DOCSLIB.ORG

Methods and Systems for Understanding Large-Scale Internet Threats

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Methods and Systems for Understanding Large-Scale Internet Threats by Paul James Pearce A dissertation submitted in partial satisfaction of the requirements for the degree of Doctor of Philosophy in Computer Science in the Graduate Division of the University of California, Berkeley Committee in charge: Professor Vern Paxson, Chair Professor Deirdre K. Mulligan Professor Stefan Savage Professor David Wagner Summer 2018 Methods and Systems for Understanding Large-Scale Internet Threats Copyright 2018 by Paul James Pearce 1 Abstract Methods and Systems for Understanding Large-Scale Internet Threats by Paul James Pearce Doctor of Philosophy in Computer Science University of California, Berkeley Professor Vern Paxson, Chair Large-scale Internet attacks are pervasive. A broad spectrum of actors from organized gangs of criminals to nation-states exploit the modern, layered Internet to launch politically and econom- ically motivated attacks. The impact of these attacks is vast, ranging from billions of users experi- encing Internet censorship, to tens of millions of dollars lost annually to cybercrime. Developing effective and comprehensive defenses to these large scale threats requires systematic empirical measurement. In this dissertation we develop empirical measurement methods and systems for understanding politically and economically motivated Internet threats. Specifically, we examine the problems of Internet censorship and advertising abuse in-depth and at-scale. To understand censorship, we develop Augur and Iris, methods and accompanying systems that allow us to perform global, lon- gitudinal measurement of Internet censorship at the TCP/IP and DNS layers of the network stack— without the use of volunteers. This work addresses a range of both technical and extra-technical challenges, at a scale and fidelity not previously achieved. In combating advertising abuse, we in- vestigate and chronicle multiple facets of the ecosystem— from clickbots to large-scale botnets to advertising injection—using a variety of empirical methods. Our work ultimately identifies funda- mental structural weak-points leverageable for defense, resulting in dismantling botnets, cleaning up ad networks, and protecting users. i For Judy ii Contents Contents ii 1 Introduction 1 I Global Censorship Measurement 5 2 Censorship Introduction, Related Work and Ethics 6 2.1 Introduction . 6 2.2 Related Work . 7 2.3 Ethics . 10 3 Augur: Internet-Wide Detection of Connectivity Disruptions 12 3.1 Introduction . 12 3.2 Method Overview . 13 3.3 Putting the Method to Practice . 17 3.4 Augur Implementation and Experiment Data . 23 3.5 Validation and Analysis . 30 3.6 Discussion . 39 3.7 Augur Summary . 40 4 Iris: Global Measurement of DNS Manipulation 42 4.1 Introduction . 42 4.2 Method . 43 4.3 Dataset . 52 4.4 Results . 55 4.5 Iris Summary . 65 5 Censorship Discussion and Conclusion 68 II Understanding Advertising Abuse 70 6 Advertising Abuse Introduction and Related Work 71 iii 6.1 Introduction . 71 6.2 Related Work and Background . 73 7 What’s Clicking What? Clickbot Techniques and Innovations 78 7.1 Introduction . 78 7.2 Methodology . 79 7.3 The Fiesta Clickbot . 81 7.4 The 7cy Clickbot . 85 7.5 Discussion and Summary . 96 8 ZeroAccess: Background and Evolution 98 8.1 ZeroAccess Evolution and Takedown . 98 8.2 Technical Background . 100 9 The ZA Auto-Clicking and Search-Hijacking Malware 102 9.1 Introduction . 102 9.2 Methodology . 103 9.3 The ZeroAccess Platform . 104 9.4 The Auto-Clicking Module . 105 9.5 Serpent: The Search-Hijacking Module . 108 9.6 Summary . 116 10 Characterizing Large-Scale Click Fraud in ZeroAccess 117 10.1 Introduction . 117 10.2 Data Sources and Quality . 118 10.3 Analyzing Fraud . 121 10.4 Assessing ZA-Dirty Ad Units . 130 10.5 Summary . 135 11 Ad Injection at Scale: Assessing Deceptive Advertisement Modifications 136 11.1 Introduction and Background . 136 11.2 Impacted Properties . 137 11.3 Understanding Injectors in Revenue Chains . 138 11.4 Advertisers and Intermediates For Top Injectors . 139 11.5 Summary . 143 12 Advertising Abuse Conclusion 144 13 Conclusion and Future Directions 145 Bibliography 147 iv Acknowledgments I must begin by thanking my amazing PhD advisor Vern Paxson. His support, understanding, encouragement, and expertise on topics ranging from research to life were invaluable. Without his guidance I would not be where I am today. Thank you. I must also thank the faculty of the Center for Evidence based Security Research (CESR), namely Stefan Savage and Geoff Voelker. Their council and feedback were instrumental in my career. They both continually went above and beyond in facilitating my PhD, at times engaging more as advisors than mentors. Thank you both. Similarity, I thank Nick Feamster, whose guidance throughout the 2nd half of my PhD was critical in achieving my career objectives. I also thank David Wagner, a resource and mentor throughout my time in Berkeley. PhD’s are a marathon, and it helps to have good friends to share the load. Thank you to 1044++ for the life part of work-life balance. I owe a