DOCSLIB.ORG

Analysis of Multilayer-Encryption Anonymity Networks

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

ANALYSIS OF MULTILAYER-ENCRYPTION ANONYMITY NETWORKS by Khalid Shahbar Submitted in partial fulfillment of the requirements for the degree of Doctor of Philosophy at Dalhousie University Halifax, Nova Scotia October 2017 c Copyright by Khalid Shahbar, 2017 It is my genuine gratefulness that I dedicate my thesis to the greatest mother, my mother. You are the reason I reach this stage. Your support started a long time before even when you taught me the alphabetic letters. To my father, who passed away before I started my PhD., I wish to share this moment with you. ii Table of Contents List of Tables ................................... ix List of Figures .................................. xi Abstract ...................................... xii List of Abbreviations Used .......................... xiii Acknowledgements ............................... xvi Chapter 1 Introduction .......................... 1 1.1 Research Objectives . 3 1.2 Contributions . 6 1.3 Structure . 6 Chapter 2 Overview of Multilayer-encryption Anonymity Networks 8 2.1 Tor Network . 9 2.2 JonDonym Network . 10 2.3 I2P Network . 13 2.4 Summary . 14 Chapter 3 Related Literature ....................... 16 3.1 Measuring Anonymity . 16 3.2 Identifying Anonymity Networks by Discovering Infrastructure . 18 3.3 Identifying Application on Top of Anonymity Networks . 20 3.4 Discovering Hidden Services . 23 3.5 Packet Inspection . 26 3.6 First N-Packets for Traffic Classification . 27 3.7 Summary . 28 iii Chapter 4 Weighted Factors for Measuring Anonymity Services . 30 4.1 Proposed Factors . 32 4.1.1 The Level of Information Available for the Service Provider . 32 4.1.2 Blocking Anonymity and Obfuscation Options . 35 4.1.3 Application and Anonymity . 39 4.1.4 Authority and Logs . 41 4.1.5 Threat Models . 43 4.2 Evaluation . 45 4.2.1 Factor Calculation . 45 4.2.2 Weight Calculation . 46 4.2.3 Weighted Anonymity Factor . 47 4.2.4 Evaluation Case Study . 48 4.2.5 Expanding the Quantification . 50 4.3 Summary . 51 Chapter 5 Anon17: Network Traffic Dataset of Anonymity Services 52 5.1 Data Collection and Traffic Types . 53 5.1.1 Tor Data . 53 5.1.2 TorApp . 53 5.1.3 Tor PT . 54 5.1.4 I2PApp80BW . 54 5.1.5 I2PApp0BW . 54 5.1.6 I2PUsers . 54 5.1.7 I2PApp . 55 5.1.8 JonDonym . 55 5.2 Dataset Features and Format . 55 5.3 Summary . 57 Chapter 6 Research Methodology ................... 58 6.1 Data Collections . 58 6.2 Machine Learning Algorithms . 59 6.2.1 C4.5 . 59 6.2.2 Random Forests . 61 6.2.3 Naive Bayes . 61 6.2.4 Bayesian Network . 63 6.3 Flow Exporters . 64 6.4 Summary . 66 iv Chapter 7 Experiments on the Identification of Anonymity Net- works ............................... 67 7.1 Tor Behaviour to Circuits and Flows Analysis . 67 7.1.1 Cells in the Tor Network . 68 7.1.2 Circuit Level Classification . 70 7.1.2.1 Cells Per Circuit Life Time . 72 7.1.2.2 Uplink Cells . 72 7.1.2.3 The Ratio of the Downlink Cells to the Uplink Cells 72 7.1.2.4 Exponentially Weighted Moving Average (EWMA) . 73 7.1.3 Flow Level Classification . 73 7.1.4 Evaluation of Circuit and Flow Level Approaches . 75 7.1.4.1 Setup . 75 7.1.4.2 Circuit Level Classification Data . 76 7.1.4.3 Flow Level Classification Data . 