tempest temporal dynamics in anonymity systems
play

Tempest: Temporal Dynamics in Anonymity Systems Ryan Wails U.S. - PowerPoint PPT Presentation

Sep 17, 2023 •194 likes •905 views

Tempest: Temporal Dynamics in Anonymity Systems Ryan Wails U.S. Naval Research Laboratory Yixin Sun Princeton University Aaron Johnson U.S. Naval Research Laboratory Mung Chiang Princeton University Prateek Mittal Princeton University

  1. Tempest: Temporal Dynamics in Anonymity Systems Ryan Wails U.S. Naval Research Laboratory Yixin Sun Princeton University Aaron Johnson U.S. Naval Research Laboratory Mung Chiang Princeton University Prateek Mittal Princeton University PETS ’18 25 July 2018

  2. Introduction

  3. Motivation • Tor (USENIX 2004) • DeNASA (PETS 2016) • Counter-RAPTOR (S&P 2017) • TAPS (NDSS 2017) Prior work: • LAP (S&P 2012) static security analyses • HORNET (CCS 2015) • Dovetail (PETS 2014) • PHI (PETS 2017) 1

  4. Our Contribution: Three Temporal Dynamics 2

  5. Our Contribution: Three Temporal Dynamics 1. Client Mobility : Clients move over time 2

  6. Our Contribution: Three Temporal Dynamics 1. Client Mobility : Clients move over time 2. User Behavior : Users make many connections over time 2

  7. Our Contribution: Three Temporal Dynamics 1. Client Mobility : Clients move over time 2. User Behavior : Users make many connections over time 3. Routing Changes : Internet routes change over time 2

  8. Temporal Dynamics & Anonymity Systems Client User Routing Mobility Behavior Changes Tor DeNASA Tor Counter-RAPTOR TAPS Legend: Vulnerability � Resistance � 3

  9. Temporal Dynamics & Anonymity Systems Client User Routing Mobility Behavior Changes Tor DeNASA Tor Counter-RAPTOR TAPS HORNET Net-Layer LAP Dovetail PHI Legend: Vulnerability � Resistance � 3

  10. Temporal Dynamics & Anonymity Systems Client User Routing Mobility Behavior Changes Tor Known � Known � DeNASA Tor Counter-RAPTOR Known � TAPS Known � HORNET Net-Layer LAP Dovetail PHI Legend: Vulnerability � Resistance � 3

  11. Temporal Dynamics & Anonymity Systems Client User Routing Mobility Behavior Changes Tor Novel � Known � Known � DeNASA Novel � Novel � Tor Counter-RAPTOR Novel � Novel � Known � TAPS Known � Novel � HORNET Novel � Novel � Net-Layer LAP Novel � Novel � Dovetail Novel � PHI Novel � Legend: Vulnerability � Resistance � 3

  12. Outline 1. Client Mobility & Tor 2. User Behavior & DeNASA 4

  13. Brief Tor Background

  14. Tor Background guard middle exit 1. Clients use only one guard for a few months 2. Relays are selected with probability prop. to bandwidth 5

  15. Client Mobility & Tor

  16. Client Mobility Example Ryan as an example... 6

  17. Client Mobility Example Connected to Tor from 1) Home Which networks (ASes) saw my ingress Tor traffic? 7

  18. Client Mobility Example Connected to Tor from 1) Home Which networks (ASes) saw my ingress Tor traffic? Verizon Tata LeaseWeb 7

  19. Client Mobility Example Connected to Tor from 1) Home 2) Coffee Shop Which networks (ASes) saw my ingress Tor traffic? Verizon Tata LeaseWeb 7

  20. Client Mobility Example Connected to Tor from 1) Home 2) Coffee Shop Which networks (ASes) saw my ingress Tor traffic? Verizon Tata LeaseWeb Comcast Telia 7

  21. Client Mobility Example Connected to Tor from 1) Home 2) Coffee Shop 3) Mobile Hotspot Which networks (ASes) saw my ingress Tor traffic? Verizon Tata LeaseWeb Comcast Telia 7