huge debt of gratitude to all of my fellow security students at UC Berkeley and the broader CESR family. This includes but is not limited to: Devdatta Akhawe, Jethro Beekman, Joe DeBlasio, Adrienne Porter Felt, David Fifield, Chris Grier, Grant Ho, Danny Huang, Mobin Javed, Noah Johnson, Frank Li, Bill Marczak, Michael McCoyd, Brad Miller, Ariana Mirian, Austin Murdock, and Kurt Thomas. Thank you all for the support and comradery. The unsung heros of any PhD are the staff that make everything work. Chief among them are Angie Abbatecola and Jon Kuroda. Thank you both for being awesome and continually going above and beyond in keeping the department going. Going back further, this degree was not possible without the opportunity of the California Community College system, numerous professors at Chaffey Community College, and the sup- port of several individuals whom facilitated my transfer to UC Berkeley as an undergraduate. Among those who deserve recognition are: Tim Arner (Chaffey Community College Professor, retired), Charles Hollenbeck (Chaffey Community College Professor, retired), Rebecca Miller (former UC Berkeley Director of Student Affairs), Karen Pender (Chaffey Community College Professor, retired), Ana Rafferty (UC Berkeley Transfer Specialist), and Sheila Humphreys (UC Berkeley EECS Emerita Director of Diversity). Thank you all helping me get to this point in my life and career. Throughout my entire PhD I had the privilege to work with an amazing set of collaborators from both academia and industry. I thank them all for the opportunity to collaborate, and acknowledge that this work was not possible without their assistance. I also thank my dissertation committee, Vern Paxson, Deirdre Mulligan, Stefan Savage, and David Wagner, for enduring my qualifying exam slides and providing invaluable feedback on my work’s direction and impact. Additionally, I am grateful for the research assistance of the following throughout my graduate career: David Anselmi, Manos Antonakakis, Richard Boscovich, Eric Brewer, Randy Bush, Chia Yuan Cho, Jed Crandall, Hitesh Dharamdasani, Zakir Durumeric, David Fifield, Sarthak Grover, Yunhong Gu, Brad Karp, Niels Provos, Moheeb Abu Rajab, the Google Safe Browsing Team, the v Microsoft Digital Crimes Unit (DCU), the Microsoft Malware Protection Center (MMPC), and the Bing Ads Online Forensics Team. My work was supported in part by National Science Foundation Awards CNS-0433702, CNS- 0831535, CNS-0905631, CNS-1213157, CNS-1237076 CNS-1237264, CNS-1237265, CNS-140- 6041, CNS-1518878, CNS-1518918, CNS-1540066, and CNS-1602399; by the Office of Naval Research MURI grants N00014-09-1-1081 and N00014-12-1-0165; by the U.S. Army Research Office MURI grant W911NF-09-1-0553; the Team for Research in Ubiquitous Secure Technology (TRUST); and by gifts from Google, Microsoft, and the UCSD Center for Networked Systems (CNS). Any opinions, findings, and conclusions or recommendations expressed in this dissertation are those of the author and do not necessarily reflect the views of the sponsors. And to Judy, my wife: You are the best person I know. Your immeasurable patience, love, and support is what allows me to do what I do. Thank you for the journey thus far, and what is come. Also I’m sorry I cold-called you (prior to our formal introduction) when we took EE20N. But it seems to have worked out ok in the long run. 1 Chapter 1 Introduction Internet security is defined by conflict. The value and power mediated by the global, interconnected systems of today’s Internet in turn attract adversaries who seek to exploit these same systems for economic, political or social gain. However, the underlying complexity of the Internet infrastruc- ture, the layering of its services, and the indirect nature of its business relationships can make it difficult to identify even the existence of adversaries manipulating systems for their benefit. Fur- ther, identifying that an attack is taking place is only the first step in an ongoing challenge, as adversaries have the luxury to define where and when their actions take place and responders are forced to discover the landscape of the battle after it commences. Studying these problems is challenging. While anecdotes and serendipitous findings are com- mon, understanding the full nature of a particular action or attack requires systematic measurement— frequently measurement of an actor who seeks to hide or camouflage their actions. Designing ef- fective and comprehensive defenses requires sound understanding of not only specific problems, but also the fundamental limitations and costs associated with those problems. In the context of global-scale attacks such as cybercrime and censorship, acquiring this understanding is frequently challenging and requires new types of research systems and measurement methods. Remediation without systematic understanding of opponents’ costs, capabilities, and objectives risks developing reactionary, incremental defenses lacking feasibility or robustness. This dissertation brings empirical grounding and understanding to the study of global, hidden Internet security threats.
Recommended publications
  • Copyright Hbbtv 2017 All Rights Reserved Test Suite V9.2.0 Test Id

