pluggable transport work
play

Pluggable transport work Flashproxy can do IPv6. Upcoming - PowerPoint PPT Presentation

Sep 01, 2022 •530 likes •1.02k views

Pluggable transport work Flashproxy can do IPv6. Upcoming Flashproxy Tor Browser Bundle (TBB) Windows package Obfsproxy packages: debs and bridge-side docs (and obfsproxy in our ec2 images) Client-side Obfsproxy TBBs New

  1. Pluggable transport work ● Flashproxy can do IPv6. – Upcoming Flashproxy Tor Browser Bundle (TBB) Windows package ● Obfsproxy packages: – debs and bridge-side docs – (and obfsproxy in our ec2 images) – Client-side Obfsproxy TBBs ● New library: pyptlib, obfs3 spec 1

  2. https://bridges.torproject.org/ 2

  3. Performance/simulations ● Shadow bugfixes (see Storm talk) ● We have a µ TP-based transport branch (we're debugging it) ● New “channel” and “circuit mux” abstractions in the Tor code ● Found a design flaw in n23: it lacks stream flow control 3

  4. Recent Tor design proposals ● 202: Tagging resistance ● 205: Remove global DNS cache on client ● 206: Ship with more directory mirrors ● 207: Directory guards ● 208: Exiting to IPv6 destinations ● 216: ntor (a new circuit handshake) ● 217: Extended ORPort authentication 4

  5. New Tor research papers ● “Changing of the Guards” (WPES 2012) ● “Torchestra” (WPES 2012) ● “CensorSpoofer” (CCS 2012) ● “Real-time Traffic Classification” (CCS 2012) 5

  6. Looking forward to Year 3 ● VoIP: – Push-to-talk VoIP-alike over TCP – Skype itself over TCP ● Simulated Tor networks: – What is realistic traffic load? – Automated regression test harness – TestingTorNetwork config changes 6

  7. Looking forward to Year 3 ● Performance: – Alternate scheduling algorithms – Throttling at guards – Drop slow relays – Redesign n23, do new experiments – Have a working μ TP-based transport 7

  8. Looking forward to Year 3 ● Layered pluggable transports – Combine obfsproxy + chopper + flashproxy ● Want to get a UDP pluggable transport going 8

  9. 9

  10. 10

  11. 11

  12. 12

  13. 13

  14. 14

  15. 15

  16. 16

  17. 17

  18. 18

  19. 19

  20. 20

  21. 21

  22. 22

  23. 23

  24. 24

  25. 25

  26. 26

  27. Today's plan ● 0) Crash course on Tor ● 1) Recent censorship ● 2) Pluggable transport work ● 3) Simulations / Performance ● 4) Attacks on low-latency anonymity 27

  28. Operational attacks ● You need to use https – correctly. ● Don't use Flash. ● Who runs the relays? ● What local traces does Tor leave on the system? ● ...Different talks. 28

  29. Traffic confirmation (1) ● If you can see the flow into Tor and the flow out of Tor, simple math lets you correlate them. ● “Passive Attack Analysis for Connection-Based Anonymity”, 2003 ● Window-based analysis (2004) 29

  30. Countermeasures? ● Defensive dropping (2004)? Adaptive padding (2006)? ● Traffic morphing (2009), Johnson (2010) ● Tagging attack, traffic watermarking 30

  31. Traffic confirmation (2) ● Feamster's AS-level attack (2004), Edman's followup (2009), Murdoch's sampled traffic analysis attack (2007). ● Mid-latency systems (e.g. alpha-mixing, 2006) a solution? ● Drac (2010) for VoIP 31

  32. Traffic confirmation (3) ● How about adding padding? – Really expensive – Need to send consistently, even when offline – Webserver needs to pad too – And even then, active attacks ● How about caching at exits? 32

  33. Congestion attacks (1) ● Murdoch-Danezis attack (2005) sent constant traffic through every relay, and when Alice made her connection, looked for a traffic bump in three relays. ● Couldn't identify Alice – just the relays she picked. 33

  34. Congestion attacks (2) ● Hopper et al (2007) extended this to (maybe) locate Alice based on latency. ● Chakravarty et al (2008) extended this to (maybe) locate Alice via bandwidth tests. ● Evans et al (2009) showed the original attack doesn't work anymore (too many relays, too much noise) – but “infinite length circuit” makes it work again? 34

  35. Congestion attacks (3) ● Packet-spinning (2008) just used the congestion attack to knock out all the honest relays. 35

  36. Throughput fingerprinting ● Mittal et al, CCS 2011 ● Build a test path through the network. See if you picked the same bottleneck node as Alice picked. 36