76 7.1.5 Performance Metrics . 76 7.1.6 Results and Discussion . 77 7.1.6.1 Circuit Level Classification Results . 77 7.1.6.2 Flow Level Classification Results . 78 7.1.6.3 The Performances of the Classifiers Employed . 80 7.2 The Effects of Shared Bandwidth on I2P Tunnels . 83 7.2.1 Data Collection and Setup . 84 7.2.1.1 Browsing . 84 7.2.1.2 Instant Relay Chat . 85 7.2.1.3 Downloading Files Using Torrent (I2PSnark) . 85 7.2.2 Data Analysis . 85 7.2.2.1 Tunnel-Based Data Analysis . 85 7.2.2.2 Applications and User-Based Data Analysis . 86 7.2.3 Clustering Tunnels Using SOM . 89 7.2.4 Discussion . 91 7.3 Summary . 92 Chapter 8 Traffic Flow Analysis of Obfuscated Traffic ....... 94 8.1 Tor Pluggable Transports . 94 8.1.1 Data Collection . 94 8.1.1.1 Obfs3 Traffic . 95 8.1.1.2 FTE Traffic . 96 8.1.1.3 Scramblesuit Traffic . 96 8.1.1.4 Meek Traffic . 96 8.1.1.5 Flashproxy Traffic . 96 8.1.1.6 Other Traffic . 97 8.1.2 Pluggable Transport Flow Analysis . 97 v 8.1.2.1 Split and Cross-Validation Analysis . 97 8.1.2.2 Reduced Number of Features . 99 8.1.2.3 Binary Classification . 100 8.1.3 Discussion . 101 8.2 JonDonym Traffic Forwarding . 103 8.2.1 JonDonym Flow Behaviour . 103 8.2.2 TCP/IP and Skype Forwarding . 104 8.3 Summary . 105 Chapter 9 Packet Momentum ...................... 107 9.1 Packet Behaviour in Anonymity Networks . 108 9.2 Proposed Features . 109 9.2.1 Maximum Packet Size . 111 9.2.2 Frequency of Maximum Packet Size . 112 9.2.3 Second Maximum Packet Size . 112 9.2.4 Second Maximum Packet Size Frequency . 112 9.2.5 Packet Sequence . 112 9.2.6 Sequence Speed . 115 9.2.7 Packet Momentum . 115 9.3 Traffic Analysis Using Packet Momentum . 117 9.3.1 Anonymity Network Identifications . 120 9.3.2 Identification of Applications and Anonymity Networks . 120 9.4 Packet Momentum Validation . 121 9.4.1 Number of Packets . 121 9.4.2 Number of Features . 123 9.5 Performance Under Different Classifiers . 124 9.6 Summary . 126 Chapter 10 Conclusion ............................ 127 10.1 Dataset . 127 10.2 Anonymity Measurement . 127 10.3 Machine Learning Algorithms . 128 10.4 Traffic Flow Analysis of Anonymity Networks . 129 10.5 Efficiency and Accuracy Using Packet Momentum . 129 vi 10.6 Future Work . 130 Bibliography ................................... 131 Appendices .................................... 140 Appendix A Calculation of the Features on Packet Momentum ... 141 A.1 Calculation of Packet Sequence . 141 A.2 Calculation of Sequence Speed . 142 A.3 Calculation of Packet Momentum . 142 Appendix B Packet Momentum Pseudo code .............. 145 vii List of Tables Table 4.1 Default browser settings for anonymity services. 41 Table 4.2 Proposed anonymity factors. 46 Table 4.3 Calculating the weights. 46 Table 4.4 Final weights of the factors. 47 Table 4.5 Evaluated factors for users (A), (B) and (C). 48 Table 5.1 The number of traffic flows in each data set. 55 Table 5.2 Anon17 data set features. 56 Table 7.1 Flow exporter attributes. 74 Table 7.2 Circuit level classification results. 78 Table 7.3 Flow level classification results - uniform classes. 79 Table 7.4 Flow level classification results - downsampled classes. 80 Table 7.5 Methods used to achieve the best accuracy. 81 Table 7.6 Binary classifier on the tunnels. ..
Recommended publications
  • Cryptography

