Hidden Wiki Mirror - Good mirror of the Hidden Wiki, in the case of downtime. Where's pedophilia? I WANT IT! Keep calm and see this. Enter at your own risk. Site with gore content is well below. Discover it! Financial Services Currencies, banks, money markets, clearing houses, exchangers. The Green Machine Forum type marketplace for CCs, Paypals, etc.... Some very good vendors here!!!! Paypal-Coins - Buy a paypal account and receive the balance in your bitcoin wallet. Acrimonious2 - Oldest escrowprovider in onionland. BitBond - 5% return per week on Bitcoin Bonds. OnionBC Anonymous Bitcoin eWallet, mixing service and Escrow system. Nice site with many features. The PaypalDome Live Paypal accounts with good balances - buy some, and fix your financial situation for awhile. EasyCoin - Bitcoin Wallet with free Bitcoin Mixer. WeBuyBitcoins - Sell your Bitcoins for Cash (USD), ACH, WU/MG, LR, PayPal and more. Cheap Euros - 20€ Counterfeit bills. Unbeatable prices!! OnionWallet - Anonymous Bitcoin Wallet and Bitcoin Laundry. BestPal BestPal is your Best Pal, if you need money fast. Sells stolen PP accounts.
    [Show full text]
  • El Gamal Mix-Nets and Implementation of a Verifier
    KTH Royal Institute of Technology School of Computer Science and Communication El Gamal Mix-Nets and Implementation of a Verifier SA104X Degree Project in Engineering Physics Erik Larsson ([email protected]) Carl Svensson ([email protected]) Supervisor: Douglas Wikstr¨om Abstract A mix-net is a cryptographic protocol based on public key cryptography which enables untraceable communication through a collection of nodes. One important application is electronic voting where it enables the construction of systems which satisfies many voting security requirements, including veri- fiability of correct execution. Verificatum is an implementation of a mix-net by Douglas Wikstr¨om. This report concerns the implementation of a verifier and evaluation of the implementation manual for the Verificatum mix-net. The purpose of the document is to enable third parties to convince themselves that the mix- net has behaved correctly without revealing any secret information. This implementation is a simple version of the verifier using the document and some test vectors generated by the mix-net. The document contains all information but there are still some possibilities for further clarification in order to make it comprehensible to a larger audience. Contents 1 Introduction 2 1.1 Verificatum . 2 1.2 Goals and Scope . 3 2 Background 3 2.1 El Gamal Cryptography . 3 2.1.1 Definition . 4 2.1.2 Security . 4 2.1.3 Properties . 5 2.2 Cryptographic Primitives . 6 2.2.1 Hash functions . 6 2.2.2 Pseudo Random Generators . 6 2.2.3 Random Oracles . 7 2.3 Mix Networks . 7 2.3.1 Overview . 7 2.3.2 El Gamal Mix-Nets .
    [Show full text]
  • Multiparty Routing: Secure Routing for Mixnets
    Multiparty Routing: Secure Routing for Mixnets Fatemeh Shirazi Elena Andreeva Markulf Kohlweiss Claudia Diaz imec - COSIC KU Leuven imec - COSIC KU Leuven Microsoft Research imec - COSIC KU Leuven Leuven, Belgium Leuven, Belgium Cambridge, UK Leuven, Belgium Abstract—Anonymous communication networks are impor- re-mailer, Freenet [5], [6] used for anonymous file-sharing, and tant building blocks for online privacy protection. One approach DC-Nets [7] that can be deployed for broadcast applications to achieve anonymity is to relay messages through multiple such as group messaging. routers, where each router shuffles messages independently. To achieve anonymity, at least one router needs to be honest. The goal of ACNs is to anonymize communications by In the presence of an adversary that is controlling a subset relaying them over multiple routers. There are three main types of the routers unbiased routing is important for guaranteeing of anonymous routing in terms of how routers are chosen to anonymity. However, the routing strategy also influenced other form the path. factors such as the scalability and the performance of the system. One solution is to use a fixed route for relaying all messages First, in deterministic routing, the paths are predetermined with many routers. If the route is not fixed the routing decision by the system configuration. Chaum’s original ACN pro- can either be made by the communication initiator or the posal [1] considered a sequence of mixes organized in a intermediate routers. However, the existing routing types each cascade. Systems that adopted the cascade network topology have limitations. For example, one faces scalability issues when in their designs include JAP [8], and voting systems, such as increasing the throughput of systems with fixed routes.