  37. Anonymity / load balancing ● Give more load to fast relays, but less anonymity ● Client-side network observations, like circuit-build-timeout or congestion- aware path selection 37

  38. Bandwidth measurement ● Bauer et al (WPES 2009) ● Clients used the bandwidth as reported by the relay ● So you could sign up tiny relays, claim huge bandwidth, and get lots of traffic ● Fix is active measurement. (Centralized vs distributed?) 38

  39. Tor gives three anonymity properties ● #1 : A local network attacker can't learn, or influence, your destination. ● #2 : No single router can link you to your destination. ● #3 : The destination, or somebody watching it, can't learn your location. 39

  40. Tor's safety comes from diversity ● #1: Diversity of relays. The more relays we have and the more diverse they, the fewer attackers are in a position to do traffic confirmation. ● #2: Diversity of users and reasons to use it. 60000 users in Iran means almost all of them are normal citizens. 40

  41. Long-term passive attacks ● Matt Wright's predecessor attack ● Overlier and Syverson, Oakland 2006 ● The more circuits you make, the more likely one of them is bad ● The fix: guard relays ● But: guard churn so old guards don't accrue too many users 41

  42. Website fingerprinting ● If you can see an SSL-encrypted link, you can guess what web page is inside it based on size. ● Does this attack work on Tor? Open- world vs closed-world analysis. ● Considering multiple pages (e.g. via hidden Markov models) would probably make the attack even more effective. 42

  43. Denial of service as denial of anonymity ● Borisov et al, CCS 2007 ● If you can't win against a circuit, kill it and see if you win the next one ● Guard relays also a good answer here. 43

  44. Epistemic attacks on route selection ● Danezis/Syverson (PET 2008) ● If the list of relays gets big enough, we'd be tempted to give people random subsets of the relay list ● But, partitioning attacks ● Anonymous lookup? DHT? PIR? 44

  45. Profiling at exit relays ● Tor reuses the same circuit for 10 minutes before rotating to a new one. ● (It used to be 30 seconds, but that put too much CPU load on the relays.) ● If one of your connections identifies you, then the rest lose too. ● What's the right algorithm for allocating connections to circuits safely? 45

  46. Declining to extend ● Tor's directory system prevents an attacker from spoofing the whole Tor network. ● But your first hop can still say “sorry, that relay isn't up. Try again.” ● Or your local network can restrict connections so you only reach relays they like. 46

  47. Attacks on Tor ● Pretty much any Tor bug seems to turn into an anonymity attack. ● Many of the hard research problems are attacks against all low-latency anonymity systems. Tor is still the best that we know of – other than not communicating. ● People find things because of the openness and thoroughness of our design, spec, and code. We'd love to hear from you. 47

Recommend

Pluggable type systems reconsidered ISSTA 2018 Impact Paper Award for Practical Pluggable

Pluggable type systems reconsidered ISSTA 2018 Impact Paper Award for Practical Pluggable

Pluggable type systems reconsidered ISSTA 2018 Impact Paper Award for Practical Pluggable Types for Java Michael D. Ernst University of Washington https://checkerframework.org/ Optional Type Checking int x = "hello world";

628 views • 60 slides
Preventing bugs with pluggable type checking Michael Ernst University of Washington Joint work with

Preventing bugs with pluggable type checking Michael Ernst University of Washington Joint work with

print( @Readonly Object x) { List< @NonNull String> lst; } Preventing bugs with pluggable type checking Michael Ernst University of Washington Joint work with Mahmood Ali and Matthew Papi Motivation java.lang.NullPointerException

561 views • 30 slides
Building and Using Pluggable Type-Checkers Werner M. Dietl Joint work with: Stephanie Dietzel,

Building and Using Pluggable Type-Checkers Werner M. Dietl Joint work with: Stephanie Dietzel,

Building and Using Pluggable Type-Checkers Werner M. Dietl Joint work with: Stephanie Dietzel, Michael D. Ernst, Kvan Mulu, and Todd W. Schiller 1 Software still has errors 2 Static type systems 0 errors, Crashes 0 warnings Source

624 views • 29 slides
Pluggable SAT-Solvers for SMT-Solvers Bas Schaafsma DISI, University of Trento & Fondazione

Pluggable SAT-Solvers for SMT-Solvers Bas Schaafsma DISI, University of Trento & Fondazione

Introduction The DPLL and DPLL( T ) algorithms Architecture & Implementation Experimental Evaluation Demo Conclusion & Future Work Pluggable SAT-Solvers for SMT-Solvers Bas Schaafsma DISI, University of Trento & Fondazione Bruno