    Cryptography

    Pattern Recognition and Applications Lab CRYPTOGRAPHY Giorgio Giacinto [email protected] University of Cagliari, Italy Spring Semester 2019-2020 Department of Electrical and Electronic Engineering Cryptography and Security • Used to hide the content of a message • Goals – Confidentiality – Authenticity – Integrity • The text is modified by an encryption function – An interceptor should not be able to understand all or part of the message content http://pralab.diee.unica.it 2 Encryption/Decryption Process Key Key (Optional) (Optional) Original Plaintext Encryption Ciphertext Decryption Plaintext http://pralab.diee.unica.it 3 Keys and Locks http://pralab.diee.unica.it 4 Keys L F A Y B D E T C A R C S E E T Y H G S O U S U D H R D F C E I D B T E M E P Q X N R C I D S F T U A E T C A U R M F N P E C J N A C R D B E M K C I O P F B E W U X I Y M C R E P F N O G I D C N T M http://pralab.diee.unica.it 5 Keys L F A Y B D E T C A R C S E E T Y H G S O U S U D H R D F C E I D B T E M E P Q X N R C I D S F T U A E T C A U R M F N P E C J N A C R D B E M K C I O P F B E W U X I Y M C R E P F N O G I D C N T M http://pralab.diee.unica.it 6 Steganography - = http://pralab.diee.unica.it https://towardsdatascience.com/steganography-hiding-an-image-inside-another-77ca66b2acb1 7 Definitions • Cryptography algorithm C = E(K,M) A function E with two inputs – a message M – a key K that outputs – the encrypted message C The algorithm is based on a shared secret between the sender and the receiver K The Encryption Key http://pralab.diee.unica.it 8 Symmetric
  • Poster: Introducing Massbrowser: a Censorship Circumvention System Run by the Masses

    Poster: Introducing Massbrowser: a Censorship Circumvention System Run by the Masses

    Poster: Introducing MassBrowser: A Censorship Circumvention System Run by the Masses Milad Nasr∗, Anonymous∗, and Amir Houmansadr University of Massachusetts Amherst fmilad,[email protected] ∗Equal contribution Abstract—We will present a new censorship circumvention sys- side the censorship regions, which relay the Internet traffic tem, currently being developed in our group. The new system of the censored users. This includes systems like Tor, VPNs, is called MassBrowser, and combines several techniques from Psiphon, etc. Unfortunately, such circumvention systems are state-of-the-art censorship studies to design a hard-to-block, easily blocked by the censors by enumerating their limited practical censorship circumvention system. MassBrowser is a set of proxy server IP addresses [14]. (2) Costly to operate: one-hop proxy system where the proxies are volunteer Internet To resist proxy blocking by the censors, recent circumven- users in the free world. The power of MassBrowser comes from tion systems have started to deploy the proxies on shared-IP the large number of volunteer proxies who frequently change platforms such as CDNs, App Engines, and Cloud Storage, their IP addresses as the volunteer users move to different a technique broadly referred to as domain fronting [3]. networks. To get a large number of volunteer proxies, we This mechanism, however, is prohibitively expensive [11] provide the volunteers the control over how their computers to operate for large scales of users. (3) Poor QoS: Proxy- are used by the censored users. Particularly, the volunteer based circumvention systems like Tor and it’s variants suffer users can decide what websites they will proxy for censored from low quality of service (e.g., high latencies and low users, and how much bandwidth they will allocate.
  • N2N: a Layer Two Peer-To-Peer VPN