    [Show full text]
  • Quase 700 Sites Onion, a MAIORIA ESTÁ ONLINE
    Quase 700 sites onion, A MAIORIA ESTÁ ONLINE (ALGUNS NÃO SÃO 24HRS ONLINE) APROVEITE, TENHA CAUTELA A VISITAR SITES SEM LEGENDA, NÃO SABEMOS O QUE É OU O QUE V AI ENCONTRAR EU NÃO TESTEI TODOS OS SITES, OBVIAMENTE. http://2222243pi3jvhgnt.onion/ The Nowhere Server (restored from FH) http://222224h72gngmbr4.onion/ The Nowhere Server (restored from FH) http://2222266ahj25j5j2.onion/ The Nowhere Server (restored from FH) http://2223t4sermipwasm.onion/ The Nowhere Server (restored from FH) http://23tjl3xpt5btiqms.onion/ W38M411 - Login http://25ffhnaechrbzwf3.onion/ NL Growers - Coffee Shop grade Cannabis from the Netherlands - Weed, Hash, Marijuana, Cannabis for Bitcoins http://2atptz66l5aepcbj.onion/ Hacktivisme libre http://2bicbge75gy5xjso.onion/ Sam's Drug Store http://2cmg43zpfbelgwlw.onion/ http://2fqgjzbb2h7yevom.onion/ http://2gxxzwnj52jutais.onion/ The Nowhere Server (restored from FH) http://2jv5r7k66ralyk3g.onion/ http://2kcreatydoneqybu.onion/ Einloggen http://2kka4f23pcxgqkpv.onion/ Euro Guns - Number one guns dealer in onionland - Buy guns and ammo for Bitcoin. http://2ogmrlfzdthnwkez.onion/ Rent-A-Hacker - Hire a hacker for every job you c an imagine, from DDOS to completely ruining people or destroy reputation of a co mpany or individual http://2oztyiaxrr3vijwe.onion/ Index of / http://2pdkdy3eo552mpiz.onion/ http://2q4ryi45p6har5w2.onion/ I2P Downloads from kytv http://2qhtfzoxe24d5gxe.onion/ System Setup Required http://2qtnwm3zdbn52nxt.onion/ Hidden Service #6 http://2r2tz6wzqh7gaji7.onion/ KAVKAZ CENTER http://2xtsq3ekkxjpfm4l.onion/
    [Show full text]
  • Walking Onions: Scaling Anonymity Networks While Protecting Users Chelsea H
    Walking Onions: Scaling Anonymity Networks while Protecting Users Chelsea H. Komlo, University of Waterloo; Nick Mathewson, The Tor Project; Ian Goldberg, University of Waterloo https://www.usenix.org/conference/usenixsecurity20/presentation/komlo This paper is included in the Proceedings of the 29th USENIX Security Symposium. August 12–14, 2020 978-1-939133-17-5 Open access to the Proceedings of the 29th USENIX Security Symposium is sponsored by USENIX. Walking Onions: Scaling Anonymity Networks while Protecting Users Chelsea H. Komlo Nick Mathewson Ian Goldberg University of Waterloo The Tor Project University of Waterloo Abstract Anonymity networks in practice [13] have prevented these Scaling anonymity networks offers unique security chal- attacks by requiring all participants to share a globally consis- lenges, as attackers can exploit differing views of the net- tent view of the entire state of the network, and giving clients work’s topology to perform epistemic and route capture at- complete control over selecting relays for their paths. While tacks. Anonymity networks in practice, such as Tor, have this approach prevents the described attacks, requiring a glob- opted for security over scalability by requiring participants ally consistent view results in quadratic bandwidth growth as to share a globally consistent view of all relays to prevent the number of clients increases [26], because the number of these kinds of attacks. Such an approach requires each user relays must also increase to provide more capacity, and all to maintain up-to-date information about every relay, causing parties must download information about all relays. While the total amount of data each user must download every epoch today’s Tor network requires only approximately half a per- to scale linearly with the number of relays.
