Traffic Classification for the Detection of Anonymous Web Proxy Routing

Total Page:16

File Type:pdf, Size:1020Kb

Traffic Classification for the Detection of Anonymous Web Proxy Routing Traffic Classification for the Detection of Anonymous Web Proxy Routing Shane Miller School of Computing, Engineering & Intelligent Systems Faculty of Computing & Engineering Ulster University, Magee A thesis submitted in partial fulfilment of the requirements for the degree of Doctor of Philosophy I confirm that the word count of this thesis is less than 100,000 2 Contents CONTENTS ........................................................................................................................................ 2 ACKNOWLEDGEMENTS .................................................................................................................... 5 ABSTRACT ........................................................................................................................................ 6 ABBREVIATIONS ............................................................................................................................... 7 LIST OF FIGURES ............................................................................................................................... 9 LIST OF TABLES ............................................................................................................................... 10 1. INTRODUCTION ......................................................................................................................... 11 1.1 DETECTING AND BLOCKING ANONYMOUS COMMUNICATIONS .................................................................. 13 1.2 PROBLEM STATEMENT .................................................................................................................... 16 1.3 RESEARCH GOALS .......................................................................................................................... 16 1.4 THESIS CONTRIBUTIONS .................................................................................................................. 18 1.5 THESIS OUTLINE ............................................................................................................................ 18 2. LITERATURE REVIEW ................................................................................................................. 21 2.1 PROXIES ....................................................................................................................................... 21 2.1.1 Content Filters ................................................................................................................... 24 2.1.2 Document access controllers ............................................................................................ 25 2.1.3 Security Firewalls .............................................................................................................. 26 2.1.4 Web Caches ....................................................................................................................... 27 2.1.5 Reverse Proxy .................................................................................................................... 28 2.1.6 Content Router .................................................................................................................. 29 2.1.7 Transcoder ........................................................................................................................ 30 2.1.8 Anonymous Proxies ........................................................................................................... 30 2.1.9 Conclusion .......................................................................................................................... 32 2.2 VIRTUAL PRIVATE NETWORKS (VPNS) ............................................................................................... 33 2.2.1 Introduction ...................................................................................................................... 33 2.2.2 PPTP .................................................................................................................................. 34 2.2.3 L2TP................................................................................................................................... 35 2.2.4 IPsec .................................................................................................................................. 35 2.2.5 IKE ..................................................................................................................................... 36 2.2.6 Secure Socket Layer (SSL)-based VPNs .............................................................................. 37 2.2.7 OpenVPN ........................................................................................................................... 38 2.2.8 Conclusion .......................................................................................................................... 39 2.3 Intrusion Detection .............................................................................................................. 39 3 2.3.1 Machine Learning in Intrusion Detection Systems ............................................................ 40 2.4 MACHINE LEARNING AND NEURAL NETWORKS .................................................................................... 42 2.4.1 Machine Learning Methods .............................................................................................. 42 2.4.2 Neural Networks ............................................................................................................... 43 2.5 Conclusion ............................................................................................................................. 46 3. DETECTION OF ANONYMISING PROXIES .................................................................................... 47 3.1 INTRODUCTION .............................................................................................................................. 47 3.2 DATASET ...................................................................................................................................... 48 3.2.1 Packet capture .................................................................................................................. 