    Copyright Hbbtv 2017 All Rights Reserved Test Suite V9.2.0 Test Id

    Copyright HbbTV 2017 All Rights Reserved Test Suite v9.2.0 Test Id Vers Title Approved Assertion If subtitles are enabled and a broadband delivered FALSE es.tdthibrida_7D7C0040 1 Broadband DVB subtitles in a TS are displayed TS_AVC_SD_25_HEAAC stream containing DVB subtitles (Nordig) is being presented, those subtitles shall be displayed. If subtitles are enabled and a broadband delivered Broadband Teletext subtitles in a TS are FALSE TS_AVC_SD_25_HEAAC stream containing EBU Teletext es.tdthibrida_7D7C0050 1 displayed (Nordig) subtitles is being presented, those subtitles shall be displayed. When broadband delivered subtitles are being displayed FALSE es.tdthibrida_7D7C0060 1 Broadband Subtitles Below Application Graphics in an A/V control object, the subtitles shall be displayed (Nordig) behind the application graphics plane The terminal's user interface shall have a user option FALSE that controls whether auto-start applications are es.tdthibrida_7D7C0070 1 Auto-start applications enabled by default (Nordig) launched automatically, and when in its default manufacturer state this option shall be enabled When the receiver has its default manufacturer-set Application launching with network connection FALSE configuration and the terminal is tuned to a service fr.hdforum_00151000 2 available (Nordig) carrying an AIT signalling one AUTOSTART broadband application, the terminal shall start that application Terminal shall provide an EXIT or TV or comparable FALSE fr.hdforum_00151240 1 EXIT function is provided by receiver button either on a remote control or another control (Nordig) interface. Termination of autostart application using EXIT FALSE Terminal shall terminate a running autostart application fr.hdforum_00151250 1 function (Nordig) when the EXIT function (or equivalent) is used.
  • Human Rights Protocol Considerations Research Group S

    Human Rights Protocol Considerations Research Group S

    Human Rights Protocol Considerations Research Group S. Abraham Internet-Draft CIS India Intended status: Informational MP. Canales Expires: January 16, 2018 Derechos Digitales J. Hall CDT O. Khrustaleva American University N. ten Oever ARTICLE 19 C. Runnegar ISOC S. Sahib Cisco Systems July 15, 2017 Implementation Report for HTTP Status Code 451 (RFC 7725) draft-451-imp-report-00 Abstract This report describes implementation experience between various components working with the HTTP Status Code 451 [RFC7725], a risk assessment and recommendation for improvements. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on January 16, 2018. Copyright Notice Copyright (c) 2017 IETF Trust and the persons identified as the document authors. All rights reserved. Abraham, et al. Expires January 16, 2018 [Page 1] Internet-Draft 451ImpReport July 2017 This document is subject to BCP 78 and the IETF Trust’s Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document.
  • PID Service – an Advanced Persistent Identifier Management Service for the Semantic Web

    PID Service – an Advanced Persistent Identifier Management Service for the Semantic Web