    [Show full text]
  • A System for Privacy-Preserving Mobile Health and Fitness Data Sharing: Design, Implemen- Tation and Evaluation Master Thesis SEEMOO-MSC-0076
    A SYSTEM FOR PRIVACY-PRESERVING MOBILE HEALTH AND FITNESSDATASHARING:DESIGN,IMPLEMENTATIONAND E VA L U AT I O N max jakob maaß Master Thesis April 15, 2016 Secure Mobile Networking Lab Department of Computer Science A System for Privacy-Preserving Mobile Health and Fitness Data Sharing: Design, Implemen- tation and Evaluation Master Thesis SEEMOO-MSC-0076 Submitted by Max Jakob Maaß Date of submission: April 15, 2016 Advisor: Prof. Dr.-Ing. Matthias Hollick Supervisor: Prof. Dr.-Ing. Matthias Hollick Technische Universität Darmstadt Department of Computer Science Secure Mobile Networking Lab ABSTRACT The growing spread of smartphones and other mobile devices has given rise to a number of health and fitness applications. Users can track their calorie intake, get reminders to take their medication, and track their fitness workouts. Many of these services have social com- ponents, allowing users to find like-minded peers, compete with their friends, or participate in open challenges. However, the prevalent ser- vice model forces users to disclose all of their data to the service provider. This may include sensitive information, like their current position or medical conditions. In this thesis, we will design, imple- ment and evaluate a privacy-preserving fitness data sharing system. The system provides privacy not only towards other users, but also against the service provider, does not require any Trusted Third Par- ties (TTPs), and is backed by strong cryptography. Additionally, it hides the communication metadata (i.e. who is sharing data with whom). We evaluate the security of the system with empirical and formal methods, including formal proofs for parts of the system.
    [Show full text]
  • Responsible Vendors, Intelligent Consumers: Silk Road, the Online
    EXHIBIT 3 G Model DRUPOL-1273; No. of Pages 7 ARTICLE IN PRESS International Journal of Drug Policy xxx (2013) xxx–xxx Contents lists available at ScienceDirect International Journal of Drug Policy jo urnal homepage: www.elsevier.com/locate/drugpo Editors’ choice Responsible vendors, intelligent consumers: Silk Road, the online revolution in drug trading a,∗ b Marie Claire Van Hout , Tim Bingham a School of Health Sciences, Waterford Institute of Technology, Waterford, Ireland b Irish Needle Exchange Forum, Ireland a r a t i c l e i n f o b s t r a c t Article history: Background: Silk Road is located on the Deep Web and provides an anonymous transacting infrastructure Received 28 August 2013 for the retail of drugs and pharmaceuticals. Members are attracted to the site due to protection of identity Received in revised form 25 October 2013 by screen pseudonyms, variety and quality of product listings, selection of vendors based on reviews, Accepted 27 October 2013 reduced personal risks, stealth of product delivery, development of personal connections with vendors in stealth modes and forum activity. The study aimed to explore vendor accounts of Silk Road as retail Keywords: infrastructure. Silk Road Methods: A single and holistic case study with embedded units approach (Yin, 2003) was chosen to explore Internet Vending the accounts of vendor subunits situated within the Silk Road marketplace. Vendors (n = 10) completed an online interview via the direct message facility and via Tor mail. Drug markets Results: Vendors described themselves as ‘intelligent and responsible’ consumers of drugs. Decisions to commence vending operations on the site centred on simplicity in setting up vendor accounts, and opportunity to operate within a low risk, high traffic, high mark-up, secure and anonymous Deep Web infrastructure.