51 3.2.2 Non-proxy data capture .................................................................................................... 57 3.3 EXPERIMENTS ................................................................................................................................ 58 3.3.1 Methodology ..................................................................................................................... 60 3.3.2 Two-Class Neural Network ................................................................................................ 61 3.3.3 Dataset upload and preparation....................................................................................... 64 3.3.4 Training and Testing ......................................................................................................... 66 3.3.5 Results ............................................................................................................................... 68 3.4 SUMMARY .................................................................................................................................... 69 4. VPN CLASSIFICATION ................................................................................................................. 71 4.1 INTRODUCTION .............................................................................................................................. 71 4.2 DATASET ...................................................................................................................................... 72 4.2.1 Capture Method ................................................................................................................ 72 4.2.2 NetMate ............................................................................................................................ 76 4.3 VPN SETUP: STREISAND ON AWS .................................................................................................... 78 4.4 WEKA EXPERIMENT ........................................................................................................................ 79 4.4.1 Feature Selection .............................................................................................................. 81 4.4.2 Resampling the dataset into training, testing & validation sets ........................................ 82 4.4.3 Neural Network Setup ....................................................................................................... 83 4.4.4 Results ............................................................................................................................... 85 4.5 OPENVPN USING STUNNEL ............................................................................................................. 88 4.5.1 Dataset.............................................................................................................................. 88 4.5.2 Feature Selection .............................................................................................................. 89 4.5.3 Neural Network setup ....................................................................................................... 90 4.5.4 Results ............................................................................................................................... 91 4.6 VALIDATION TESTING
Recommended publications
  • Copyrighted Material
    Anonymizing 1 Your Activities In our daily lives we like to have a certain level of privacy. We have curtains on our win- dows, doors for our offices, and even special screen protectors for computers to keep out prying eyes. This idea of wanting privacy also extends to the use of the Internet. We do not want people knowing what we typed in Google, what we said in our Instant Message conversations, or what websites we visited. Unfortunately, your private information is largely available if someone is watching. When doing any number of things on the Internet, there are plenty of reasons you might want to go incognito. However, that does not mean you’re doing anything wrong or illegal. he justification for anonymity when researching malware and bad guys is pretty Tstraightforward. You do not want information to show up in logs and other records that might tie back to you or your organization. For example, let’s say you work at a finan- cial firm and you recently detected that a banking trojan infected several of your systems. You collected malicious domain names, IP addresses, and other data related to the malware. The next steps you take in your research may lead you to websites owned by the criminals. As a result, if you are not taking precautions to stay anonymous, your IP address will show up in various logs and be visible to miscreants. If the criminals can identify you or the organization from which you conduct your research, they may COPYRIGHTEDchange tactics or go into hiding, MATERIAL thus spoiling your investigation.
    [Show full text]
  • Free Cgi Proxy Script
    Free cgi proxy script click here to download There have been many other proxy software scripts in the past, such as Glype, PHProxy, CGIProxy, Surrogafier, ASProxy, Zelune but all have either perished. This CGI script (or other) acts as an HTTP, HTTPS, or FTP proxy. Here's a demo (username "free", password "speech"), that lets you browse. Surf the web with phpMyProxy. phpMyProxy is a free, light and powerful php proxy script programed by www.doorway.ru If you use this template, keep the link to Free CSS Templates intact. cgi proxy script free download. Guacamole Install Script The script installs dependencies and configure the OS automatically for you in order to obtain. FREE CGI Web Proxy List contains list of cgi/php proxies that are publicly accessed at the moment. Public CGI (Web, PHP) anonymous proxy free list. WEB/WWW servers) servers running a proxy in the form of a CGI script/program (Common. Are you looking to start your own PHP/CGI/Perl web proxy site? We have created an up-to-date list of free and working web-based proxy scripts available for. Proxy website with hosted proxy bypass scripts. Proxy scripts (also known as CGI proxies) work by modifiying the content of the requested page to send subsequent requests back to All are powerful, easily customizable and free. Download CGIProxy. This CGI script (or other) acts as an HTTP, HTTPS, or FTP proxy. Through it, you can retrieve any resource that is accessible from the. start your proxy site with these 3 great free proxy scripts.