    N2N: a Layer Two Peer-To-Peer VPN

    N2N: A Layer Two Peer-to-Peer VPN Luca Deri1, Richard Andrews2 ntop.org, Pisa, Italy1 Symstream Technologies, Melbourne, Australia2 {deri, andrews}@ntop.org Abstract. The Internet was originally designed as a flat data network delivering a multitude of protocols and services between equal peers. Currently, after an explosive growth fostered by enormous and heterogeneous economic interests, it has become a constrained network severely enforcing client-server communication where addressing plans, packet routing, security policies and users’ reachability are almost entirely managed and limited by access providers. From the user’s perspective, the Internet is not an open transport system, but rather a telephony-like communication medium for content consumption. This paper describes the design and implementation of a new type of peer-to- peer virtual private network that can allow users to overcome some of these limitations. N2N users can create and manage their own secure and geographically distributed overlay network without the need for central administration, typical of most virtual private network systems. Keywords: Virtual private network, peer-to-peer, network overlay. 1. Motivation and Scope of Work Irony pervades many pages of history, and computing history is no exception. Once personal computing had won the market battle against mainframe-based computing, the commercial evolution of the Internet in the nineties stepped the computing world back to a substantially rigid client-server scheme. While it is true that the today’s Internet serves as a good transport system for supplying a plethora of data interchange services, virtually all of them are delivered by a client-server model, whether they are centralised or distributed, pay-per-use or virtually free [1].
  • A Generic Data Exchange System for F2F Networks

    A Generic Data Exchange System for F2F Networks

    The Retroshare project The GXS system Decentralize your app! A Generic Data Exchange System for F2F Networks Cyril Soler C.Soler The GXS System 03 Feb. 2018 1 / 19 The Retroshare project The GXS system Decentralize your app! Outline I Overview of Retroshare I The GXS system I Decentralize your app! C.Soler The GXS System 03 Feb. 2018 2 / 19 The Retroshare project The GXS system Decentralize your app! The Retroshare Project I Mesh computers using signed TLS over TCP/UDP/Tor/I2P; I anonymous end-to-end encrypted FT with swarming; I mail, IRC chat, forums, channels; I available on Mac OS, Linux, Windows, (+ Android). C.Soler The GXS System 03 Feb. 2018 3 / 19 The Retroshare project The GXS system Decentralize your app! The Retroshare Project I Mesh computers using signed TLS over TCP/UDP/Tor/I2P; I anonymous end-to-end encrypted FT with swarming; I mail, IRC chat, forums, channels; I available on Mac OS, Linux, Windows. C.Soler The GXS System 03 Feb. 2018 3 / 19 The Retroshare project The GXS system Decentralize your app! The Retroshare Project I Mesh computers using signed TLS over TCP/UDP/Tor/I2P; I anonymous end-to-end encrypted FT with swarming; I mail, IRC chat, forums, channels; I available on Mac OS, Linux, Windows. C.Soler The GXS System 03 Feb. 2018 3 / 19 The Retroshare project The GXS system Decentralize your app! The Retroshare Project I Mesh computers using signed TLS over TCP/UDP/Tor/I2P; I anonymous end-to-end encrypted FT with swarming; I mail, IRC chat, forums, channels; I available on Mac OS, Linux, Windows.
  • Security & Savings with Virtual Private Networks

    Security & Savings with Virtual Private Networks

    Everybody’s connecting. Security & Savings with Virtual Private Networks In today’s New Economy, small businesses that might have dealt with just local or regional concerns now have to consider global markets and logistics. Many companies even have facilities spread across the country or throughout the world. At the same time security concerns of their network from hackers, Denial-of-Service (DoS) attacks and sending data over the Internet have become more widespread. Whether companies have a local, national, or global presence, they all need one thing: a way to maintain fast, secure, and reliable communications wherever their offices and workers are located. Until recently, such communications were only available by using leased telephone lines to maintain a Wide Area Network (WAN). Leased lines enabled companies to expand their private network beyond their immediate geographic area. Moreover, a WAN provided advantages over a public network like the Internet when it came to reliability, performance, and security. Unfortunately, leased lines are expensive to maintain, with costs rising as the distance between the offices increases. As the popularity of the Internet grew, businesses turned to it as a cost-effective way to extend their networks. The continuing popularity with the Internet has led to the evolution of Virtual Private Networks (VPNs). A VPN is a connection that allows private data to be sent securely over a shared or public network, such as the Internet. In fact, one of the driving forces behind VPNs is the Internet and its global presence. With VPNs, communication links between users and sites can be achieved quickly, inexpensively, and safely across the world.
  • Analysis of Recent Attacks on Ssl/Tls Protocols A