    21st International Congress on Modelling and Simulation, Gold Coast, Australia, 29 Nov to 4 Dec 2015 www.mssanz.org.au/modsim2015 PID Service – an advanced persistent identifier management service for the Semantic Web P. Golodoniuc a, N. J. Car b, S. J. D. Cox c, and R. A. Atkinson d a CSIRO Mineral Resources Flagship, Kensington, WA, Australia b CSIRO Land & Water Flagship, Dutton Park, QLD, Australia c CSIRO Land & Waters Flagship, Highett, VIC, Australia d Metalinkage, Wollongong, NSW, Australia Email: [email protected] Abstract: Persistent identifiers are an integral part of the Semantic Web and Linked Data applications: they enable the stable identification of digital objects and may be used as a top-level application programming interface (API) to bind multiple representations of digital objects into a single, coherent, data model. In addition to these technical tasks, persistent identifiers and their management are of prime concern for the governance of Domain Name System (DNS)-based domains containing output from multiple parties that need to ensure identifier uniqueness as their first order of operation. Our contribution to solutions for the technical and governance challenges posed by identity management is the PID Service – a persistent identity service – which is a web service offering advanced persistent identifier management with features not found in proxy servers and other web redirection products. The PID Service is able to store and implement large numbers of complex Uniform Resource Indicator (URI) redirection rules and handle related sets of rules according to rule hierarchies. This, combined with a web-based graphical user interface and database rule storage, allows users of the PID Service to far more easily manage large numbers of complex rules within a domain avoiding rule collision and specialised partial URI delegation.
  • United States District Court Southern District of Florida Miami Division

    United States District Court Southern District of Florida Miami Division

    Case 1:15-cv-23888-JEM Document 1 Entered on FLSD Docket 10/16/2015 Page 1 of 25 UNITED STATES DISTRICT COURT SOUTHERN DISTRICT OF FLORIDA MIAMI DIVISION HUSHHUSH ENTERTAINMENT, INC., a California ) corporation d/b/a Hush Hush Entertainment, Hushpass.com ) and Interracialpass.com, ) ) Case No. Plaintiff, ) v. ) ) MINDGEEK USA, INC., a Delaware corporation, ) d/b/a PORNHUBPREMIUM.COM MINDGEEK USA, ) INC., a Delaware corporation, individually and doing ) business as MINDGEEK USA INC., a Delaware ) corporation, individually and d/b/a ) PORNHUBPREMIUM.COM; MG FREESITES, LTD, ) a Delaware corporation, individually and d/b/a ) PORNHUBPREMIUM.COM; MG BILLING US, a ) Delaware corporation, individually and d/b/a ) PORNHUBPREMIUM.COM; MG BILLING EU, ) a Delaware corporation, individually and d/b/a ) PORNHUBPREMIUM.COM; MG BILLING IRELAND, ) a Delaware corporation, individually and d/b/a ) PORNHUBPREMIUM.COM; LICENSING IP ) INTERNATIONAL S.A.R.L , a foreign corporation ) [DEMAND FOR JURY TRIAL] d/b/a PORNHUBPREMIUM.COM; FERAS ANTOON, ) an individual; and DOES 1- 50, ) ) Defendants. ) ________________________________________________) COMPLAINT FOR COPYRIGHT INFRINGEMENT, DAMAGES, AND INJUNCTIVE RELIEF Plaintiff HUSHHUSH ENTERTAINMENT, INC., a California corporation d/b/a Hush Hush Entertainment, Hushpass.com and Interracialpass.com, by and through its attorneys of record, hereby allege as follows: 1 Case 1:15-cv-23888-JEM Document 1 Entered on FLSD Docket 10/16/2015 Page 2 of 25 NATURE OF THE CASE 1. This is an action for violation of Plaintiff, HUSHHUSH ENTERTAINMENT’S intellectual property rights. HUSHHUSH ENTERTAINMENT owns certain adult entertainment content which has been properly registered with the United States Copyright Office.
  • Best VPN Services in 2017 (Speed, Cost & Usability Reviews)

    Best VPN Services in 2017 (Speed, Cost & Usability Reviews)