    [Show full text]
  • Handbook for Bloggers and Cyber-Dissidents
    HANDBOOK FOR BLOGGERS AND CYBER-DISSIDENTS REPORTERS WITHOUT BORDERS MARCH 2008 Файл загружен с http://www.ifap.ru HANDBOOK FOR BLOGGERS AND CYBER-DISSIDENTS CONTENTS © 2008 Reporters Without Borders 04 BLOGGERS, A NEW SOURCE OF NEWS Clothilde Le Coz 07 WHAT’S A BLOG ? LeMondedublog.com 08 THE LANGUAGE OF BLOGGING LeMondedublog.com 10 CHOOSING THE BEST TOOL Cyril Fiévet, Marc-Olivier Peyer and LeMondedublog.com 16 HOW TO SET UP AND RUN A BLOG The Wordpress system 22 WHAT ETHICS SHOULD BLOGUEURS HAVE ? Dan Gillmor 26 GETTING YOUR BLOG PICKED UP BY SEARCH-ENGINES Olivier Andrieu 32 WHAT REALLY MAKES A BLOG SHINE ? Mark Glaser 36 P ERSONAL ACCOUNTS • SWITZERLAND: “” Picidae 40 • EGYPT: “When the line between journalist and activist disappears” Wael Abbas 43 • THAILAND : “The Web was not designed for bloggers” Jotman 46 HOW TO BLOG ANONYMOUSLY WITH WORDPRESS AND TOR Ethan Zuckerman 54 TECHNICAL WAYS TO GET ROUND CENSORSHIP Nart Villeneuve 71 ENS URING YOUR E-MAIL IS TRULY PRIVATE Ludovic Pierrat 75 TH E 2008 GOLDEN SCISSORS OF CYBER-CENSORSHIP Clothilde Le Coz 3 I REPORTERS WITHOUT BORDERS INTRODUCTION BLOGGERS, A NEW SOURCE OF NEWS By Clothilde Le Coz B loggers cause anxiety. Governments are wary of these men and women, who are posting news, without being professional journalists. Worse, bloggers sometimes raise sensitive issues which the media, now known as "tradition- al", do not dare cover. Blogs have in some countries become a source of news in their own right. Nearly 120,000 blogs are created every day. Certainly the blogosphere is not just adorned by gems of courage and truth.
    [Show full text]
  • 20141228-Spiegel-Overview on Internet Anonymization Services On
    (C//REL) Internet Anonymity 2011 TOP SECRET//COMINT REL TO USA,FVEY Jt * (C//REL) What is Internet Anonymity? (U) Many Possible Meanings/Interpretations (S//REL) Simply Not Using Real Name for Email (S//REL) Private Forum with Unadvertised Existence (S//REL) Unbeatable Endpoint on Internet (S//REL) This Talk Concerns Endpoint Location (S//REL) The Network Address (IP Address) is Crucial (S//REL) It is Not Always Sufficient, However • (S//REL) Dynamic IP Address • (S//REL) Mobile Device TOP SECRET//COMINT REL TO USA,FVEY FT ^I^hHHPPI^^B äim f (C//REL) What is Internet Anonymity? (S//REL) Anonymity Is Not Simply Encryption (S//REL) Encryption Can Simply Hide Content (S//REL) Anonymity Masks the MetaData and hence association with user (S//SI//REL) Importance of MetaData to SIGINT post-2001 can not be overstated (S//REL) There is also anonymity specifically for publishing information (S//REL) Beyond the Scope of this Talk! (U) Anonymity is the antithesis of most business transactions (but encryption may be crucial) (U) Authentication for monetary exchange (U) Marketing wants to know customer well (U) The same goes for Taxing Authorities :-) TOP SECRET//COMINT REL TO USA,FVEY 3 A j. • " * (C//REL) Who Wants Internet ity2 Vm k m j®- * k (U) All Technology is Dual-Use - (U) Nuclear Weapon to Plug Oil Well - (U) Homicide by Hammer (U) Internet Anonymity for Good T - (U) Anonymous Surveys (Ex: Diseases) - (U) Human Rights Bloggers - (U) HUMINT Sources TOP SECRET//COMINT REL TO USA,FVEY 4 , A - Jt (C//REL) Who Wants Internet m •A w (U) Internet
    [Show full text]
  • Rapport Internet 2004 Gb
    HANDBOOK FOR BLOGGERS AND CYBER-DISSIDENTS REPORTERS WITHOUT BORDERS MARCH 2008 HANDBOOK FOR BLOGGERS AND CYBER-DISSIDENTS REPORTERS WITHOUT BORDERS HANDBOOK FOR BLOGGERS AND CYBER-DISSIDENTS CONTENTS © 2008 Reporters Without Borders 04 BLOGGERS, A NEW SOURCE OF NEWS Clothilde Le Coz 07 WHAT’S A BLOG ? LeMondedublog.com 08 THE LANGUAGE OF BLOGGING LeMondedublog.com 10 CHOOSING THE BEST TOOL Cyril Fiévet, Marc-Olivier Peyer and LeMondedublog.com 16 HOW TO SET UP AND RUN A BLOG The Wordpress system 22 WHAT ETHICS SHOULD BLOGUEURS HAVE ? Dan Gillmor 26 GETTING YOUR BLOG PICKED UP BY SEARCH-ENGINES Olivier Andrieu 32 WHAT REALLY MAKES A BLOG SHINE ? Mark Glaser 36 PERSONAL ACCOUNTS • SWITZERLAND: “” Picidae 40 • EGYPT: “When the line between journalist and activist disappears” Wael Abbas 43 • THAILAND : “The Web was not designed for bloggers” Jotman 46 HOW TO BLOG