    [Show full text]
  • DSMIX: a Dynamic Self-Organizing Mix Anonymous System Renpeng Zou∗, Xixiang Lv∗, ∗School of Cyber Engineering, Xidian University, Xian 710071, China
    1 DSMIX: A Dynamic Self-organizing Mix Anonymous System Renpeng Zou∗, Xixiang Lv∗, ∗School of Cyber Engineering, Xidian University, Xian 710071, China Abstract—Increasing awareness of privacy-preserving has led There are, however, concerns about the lack of efficiency to a strong focus on anonymous systems protecting anonymity. and security in anonymous systems [6], [7], as explained By studying early schemes, we summarize some intractable below: problems of anonymous systems. Centralization setting is a universal problem since most anonymous system rely on central proxies or presetting nodes to forward and mix messages, which • Centralization. Most of anonymous systems, i.e. compromises users’ privacy in some way. Besides, availability Anonymizer [8], LPWA [9] and cMix [10], rely on central becomes another important factor limiting the development of proxies or preset nodes to hide the address information, anonymous system due to the large requirement of additional ad- then still use these proxies to blind and forward messages. ditional resources (i.e. bandwidth and storage) and high latency. Moreover, existing anonymous systems may suffer from different The centralized anonymous systems bring privacy leakage attacks including abominable Man-in-the-Middle (MitM) attacks, risks to users since the service providers can control Distributed Denial-of-service (DDoS) attacks and so on. In this all proxies and mix node to infer the users’ identities. context, we first come up with a BlockChain-based Mix-Net What’s worse, the public proxies or preset nodes are (BCMN) protocol and theoretically demonstrate its security and easily exposed to attackers. For instance, an attacker can anonymity. Then we construct a concrete dynamic self-organizing BlockChain-based MIX anonymous system (BCMIX).
    [Show full text]
  • 2014 Bis 2015
    Tätigkeitsbericht 2014/2015 Horst Görtz Institut für IT-Sicherheit Vorwort Sehr geehrte Damen und Herren, liebe Freunde des Horst Görtz Instituts, das HGI steht für Exzellenz in For- senschaftler im Berichtszeitraum aus- schung, Lehre und Nachwuchsförderung. gezeichnet wurden, den Erfolg und die In dieser Ausgabe möchten wir Ihnen – internationale Sichtbarkeit des Instituts zusätzlich zu den Einblicken in unsere veranschaulichen. Forschungsvorhaben, die Sie in der Son- derausgabe 2016 von RUBIN nachlesen Nicht zuletzt blicken wir auf unsere vier können – einige Statistiken zu unserer jüngsten Firmenausgründungen, die Forschung und Ausbildung in der IT-Si- das im Studium erworbene theoretische cherheit aus den Jahren 2014 und 2015 Wissen erfolgreich in eigene Geschäftsi- angeben. deen umgewandelt haben und florieren- de junge Start-ups erschaffen haben. In diesen beiden überaus eindrucksvollen Jahren haben insgesamt 210 Absolven- tinnen und Absolventen erfolgreich ein Studium der IT-Sicherheit an der Wir wünschen Ihnen und Euch viel Spaß Ruhr-Universität Bochum beendet, davon beim Lesen. 123 Bachelor- und 87 Masterabschlüsse. Hinzu kommen 15 Promotionen aus den verschiedensten Bereichen der IT-Sich- erheit. Ihr Wir blicken auf insgesamt 210 wis- senschaftliche Veröffentlichungen auf renommierten internationalen Kon- Prof. Christof Paar ferenzen und in Zeitschriften zurück, die ebenso wie die 11 Preise, mit denen Geschäftsführender Direktor des unsere Wissenschaftlerinnen und Wis- Horst Görtz Instituts Vorwort 3 Abschlussarbeiten Bachelor
    [Show full text]