    10/8/2017 Best VPN Services in 2017 (Speed, Cost & Usability Reviews) Best VPN Services VPN Reviews & In-Depth Comparisons Brad Smith Sep 18, 2017 With the help of John & Andrey (https://thebestvpn.com/contact-us/), we’ve put together a list of best VPNs. We compared their download/upload speed, support, usability, cost, servers, countries and features. We also analyzed their TOS to see if they keep logs or not and whether they allow P2P and work with Netflix. here’s a link to the spreadsheet (https://docs.google.com/spreadsheets/d/11IZdVCBjVvbdaKx2HKz2hKB4F Z_l8nRJXXubX4FaQj4/) You want to start using a VPN, but don’t know which software/service to use? In this page, we’ve reviewed 30+ most popular VPN services (on going process). In order to find out which are best VPNs, we spent some time on research and speed testing: 1. Installed 30+ VPN software on our personal devices, such as Windows, Mac, Android and iOS and compared their usability. 2. Performed Download/Upload speed tests on speedtest.net to see which had best performing servers. 3. Double checked if they work with Netflix and allow P2P. 4. Read their TOS to verify if they keep logs or not. 5. Compared security (encryption and protocols). That means we’ve dug through a large number of privacy policies (on logging), checked their features, speed, customer support and usability. If you know a good VPN provider that is not listed here, please contact us and we’ll test it out as soon as possible. 5 Best VPNs for Online Privacy and Security Here are the top 5 VPN services of 2017 after our research, analysis, monitoring, testing, and verifying.
  • Universal Worker Service Pattern Version 1.0

    Universal Worker Service Pattern Version 1.0

    Universal Worker Service Specification I nternational V irtual O bservatory A lliance Universal Worker Service Pattern Version 1.0 IVOA Proposed Recommendation 2010-09-08 Working Group: http://www.ivoa.net/twiki/bin/view/IVOA/IvoaGridAndWebServices This version: http://www.ivoa.net/Documents/PR/GWS/PR-UWS-1.0-20100210.html Latest version: http://www.ivoa.net/Documents/UWS/ Previous version(s): Internal Working Draft v0.1, 2005-01-24 Internal Working Draft v0.2, 2006-05-11 Internal Working Draft v0.3, 2007-04-26 Internal Working Draft v0.4, 2008-05-10 Internal Working Draft v0.5, 2008-10-08 Internal Working Draft v0.9, 2009-10-08 Public Working Draft v1.0, 2009-08-27 Proposed Recommendation v1.0, 2009-09-09 Proposed Recommendation v1.0, 2010-02-10 Author(s): P. Harrison, G. Rixon Abstract The Universal Worker Service (UWS) pattern defines how to manage asynchronous execution of jobs on a service. Any application of the pattern defines a family of related services with a common service contract. Possible uses of the pattern are also described. - 1 - Universal Worker Service Specification Status of This Document This document is produced by the GWS-WG. The first release of this document was on 2005-01-24 within the working group. This is an IVOA Proposed Recommendation made available for public review. Comments on this document should be posted at the RFC page http://www.ivoa.net/cgi-bin/twiki/bin/view/IVOA/ UWSV1RFC or can be sent to the Grid and Web Services Working Group via [email protected].
  • THE ARMENIAN Ctator Volume LXXXVII, NO

    THE ARMENIAN Ctator Volume LXXXVII, NO

    MAY 27, 2017 Mirror-SpeTHE ARMENIAN ctator Volume LXXXVII, NO. 45, Issue 4489 $ 2.00 NEWS The First English Language Armenian Weekly in the United States Since 1932 INBRIEF Flights Launched DC Police Arrest Between Yerevan and Turkish Guards Tel Aviv YEREVAN (Public Radio of Armenia) — The For Attacking Armenia Aircompany carried the first passengers from Yerevan to Tel Aviv this week. Demonstrators The maiden flight was preceded by a presenta- tion at Zvartnots Airport. Attending the event were Sergey Avetisyan, chief Turkey Chides US Envoy of the General Department of Civil Aviation of Over Handling of Brawl at Armenia, Andranik Shkhyan, deputy general man- Washington Protest ager of Armenia International Airports and Robert Oganesyan, CEO of Armenia Aircompany, directors ISTANBUL (New York Times and of tourism agencies and others. Washington Post) — The Turkish Foreign Avetisyan emphasized the importance of Ministry summoned the American ambas- Yerevan-Tel Aviv flights and wished the Air sador in Ankara on Monday, May 22, to Company safe and effective flights. The Yerevan-Tel Aviv flights will run twice a week complain about the detention of two President Trump and First Lady Melania visited the Church of the Holy Sepulchre. Turkish security officers outside the on Thursdays and Sundays. Turkish Embassy in Washington the prior week, a Turkish official said. Trump Visits Church of the Holy Sepulchre in L.A. Chamber Cancels The detentions occurred about two Jerusalem, Meets Armenian Patriarch hours after Turkish government body- Turkey Business Forum guards were filmed assaulting several pro- JERUSALEM (Armenpress) — US President Donald Trump visited the Church After Protest Beating (RUDAW PHOTO) of the Holy Sepulchre in Jerusalem on Monday, May 15.
  • VPN Report 2020