516 views • 28 slides
PROPOSAL For a Modular, Pluggable 802.11 MAC Model To Facilitate Experimentation and

PROPOSAL For a Modular, Pluggable 802.11 MAC Model To Facilitate Experimentation and

PROPOSAL For a Modular, Pluggable 802.11 MAC Model To Facilitate Experimentation and Contributions IBM Research - Zurich, Switzerland September 3-4, 2015 Andras Varga 1 IEEE 802.11 Model Goals 1. Full-featured, validated model

558 views • 23 slides
Whats new in Sudo 1.8? Pluggable modules for Sudo

Whats new in Sudo 1.8? Pluggable modules for Sudo

Whats new in Sudo 1.8? Pluggable modules for Sudo Introduc=on to Sudo Sudo allows a system administrator to give users the ability

439 views • 24 slides
1 Transport Layer Transport Layer Outline Message, Segment, Datagram Transport-layer

1 Transport Layer Transport Layer Outline Message, Segment, Datagram Transport-layer

Transport Layer Transport Layer Chapter 3: Transport Layer Mobile network Our goals: Global ISP understand principles learn about transport Chapter 3 behind transport layer protocols in the Transport Layer Internet: layer

678 views • 5 slides
Public-key cryptography in Tor and pluggable transports Tanja Lange Technische Universiteit

Public-key cryptography in Tor and pluggable transports Tanja Lange Technische Universiteit

Public-key cryptography in Tor and pluggable transports Tanja Lange Technische Universiteit Eindhoven 09 June 2016 1 / 17 Tor Attend Rogers talk on Friday. 2 / 17 Motivation Network Sender Receiver Eavesdropper

327 views • 21 slides
Investigating Safety of a Radiotherapy Machine Using System Models with Pluggable Checkers

Investigating Safety of a Radiotherapy Machine Using System Models with Pluggable Checkers

Investigating Safety of a Radiotherapy Machine Using System Models with Pluggable Checkers Combining Formal Models with Concrete Evidence Stuart Pernsteiner, Calvin Loncaric, Emina T orlak, Zachary T atlock, Xi Wang, Michael D. Ernst, and

258 views • 23 slides
Transport through chaotic cavities: RMT reproduced from semiclassics P.B., joint work with

Transport through chaotic cavities: RMT reproduced from semiclassics P.B., joint work with

Transport through chaotic cavities: RMT reproduced from semiclassics P.B., joint work with Stefan Heusler, Sebastian Mller and Fritz Haake Universitt Duisburg-Essen channels N 2 Transport problem chaotic cavity N N 1 N 2

385 views • 23 slides
Pluggable DWDM: Considerations For Campus and Metro DCI Applications Xiang Zhou and Hong Liu

Pluggable DWDM: Considerations For Campus and Metro DCI Applications Xiang Zhou and Hong Liu

Pluggable DWDM: Considerations For Campus and Metro DCI Applications Xiang Zhou and Hong Liu Pla0orm Datacenter Op9cs With input from Vijay, Tad and Vinayak from NetArch group ECOC 2016 WS 3 Short range optical transmission for emerging 5G, DCI

270 views • 13 slides
Preventing errors before they happen: Lightweight verification via pluggable type-checking

Preventing errors before they happen: Lightweight verification via pluggable type-checking

print( @Readonly Object x) { List< @NonNull String> lst; } Preventing errors before they happen: Lightweight verification via pluggable type-checking Michael D. Ernst University of Washington (Seattle, WA, USA) University of Buenos

600 views • 48 slides
A Pluggable Framework for Composable HPC Scheduling Libraries Max Grossman 1 , Vivek Kumar 2 ,

A Pluggable Framework for Composable HPC Scheduling Libraries Max Grossman 1 , Vivek Kumar 2 ,

A Pluggable Framework for Composable HPC Scheduling Libraries Max Grossman 1 , Vivek Kumar 2 , Nick Vrvilo 1 , Zoran Budimlic 1 , Vivek Sarkar 1 1 Habanero Extreme Scale So=ware Research Group, Rice University 2 IIIT-Delhi AsHES 2017 - May 29 2017

596 views • 36 slides
Using CORBA Asynchronous Messaging, Pluggable Protocols and the Real-Time Event Service in a

Using CORBA Asynchronous Messaging, Pluggable Protocols and the Real-Time Event Service in a

Using CORBA Asynchronous Messaging, Pluggable Protocols and the Real-Time Event Service in a Real-Time Embedded System Bruce Trask Contact Systems 50 Miry Brook Rd Danbury, CT 06810 btrask@contactsystems.com mature one that is currently