ANONYMOUSLY WITH WORDPRESS AND TOR Ethan Zuckerman 54 TECHNICAL WAYS TO GET ROUND CENSORSHIP Nart Villeneuve 71 ENSURING YOUR E-MAIL IS TRULY PRIVATE Ludovic Pierrat 75 THE 2008 GOLDEN SCISSORS OF CYBER-CENSORSHIP Clothilde Le Coz 3 I REPORTERS WITHOUT BORDERS mine INTRODUCTION BLOGGERS, A NEW SOURCE OF NEWS By Clothilde Le Coz B loggers cause anxiety. Governments are wary of these men and women, who are posting news, without being professional journalists. Worse, bloggers sometimes raise sensitive issues which the media, now known as "tradition- al", do not dare cover. Blogs have in some countries become a source of news in their own right. Nearly 120,000 blogs are created every day. Certainly the blogosphere is not just adorned by gems of courage and truth.
    [Show full text]
  • Privacy Enhancing Technologies for the Internet III: Ten Years Later
    Privacy Enhancing Technologies for the Internet III: Ten Years Later Ian Goldberg David R. Cheriton School of Computer Science University of Waterloo Waterloo, ON [email protected] 1 Introduction In 1997 with Wagner and Brewer, and again in 2002, we looked at the then-current state of privacy-enhancing technologies (PETs) for the Internet. [27, 26] Now, in 2007, we take a third look. Technologies to help users maintain their privacy online are as important today as ever before—if not more so. Identity theft is the fastest-growing crime in the US today [47] and it is all too easy for would-be identity thieves to harvest personal information from the online trails Internet users leave every day. Losses of large databases of personal information are an almost daily occurrence [2]; for example, retailers’ servers are penetrated [44], databases are traded between government and private companies [36] and laptops containing social security numbers are stolen [35]. In 1997, we discussed the dossier effect: all available information about a person gets cross-referenced, and the resulting dossier ends up being used for many purposes, lawful and not. This practice has expanded over the years; the companies that compile and sell these dossiers are known as data brokers. Choicepoint is a prime example—in 2005, this data broker sold dossiers on over 150,000 Americans to a group of criminals. [10] The PETs we discuss here give people a way to control how much of their personal information is revealed when they use the Internet. By controlling the spread of this information, they can limit the size of the data brokers’ dossiers about them.
    [Show full text]
  • Nomadix Alloc8 Appliance User Manual
    Alloc8 Appliance User Manual ExOS Version 7.4 © 2015 Nomadix, Inc. 2 Copyright © 2015 Nomadix, Inc. All rights reserved. No parts of this work may be reproduced in any form or by any means - graphic, electronic, or mechanical, including photocopying, recording, taping, or information storage and retrieval systems - without the written permission of the publisher. Products that are referred to in this document may be either trademarks and/or registered trademarks of the respective owners. The publisher and the author make no claim to these trademarks. While every precaution has been taken in the preparation of this document, the publisher and the author assume no responsibility for errors or omissions, or for damages resulting from the use of information contained in this document or from the use of programs and source code that may accompany it. In no event shall the publisher and the author be liable for any loss of profit or any other commercial damage caused or alleged to have been caused directly or indirectly by this document. Document Built on Wednesday, December 23, 2015 at 4:01 PM Using this guide Before using this guide, become familiar with the Nomadix documentation system. n "Nomadix documentation conventions" on page 2 n "Notes, Tips, Examples, and Cautions" on page 3 Nomadix documentation conventions The Nomadix documentation uses the following conventions in the documentation. Graphical interface conventions The following is a summary of the conventions used for graphic interfaces such as those in the Nomadix Web UI and the Central Management Technical Preview UI. Convention Definition bold Interface element such as buttons or menus.