    VPN Report 2020

    VPN Report 2020 www.av-comparatives.org Independent Tests of Anti-Virus Software VPN - Virtual Private Network 35 VPN services put to test LANGUAGE : ENGLISH LAST REVISION : 20 TH MAY 2020 WWW.AV-COMPARATIVES.ORG 1 VPN Report 2020 www.av-comparatives.org Contents Introduction 4 What is a VPN? 4 Why use a VPN? 4 Vague Privacy 5 Potential Risks 5 The Relevance of No-Logs Policies 6 Using VPNs to Spoof Geolocation 6 Test Procedure 7 Lab Setup 7 Test Methodology 7 Leak Test 7 Kill-Switch Test 8 Performance Test 8 Tested Products 9 Additional Product Information 10 Consolidations & Collaborations 10 Supported Protocols 11 Logging 12 Payment Information 14 Test Results 17 Leak & Kill-Switch Tests 17 Performance Test 19 Download speed 20 Upload speed 21 Latency 22 Performance Overview 24 Discussion 25 General Security Observations 25 Test Results 25 Logging & Privacy Policies 26 Further Recommendations 27 2 VPN Report 2020 www.av-comparatives.org Individual VPN Product Reviews 28 Avast SecureLine VPN 29 AVG Secure VPN 31 Avira Phantom VPN 33 Bitdefender VPN 35 BullGuard VPN 37 CyberGhost VPN 39 ExpressVPN 41 F-Secure Freedome 43 hide.me VPN 45 HMA VPN 47 Hotspot Shield 49 IPVanish 51 Ivacy 53 Kaspersky Secure Connection 55 McAfee Safe Connect 57 mySteganos Online Shield VPN 59 Norton Secure VPN 63 Panda Dome VPN 65 Private Internet Access 67 Private Tunnel 69 PrivateVPN 71 ProtonVPN 73 PureVPN 75 SaferVPN 77 StrongVPN 79 Surfshark 81 TorGuard 83 Trust.Zone VPN 85 TunnelBear 87 VPNSecure 89 VPN Unlimited 91 VyprVPN 93 Windscribe 95 ZenMate VPN 97 Copyright and Disclaimer 99 3 VPN Report 2020 www.av-comparatives.org Introduction The aim of this test is to compare VPN services for consumers in a real-world environment by assessing their security and privacy features, along with download speed, upload speed, and latency.
  • Technical and Legal Overview of the Tor Anonymity Network

    Technical and Legal Overview of the Tor Anonymity Network

    Emin Çalışkan, Tomáš Minárik, Anna-Maria Osula Technical and Legal Overview of the Tor Anonymity Network Tallinn 2015 This publication is a product of the NATO Cooperative Cyber Defence Centre of Excellence (the Centre). It does not necessarily reflect the policy or the opinion of the Centre or NATO. The Centre may not be held responsible for any loss or harm arising from the use of information contained in this publication and is not responsible for the content of the external sources, including external websites referenced in this publication. Digital or hard copies of this publication may be produced for internal use within NATO and for personal or educational use when for non- profit and non-commercial purpose, provided that copies bear a full citation. www.ccdcoe.org [email protected] 1 Technical and Legal Overview of the Tor Anonymity Network 1. Introduction .................................................................................................................................... 3 2. Tor and Internet Filtering Circumvention ....................................................................................... 4 2.1. Technical Methods .................................................................................................................. 4 2.1.1. Proxy ................................................................................................................................ 4 2.1.2. Tunnelling/Virtual Private Networks ............................................................................... 5
  • July 21, 2021 Ms. Lisa R. Barton Secretary to the Commission U.S