309 views • 9 slides
Roadmap Applicat ion Layer (User level) 16: Applicat ion, Transport , Transport Layer

Roadmap Applicat ion Layer (User level) 16: Applicat ion, Transport , Transport Layer

Roadmap Applicat ion Layer (User level) 16: Applicat ion, Transport , Transport Layer (OS) Net work and Link Layers Net work Layer (OS) Link Layer (Device Driver, Adapt er Card) Last Modif ied: 7/ 3/ 2004 1:46:53 PM -1 -2

374 views • 9 slides
1 Transport Layer Transport Layer RTT Estimation RTT Estimation Basic Idea SampleRTT :

1 Transport Layer Transport Layer RTT Estimation RTT Estimation Basic Idea SampleRTT :

Transport Layer Transport Layer Outline Mobile network Transport-layer Connection-oriented Global ISP services transport: TCP Transport Layer Multiplexing and segment structure Home network demultiplexing reliable data

264 views • 5 slides
Practical pluggable types via the Checker Framework Matthew Papi, Mahmood Ali, Telmo Correa Jr.,

Practical pluggable types via the Checker Framework Matthew Papi, Mahmood Ali, Telmo Correa Jr.,

void print( @Readonly Object x) { List< @NonNull String> lst; } Practical pluggable types via the Checker Framework Matthew Papi, Mahmood Ali, Telmo Correa Jr., Jeff Perkins, Michael Ernst MIT Problem 1: Javas type checking Type

801 views • 37 slides
Generative Models and Optimal Transport Marco Cuturi Joint work / work in progress with G.

Generative Models and Optimal Transport Marco Cuturi Joint work / work in progress with G.

Generative Models and Optimal Transport Marco Cuturi Joint work / work in progress with G. Peyr, A. Genevay (ENS) , F. Bach (INRIA), G. Montavon, K-R Mller (TU Berlin) Statistics 0.1 : Density Fitting We collect data N data = 1 X x

1.55k views • 139 slides
An Architecture for Open Pluggable Pluggable An Architecture for Open Edge Services (OPES) Edge

An Architecture for Open Pluggable Pluggable An Architecture for Open Edge Services (OPES) Edge

An Architecture for Open Pluggable Pluggable An Architecture for Open Edge Services (OPES) Edge Services (OPES) draft- -ietf ietf- -opes opes- -architecture architecture- -02 02 draft Abbie Barbir Abbie Barbir

405 views • 13 slides
Transport use change Transport use is down by more than 60% for all transport types compared to

Transport use change Transport use is down by more than 60% for all transport types compared to

Transport use change Transport use is down by more than 60% for all transport types compared to early February and has remained steady in the last week. The percentage change in the use of all motor vehicles, National Rail, the London Underground

178 views • 4 slides
Optimal Transport for structured data with application on graphs Titouan Vayer Joint work with

Optimal Transport for structured data with application on graphs Titouan Vayer Joint work with

Optimal Transport for structured data with application on graphs Titouan Vayer Joint work with Laetitia Chapel, Remi Flamary, Romain Tavenard and Nicolas Courty A novel distance between labeled graphs based on optimal transport Contributions:

357 views • 15 slides
LEDBAT architecture framework consisting of pluggable components

LEDBAT architecture framework consisting of pluggable components

LEDBAT architecture framework consisting of pluggable components draft-mayutan-ledbat-congestionarchitecture-00.txt Mayutan Arumaithurai, Xiaoming Fu, K.K Ramakrishnan March 22, 2010 M. Arumaithurai, X. Fu, K.K. Ramakrishnan () LEDBAT WG

430 views • 16 slides
RAF Daws Hill Transport aspects Ian McGowan Acting Group Manager, Transport Policy and

RAF Daws Hill Transport aspects Ian McGowan Acting Group Manager, Transport Policy and

Buckinghamshire County Council RAF Daws Hill Transport aspects Ian McGowan Acting Group Manager, Transport Policy and Sustainability Buckinghamshire County Council Overview Strategic transport aspects Previous work Local transport

614 views • 9 slides
Smart Card Data in Public Transport Paul Bouman Also based on work of: Evelien van der Hurk,

Smart Card Data in Public Transport Paul Bouman Also based on work of: Evelien van der Hurk,

Department of Technology & Operations Management Smart Card Data in Public Transport Paul Bouman Also based on work of: Evelien van der Hurk, Timo Polman, Leo Kroon, Peter Vervest and Gbor Marti Complexity in Public Transport:

2.21k views • 55 slides

More recommend