  • Lecture 21: Anonymous Communications
    CS232 Lecture 21: Anonymous Communications November 21, 2018 2 You Are Not Anonymous 3 ¨ Your IP address can be linked directly to you ¤ ISPs store communications records ¤ Usually for several years (Data Retention Laws) ¤ Law enforcement can subpoena these records ¨ Your browser is being tracked ¤ Cookies, Flash cookies, E-Tags, HTML5 Storage ¤ Browser fingerprinting ¨ Your activities can be used to identify you ¤ Unique websites and apps that you use ¤ Types of links that you click Wiretapping is Ubiquitous 4 ¨ Wireless traffic can be trivially intercepted ¤ Airsnort, Firesheep, etc. ¤ Wifi and Cellular traffic! ¤ Encryption helps, if it’s strong n WEP and WPA are both vulnerable! ¨ Tier 1 ASs and IXPs are compromised ¤ NSA, GCHQ, “5 Eyes” ¤ ~1% of all Internet traffic ¤ Focus on encrypted traffic Who Uses Anonymity Systems? 5 ¨ “If you’re not doing anything wrong, you shouldn’t have anything to hide.” ¤ Implies that anonymous communication is for criminals ¨ The truth: who uses Tor? ¤ Journalists ¤ Business executives ¤ Law enforcement ¤ Military/intelligence personnel ¤ Human rights activists ¤ Abuse victims ¤ Normal people ¨ Fact: Tor was/is developed by the Navy Why Do We Want Anonymity? 6 ¨ To protect privacy ¤ Avoid tracking by advertising companies ¤ Viewing sensitive content n Information on medical conditions n Advice on bankruptcy ¨ Protection from prosecution ¤ Not every country guarantees free speech ¤ Downloading copyrighted material ¨ To prevent chilling-effects ¤ It’s easier to voice unpopular or controversial opinions
    [Show full text]
  • Anonymous Network Concepts & Implementation
    FORENSIC INSIGHT; DIGITAL FORENSICS COMMUNITY IN KOREA Anonymous Network Concepts & Implementation [email protected] Overview 1. Overview & Background 2. Anonymous Network tor freenet Gnunet I2P 3. Circumvention Techniques against Censorships Obfsproxy flashproxy forensicinsight.org Page 2 Overview . Attack Trends Summary Modern attack mostly involves malware, which Attempts to conceal attack itself Makes it hard to trace themselves down from network perspective Makes it difficult to find artifacts by wiping out themselves from system perspective Employs many techniques to be hard for analysis including: Anti-VM, Anti-disassembly, Anti-debugging and cryptography Infects a target but do nothing harm until they achieve their goals Imagine how future malware will evolve, which Employs the combination of existing – even legitimate – tools/techniques in a malicious fashion Emerges new variables targeting cloud computing Focuses highly on target-oriented attack which does not affect others Uses steganography technique in a wild more often Forms private tor network with exploited zombie machines forensicinsight.org Page 3 Overview . Malware/Crimeware Let’s briefly take a look at what to have, how to spread and what to do. Key Loggers Attachment Information Compromise Screenscrapers Peer-to-Peer Networks Spam Transmission Email, IM Redirectors Piggybacking Denial-of-Service, DDoS Session Hijackers Internet Worms, Virus Click Fraud Web Trojans Web Browser Exploits Data Ransoming Transaction Generators Server Compromise Identity Stealing Data Theft Affiliate Marketing Credit Card Abuse Man-in-the-Middle Phishing Defamation Rootkits Pharming Embezzlement Political Argument Misuse Distribution Features forensicinsight.org Page 4 Background . Necessity / Motivation (1/2) “Anonymity serves different interests for different user groups.” by Roger Dingledine, the creator of the Tor forensicinsight.org Page 5 Background .
    [Show full text]