    Analysis of Recent Attacks on Ssl/Tls Protocols A

    ANALYSIS OF RECENT ATTACKS ON SSL/TLS PROTOCOLS A THESIS SUBMITTED TO THE GRADUATE SCHOOL OF APPLIED MATHEMATICS OF MIDDLE EAST TECHNICAL UNIVERSITY BY DUYGU OZDEN¨ IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE DEGREE OF MASTER OF SCIENCE IN CRYPTOGRAPHY SEPTEMBER 2016 Approval of the thesis: ANALYSIS OF RECENT ATTACKS ON SSL/TLS PROTOCOLS submitted by DUYGU OZDEN¨ in partial fulfillment of the requirements for the de- gree of Master of Science in Department of Cryptography, Middle East Technical University by, Prof. Dr. Bulent¨ Karasozen¨ Director, Graduate School of Applied Mathematics Prof. Dr. Ferruh Ozbudak¨ Head of Department, Cryptography Assoc. Prof. Dr. Murat Cenk Supervisor, Cryptography, METU Examining Committee Members: Assoc. Prof. Dr. Murat Cenk Cryptography, METU Assoc. Prof. Dr. Ali Doganaksoy˘ Mathematics, METU Asst. Prof. Dr. Fatih Sulak Mathematics, ATILIM UNIVERSITY Date: I hereby declare that all information in this document has been obtained and presented in accordance with academic rules and ethical conduct. I also declare that, as required by these rules and conduct, I have fully cited and referenced all material and results that are not original to this work. Name, Last Name: DUYGU OZDEN¨ Signature : v vi ABSTRACT ANALYSIS OF RECENT ATTACKS ON SSL/TLS PROTOCOLS Ozden,¨ Duygu M.S., Department of Cryptography Supervisor : Assoc. Prof. Dr. Murat Cenk September 2016, 46 pages Transport Layer Security(TLS) and its predecessor Secure Socket Layer(SSL) are two important cryptographic, certificate based protocols that satisfy secure communication in a network channel. They are widely used in many areas such as online banking systems, online shopping, e-mailing, military systems or governmental systems.
  • Cryptographic Control Standard, Version

    Cryptographic Control Standard, Version

    Nuclear Regulatory Commission Office of the Chief Information Officer Computer Security Standard Office Instruction: OCIO-CS-STD-2009 Office Instruction Title: Cryptographic Control Standard Revision Number: 2.0 Issuance: Date of last signature below Effective Date: October 1, 2017 Primary Contacts: Kathy Lyons-Burke, Senior Level Advisor for Information Security Responsible Organization: OCIO Summary of Changes: OCIO-CS-STD-2009, “Cryptographic Control Standard,” provides the minimum security requirements that must be applied to the Nuclear Regulatory Commission (NRC) systems which utilize cryptographic algorithms, protocols, and cryptographic modules to provide secure communication services. This update is based on the latest versions of the National Institute of Standards and Technology (NIST) Guidance and Federal Information Processing Standards (FIPS) publications, Committee on National Security System (CNSS) issuances, and National Security Agency (NSA) requirements. Training: Upon request ADAMS Accession No.: ML17024A095 Approvals Primary Office Owner Office of the Chief Information Officer Signature Date Enterprise Security Kathy Lyons-Burke 09/26/17 Architecture Working Group Chair CIO David Nelson /RA/ 09/26/17 CISO Jonathan Feibus 09/26/17 OCIO-CS-STD-2009 Page i TABLE OF CONTENTS 1 PURPOSE ............................................................................................................................. 1 2 INTRODUCTION ..................................................................................................................
  • Threat Modeling and Circumvention of Internet Censorship by David Fifield