    July 21, 2021 Ms. Lisa R. Barton Secretary to the Commission U.S

    July 21, 2021 Ms. Lisa R. Barton Secretary to the Commission U.S. International Trade Commission 500 E Street SW Washington, D.C. 20436 Re: Investigation No. 332-585 Dear Ms. Barton: Pursuant to the notice issued by the U.S. International Trade Commission (ITC), the Computer & Communications Industry Association (CCIA) submits the following written comments in relation to Investigation No. 332-585: Foreign Censorship Part 1: Policies and Practices Affecting U.S. Businesses. These comments supplement the testimony delivered at the July 1, 2021 public hearing. Respectfully submitted, /s/ Rachael Stelly Rachael Stelly Policy Counsel Computer & Communications Industry Association 25 Massachusetts Avenue NW, Suite 300C Washington, DC 20001 [email protected] Office: (202) 534-3901 Before the Office of the United States International Trade Commission Washington, D.C. In re Foreign Censorship Part 1: Policies and Investigation No. 332-585 Practices Affecting U.S. Businesses WRITTEN COMMENTS OF THE COMPUTER & COMMUNICATIONS INDUSTRY ASSOCIATION (CCIA) Pursuant to the notice issued by the U.S. International Trade Commission (ITC), the Computer & Communications Industry Association (CCIA) submits the following written comments in relation to Investigation No. 332-585: Foreign Censorship Part 1: Policies and Practices Affecting U.S. Businesses.1 CCIA is an international, not-for-profit trade association representing a broad cross section of communications and technology firms. For nearly fifty years, CCIA has promoted open markets, open systems, and open networks. CCIA members employ more than 1.6 million workers, invest more than $100 billion in research and development, and contribute trillions of dollars in productivity to the global economy.2 CCIA welcomes the opportunity to document various regulations and policy frameworks that serve as market access barriers for Internet services.
  • Exploring Youporn Categories, Tags, and Nicknames for Pleasant Recommendations

    Exploring Youporn Categories, Tags, and Nicknames for Pleasant Recommendations

    Exploring YouPorn Categories, Tags, and Nicknames for Pleasant Recommendations Michael Schuhmacher, Cäcilia Zirn, Johanna Völker Data and Web Science Group Universität Mannheim, Germany {michael, caecilia, johanna}@informatik.uni-mannheim.de ABSTRACT clude them in our YP corpus: The unique video title, the average YouPorn is one of the largest providers of adult content on the rating and the ratings count, all categories and tags assigned, and web. Being free of charge, the video portal allows users - besides all comments including comment text, nickname, and date of com- watching - to upload, categorize and comment on pornographic menting. The corpus with all features listed is publicly available to videos. With this position paper, we point out the challenges of encourage further research by third parties.1 In the following, we analyzing the textual data offered with the videos. We report on describe the main aspects of the corpus data. first experiments and problems with our YouPorn dataset, which we extracted from the non-graphical content of the YP website. To gain Video Categories and Tags: Any user can assign categories of a some insights, we performed association rule mining on the video fixed vocabulary to a video. The categories are used for the web- categories and tags, and investigated preferences of users based on site’s main menu categorization. In addition, users can freely create their nickname. Hoping that future research will be able to build and assign tags which allows for more fine grained differentiations.2 upon our initial experiences, we make the ready-to-use YP dataset Of the 165,402 pages, around 50% of pages have at least one cate- publicly available.
  • The Second Digital Disruption: Streaming and the Dawn of Data- Driven Creativity

    The Second Digital Disruption: Streaming and the Dawn of Data- Driven Creativity

    41816-nyu_94-6 Sheet No. 88 Side A 12/10/2019 14:44:50 \\jciprod01\productn\N\NYU\94-6\NYU603.txt unknown Seq: 1 6-DEC-19 15:23 THE SECOND DIGITAL DISRUPTION: STREAMING AND THE DAWN OF DATA- DRIVEN CREATIVITY KAL RAUSTIALA† & CHRISTOPHER JON SPRIGMAN‡ This Article explores how the explosive growth of online streaming is transforming the market for creative content. Two decades ago, the popularization of the internet led to what we refer to here as the first digital disruption: Napster, file-sharing, and the re-ordering of numerous content industries, from music to film to news. The advent of mass streaming has led us to a second digital disruption, one driven by the ability of streaming platforms to harvest massive amounts of data about con- sumer preferences and consumption patterns. Coupled to powerful computing, the data that firms like Netflix, Spotify, and Apple collect allows those firms to know what consumers want in incredible detail. This knowledge has long shaped adver- tising; now it is beginning to shape the content streaming firms purchase or even produce, a phenomenon we call “data-driven creativity.” This Article explores these phenomena across a range of firms and content industries. In particular, we take a close look at the firm that is perhaps farthest along in its use of data-driven crea- tivity. We show how MindGeek, the little-known parent company of Pornhub and a leader in the market for adult entertainment, has leveraged streaming data not only to organize and suggest content to consumers but even to shape creative deci- sions.