    [Show full text]
  • The Tor Network: a Global Inquiry Into the Legal Status of Anonymity Networks
    Washington University Global Studies Law Review Volume 11 Issue 3 2012 The Tor Network: A Global Inquiry into the Legal Status of Anonymity Networks Keith D. Watson Washington University School of Law Follow this and additional works at: https://openscholarship.wustl.edu/law_globalstudies Part of the Comparative and Foreign Law Commons, and the Internet Law Commons Recommended Citation Keith D. Watson, The Tor Network: A Global Inquiry into the Legal Status of Anonymity Networks, 11 WASH. U. GLOBAL STUD. L. REV. 715 (2012), https://openscholarship.wustl.edu/law_globalstudies/vol11/iss3/6 This Note is brought to you for free and open access by the Law School at Washington University Open Scholarship. It has been accepted for inclusion in Washington University Global Studies Law Review by an authorized administrator of Washington University Open Scholarship. For more information, please contact [email protected]. THE TOR NETWORK: A GLOBAL INQUIRY INTO THE LEGAL STATUS OF ANONYMITY NETWORKS I. INTRODUCTION On July 29, 2010, Jacob Appelbaum, the only known American member of the whistle-blowing organization WikiLeaks, was detained by U.S. agents as he attempted to reenter the country.1 The agents frisked him, searched his bag, photocopied his receipts, and inspected his laptop.2 Appelbaum was questioned about WikiLeaks, which leaked numerous classified government documents relating to the war in Afghanistan only days earlier.3 The agents also questioned him about his views on the United States‘ involvement in Afghanistan and Iraq and his knowledge of the whereabouts of WikiLeaks founder Julian Assange.4 Since then, 1. Nathaniel Rich, The Most Dangerous Man in Cyberspace, ROLLING STONE, Sept.
    [Show full text]
  • CSCI 1800 Cybersecurity and International Relations
    CSCI 1800 Cybersecurity and International Relations Attribution and Privacy John E. Savage Brown University Outline • Review of types of cyber attacks • Attribution problem • Methods to avoid attribution • Detecting attribution • Alternatives to attribution • Intro to deterrence on the Internet • The impersonation problem • Based on – Untangling Attribution, Clark and Landau, Procs. Workshop on Deterring Cyberattacks, National Research Council, 2010. – A Survey of Challenges in Attribution, Boebert, Procs. Workshop on Deterring Cyberattacks, National Research Council, 2010. Lect 08 2/24/20 © JE Savage 2 Types of Internet-Based Attacks • Distributed denial of service (DDoS) – botnet based – Goal: Overwhelm with data, possibly using amplification • Penetration attacks – uses malicious functionality – Goal: Control the machine that is attacked. • EXploitation attacks – a penetration attack – Goal: Penetrate to eXtract valuable information • Destructive attacks – a penetration attack – Goal: Destroy/disrupt valuable system component or attached resource, either temporarily or permanently. Lect 08 2/24/20 © JE Savage 3 The Attribution Problem “On the Internet, nobody knows that you’re a dog.” Lect 08 2/24/20 © JE Savage 4 The Attribution Problem • Attribution important in deterring attacks. – If attribution of attacker were known to be easy, attackers may be deterred by threat of retribution. • Attribution is known to be hard. Why is it? – Technical attribution • Who owns the attacking machine? • Where is the machine located? • Is the attacker hiding behind a proXy? – Human attribution • Who launched the attack? • For whom was that person acting? Lect 08 2/24/20 © JE Savage 5 Coping with Attacks • Distributed Denial of Service (DDoS) attacks – Difficult to stop. Attribution not very helpful given that it must be stopped ASAP.