    Threat Modeling and Circumvention of Internet Censorship by David Fifield

    Threat modeling and circumvention of Internet censorship By David Fifield A dissertation submitted in partial satisfaction of the requirements for the degree of Doctor of Philosophy in Computer Science in the Graduate Division of the University of California, Berkeley Committee in charge: Professor J.D. Tygar, Chair Professor Deirdre Mulligan Professor Vern Paxson Fall 2017 1 Abstract Threat modeling and circumvention of Internet censorship by David Fifield Doctor of Philosophy in Computer Science University of California, Berkeley Professor J.D. Tygar, Chair Research on Internet censorship is hampered by poor models of censor behavior. Censor models guide the development of circumvention systems, so it is important to get them right. A censor model should be understood not just as a set of capabilities|such as the ability to monitor network traffic—but as a set of priorities constrained by resource limitations. My research addresses the twin themes of modeling and circumvention. With a grounding in empirical research, I build up an abstract model of the circumvention problem and examine how to adapt it to concrete censorship challenges. I describe the results of experiments on censors that probe their strengths and weaknesses; specifically, on the subject of active probing to discover proxy servers, and on delays in their reaction to changes in circumvention. I present two circumvention designs: domain fronting, which derives its resistance to blocking from the censor's reluctance to block other useful services; and Snowflake, based on quickly changing peer-to-peer proxy servers. I hope to change the perception that the circumvention problem is a cat-and-mouse game that affords only incremental and temporary advancements.
  • Zeronet Presentation

    Zeronet Presentation

    ZeroNet Decentralized web platform using Bitcoin cryptography and BitTorrent network. ABOUT ZERONET Why? Current features We believe in open, free, and ◦ Real-time updated sites uncensored network and communication. ◦ Namecoin .bit domain support ◦ No hosting costs ◦ Multi-user sites Sites are served by visitors. ◦ Password less, Bitcoin's BIP32- ◦ Impossible to shut down based authorization It's nowhere because it's ◦ Built-in SQL server with P2P data everywhere. synchronization ◦ No single point of failure ◦ Tor network support Site remains online so long as at least 1 peer serving it. ◦ Works in any browser/OS ◦ Fast and works offline You can access the site even if your internet is unavailable. HOW DOES IT WORK? THE BASICS OF ASYMMETRIC CRYPTOGRAPHY When you create a new site you get two keys: Private key Public key 5JNiiGspzqt8sC8FM54FMr53U9XvLVh8Waz6YYDK69gG6hso9xu 16YsjZK9nweXyy3vNQQPKT8tfjCNjEX9JM ◦ Only you have it ◦ This is your site address ◦ Allows you to sign new content for ◦ Using this anyone can verify if the your site. file is created by the site owner. ◦ No central registry ◦ Every downloaded file is verified, It never leaves your computer. makes it safe from malicious code inserts or any modifications. ◦ Impossible to modify your site without it. MORE INFO ABOUT CRYPTOGRAPHY OF ZERONET ◦ ZeroNet uses the same elliptic curve based encryption as in your Bitcoin wallet. ◦ You can accept payments directly to your site address. ◦ Using the current fastest supercomputer, it would take around 1 billion years to "hack" a private key. WHAT HAPPENS WHEN YOU VISIT A ZERONET SITE? WHAT HAPPENS WHEN YOU VISIT A ZERONET SITE? (1/2) 1 Gathering visitors IP addresses: Please send some IP addresses for site 1EU1tbG9oC1A8jz2ouVwGZyQ5asrNsE4Vr OK, Here are some: 12.34.56.78:13433, 42.42.42.42:13411, ..
  • Recognition and Investigation of Listening in Anonymous Communication Systems 1 K

    Recognition and Investigation of Listening in Anonymous Communication Systems 1 K

    AEGAEUM JOURNAL ISSN NO: 0776-3808 Recognition and investigation of listening in anonymous communication systems 1 K. Balasubramanian, 2 Dr. S. Kannan, 3 S. Sharmila 1Associate Professor, Department of CSE, E.G.S Pillay Engineering College, Nagapattinam, Tamil Nadu, India. Email: [email protected] 2, Professor, Department of CSE, E.G.S Pillay Engineering College, Nagapattinam, Tamil Nadu, India. 3, P.G Student, Department of CSE, E.G.S Pillay Engineering College, Nagapattinam, Tamil Nadu, India. Abstract components through which client activity is steered can Mysterious correspondence systems similar to listen in and get delicate information, for example, user Tor, mostly secure the secrecy of client activity by verification qualifications. This circumstance can scrambling all interchanges inside the overlay system. conceivably decline when clients utilize intermediary based frameworks to get to similar administrations However, when the transferred activity achieves the without utilizing end-to-end encryption, as the quantity limits of the system, toward its end, the first client of hosts or hubs that can listen stealthily on their activity is definitely presented to the last node on the movement increments. Different open and private path. Accordingly, users sending sensitive information, systems may square access to interpersonal interaction similar to verification accreditations, over such and other prominent online administrations for systems, risk having their information between different reasons. Under these conditions, users accepted and uncovered, unless end-to-end encryption regularly depend on utilizing disseminated proxying frameworks to prevent their activity from being is utilized. Listening can be performed by malicious or filtered. They fall back on such mechanisms so as to compromised relay nodes, and additionally any rebel evade system activity filtering in light of source, goal, arrange substance on the way toward the actual end.
  • BRKSEC-2011.Pdf

    BRKSEC-2011.Pdf

    #CLUS About Garlic and Onions A little journey… Tobias Mayer, Technical Solutions Architect BRKSEC-2011 #CLUS Me… CCIE Security #14390, CISSP & Motorboat driving license… Working in Content Security & TLS Security tmayer{at}cisco.com Writing stuff at “blogs.cisco.com” #CLUS BRKSEC-2011 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 3 Agenda • Why anonymization? • Using Tor (Onion Routing) • How Tor works • Introduction to Onion Routing • Obfuscation within Tor • Domain Fronting • Detect Tor • I2P – Invisible Internet Project • Introduction to Garlic Routing • Conclusion #CLUS BRKSEC-2011 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 4 Cisco Webex Teams Questions? Use Cisco Webex Teams (formerly Cisco Spark) to chat with the speaker after the session How 1 Find this session in the Cisco Events App 2 Click “Join the Discussion” 3 Install Webex Teams or go directly to the team space 4 Enter messages/questions in the team space Webex Teams will be moderated cs.co/ciscolivebot#BRKSEC-2011 by the speaker until June 18, 2018. #CLUS © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 5 Different Intentions Hide me from Government! Hide me from ISP! Hide me from tracking! Bypass Corporate Bypass Country Access Hidden policies restrictions (Videos…) Services #CLUS BRKSEC-2011 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 6 Browser Identity Tracking does not require a “Name” Tracking is done by examining parameters your browser reveals https://panopticlick.eff.org #CLUS BRKSEC-2011 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 7 Proxies EPIC Browser #CLUS BRKSEC-2011 © 2018 Cisco and/or its affiliates.
  • People's Tech Movement to Kick Big Tech out of Africa Could Form a Critical Part of the Global Protests Against the Enduring Legacy of Racism and Colonialism

    People's Tech Movement to Kick Big Tech out of Africa Could Form a Critical Part of the Global Protests Against the Enduring Legacy of Racism and Colonialism

    CONTENTS Acronyms ................................................................................................................................................ 1 1 Introduction: The Rise of Digital Colonialism and Surveillance Capitalism ..................... 2 2 Threat Modeling .......................................................................................................................... 8 3 The Basics of Information Security and Software ............................................................... 10 4 Mobile Phones: Talking and Texting ...................................................................................... 14 5 Web Browsing ............................................................................................................................ 18 6 Searching the Web .................................................................................................................... 23 7 Sharing Data Safely ................................................................................................................... 25 8 Email Encryption ....................................................................................................................... 28 9 Video Chat ................................................................................................................................... 31 10 Online Document Collaboration ............................................................................................ 34 11 Protecting Your Data ................................................................................................................