    [Show full text]
  • An Anonymous and Distributed Personalization Architecture Antoine Boutet, Davide Frey, Arnaud Jégou, Anne-Marie Kermarrec, Heverson Borba Ribeiro
    FreeRec: an Anonymous and Distributed Personalization Architecture Antoine Boutet, Davide Frey, Arnaud Jégou, Anne-Marie Kermarrec, Heverson Borba Ribeiro To cite this version: Antoine Boutet, Davide Frey, Arnaud Jégou, Anne-Marie Kermarrec, Heverson Borba Ribeiro. FreeRec: an Anonymous and Distributed Personalization Architecture. [Technical Report] 2013, pp.20. hal-00844813 HAL Id: hal-00844813 https://hal.inria.fr/hal-00844813 Submitted on 16 Jul 2013 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. FreeRec: an Anonymous and Distributed Personalization Architecture Antoine Boutet1, Davide Frey1, Arnaud J´egou1, Anne-Marie Kermarrec1;2, and Heverson B. Ribeiro1 1 INRIA Rennes, France [email protected], [email protected], [email protected], [email protected], [email protected] 2 EPFL, Switzerland Abstract. We present and evaluate FreeRec, an anonymous decentral- ized peer-to-peer architecture, designed to bring personalization while protecting the privacy of its users. FreeRec's decentralized approach makes it independent of any entity wishing to collect personal data about users. At the same time, its onion-routing-like gossip-based overlay protocols effectively hide the association between users and their inter- est profiles without affecting the quality of personalization.
    [Show full text]
  • Hiding Your IP Address, Anonymous Internet Surfing HOWTO Pagina 1
    Hiding Your IP Address, Anonymous Internet Surfing HOWTO Pagina 1 Hiding Your IP Address CGI/ LOGIN LISTS NEW .TXT CHK GEO ANON HTTPS EMAIL RELAY HEAD WHOIS DOCS HOWTO LINKS BBOARD WEB Hiding Your IP Address Using HTTP, CONNECT, CGI/PHP/WEB, SOCKS proxies Anonymous Internet Surfing HOWTO You could try reading about wingates, socks and proxies (oh before i forget, turn off java, javascript, cookies, what's related, and smart update ... if you are using IE you're not very smart). Also try installing a firewall, or DHCP or you can learn from me! There are situations in which you may want to visit a site without leaving a trace of the visit. For instance you want to check what's going on at your competitor's site. Your visit will generate a record in the log file. Frequent visits will generate many records. Do you want to know what kind of records? See in YOUR REQUEST, YOUR WHOIS RECORD and GEOGRAPHIC LOCATION, Privacy Analysis of your Internet Connection, Another Privacy Investigation Report, BrowserSpy Info, ShowMyIP - will tell you some scary info about what can be told about your computer via the internet. Note that these tests are not very sophisticated. A dedicated "snooper" can often learn much more. Once I came across a server that tried to connect to my computer's disk while I was browsing ... that was an exciting experince. You should also remember about things like cookies, hostile applets and java scripts, browser security holes and so on. So why don't we send someone instead of ourselves? Good idea.
    [Show full text]
  • Herd: a Scalable, Traffic Analysis Resistant Anonymity Network
    Herd: A Scalable, Traffic Analysis Resistant Anonymity Network for VoIP Systems Stevens Le Blond David Choffnes MPI-SWS Northeastern University William Caldwell Peter Druschel Nicholas Merritt MPI-SWS MPI-SWS MPI-SWS ABSTRACT 1. INTRODUCTION Effectively anonymizing Voice-over-IP (VoIP) calls requires Voice-over-IP (VoIP) systems are popular and their sup- a scalable anonymity network that is resilient to traffic analy- port for pseudonymous identities and strong encryption sis and has sufficiently low delay for high-quality voice calls. makes them appealing to users concerned about communi- The popular Tor anonymity network, for instance, is not de- cation privacy. However, many nation states use Internet signed for the former and cannot typically achieve the latter. surveillance to monitor and repress critics [18, 14], and even In this paper, we present the design, implementation, and ex- western democracies conduct mass surveillance [9, 10, 8, 4]. perimental evaluation of Herd, an anonymity network where In this environment, VoIPsystems are not sufficient to ensure a set of dedicated, fully interconnected cloud-based prox- the anonymity of Internet users, nor the safety of political ac- ies yield suitably low-delay circuits, while untrusted super- tivists and whistleblowers, as illustrated, for example, by the peers add scalability. Herd provides caller/callee anonymity NSA’s ability to intercept Skype conversations [13]. among the clients within a trust zone (e.g., jurisdiction) and Further, existing anonymity networks are not designed for under a strong adversarial model. Simulations based on a latency sufficiently low to support VoIP, or scalability to mil- trace of 370 million mobile phone calls among 10:8 million lions of users under a strong adversarial model.
    [Show full text]