  22. Client Mobility Example Connected to Tor from 1) Home 2) Coffee Shop 3) Mobile Hotspot Which networks (ASes) saw my ingress Tor traffic? Verizon Tata LeaseWeb Comcast Telia AT&T 7

  23. Client Mobility Example Connected to Tor from 1) Home 2) Coffee Shop 3) Mobile Hotspot 4) Airport Which networks (ASes) saw my ingress Tor traffic? Verizon Tata LeaseWeb Comcast Telia AT&T 7

  24. Client Mobility Example Connected to Tor from 1) Home 2) Coffee Shop 3) Mobile Hotspot 4) Airport Which networks (ASes) saw my ingress Tor traffic? Verizon Tata LeaseWeb Comcast Telia AT&T Zayo 7

  25. Client Mobility Example Connected to Tor from 1) Home 2) Coffee Shop 3) Mobile Hotspot 4) Airport 5) Hotel Which networks (ASes) saw my ingress Tor traffic? Verizon Tata LeaseWeb Comcast Telia AT&T Zayo 7

  26. Client Mobility Example Connected to Tor from 1) Home 2) Coffee Shop 3) Mobile Hotspot 4) Airport 5) Hotel Which networks (ASes) saw my ingress Tor traffic? Verizon Tata LeaseWeb Comcast Telia AT&T Zayo TelefonicaEspaña Telxius 7

  27. Client Mobility Example Connected to Tor from 1) Home 2) Coffee Shop 3) Mobile Hotspot 4) Airport 5) Hotel 6) CCCB Which networks (ASes) saw my ingress Tor traffic? Verizon Tata LeaseWeb Comcast Telia AT&T Zayo TelefonicaEspaña Telxius 7

  28. Client Mobility Example Connected to Tor from 1) Home 2) Coffee Shop 3) Mobile Hotspot 4) Airport 5) Hotel 6) CCCB Which networks (ASes) saw my ingress Tor traffic? Verizon Tata LeaseWeb Comcast Telia AT&T Zayo TelefonicaEspaña Telxius OrangeEspaña 7

  29. Client Mobility Example During travel from United States to Spain: • Connected to Tor from 6 different locations • Exposed my traffic to additional 7 ASes (3.3 × increase) 8

  30. Adversary Model • Adversary compromises a single AS • Passive • Goal: observe client-guard traffic 9

  31. Mobility Analysis 1. How mobile are some clients? 2. Does mobility weaken system security? 10

  32. Mobility Datasets 1. Foursquare (F) • 270,000 users • 18 months (Apr 2012 – Sep 2013) 2. Gowalla (G) • 100,000 users • 20 months (Feb 2009 – Oct 2010) # Countries 2 3 4 5 6 ≥ 7 Users F 40145 13179 5649 2708 1490 2574 Users G 17884 4557 1694 705 305 299 Q 1 Days F 48 120 195 228 248 245 Q 1 Days G 7 31 56 77 103 125 11

  33. Mobility & Tor • Assume each user connects from most popular Tor AS in each country. • Compute average probability that largest 50 ASes compromise client-guard path. 12

  34. Vulnerability of Mobile Tor Users to Client−Guard Compromise ● ● ● ● 0.25 ● ● Mean Probability of Compromise 0.20 ● ● ● ● 0.15 ● ● ● ● 0.10 ● ● ● ● 0.05 ● ● ● Gowalla 0.00 Foursquare 0 5 10 15 20 25 Num. Countries Points denote median user, shade shows range 13

  35. Takeaways 1. Many clients are mobile! 2. Mobility can reduce system security. 14

  36. User Behavior & DeNASA (PETS 2016)

  37. DeNASA The DeNASA “g-select” algorithm: Do not select guards where suspects AS1299 (Telia) or AS3356 (Level 3) are on the client-guard link. 15

  38. DeNASA Example Pr( g 1 ) = 0 . 25 Pr( g 1 ) = 0 . 25 Pr( g 1 ) = 0 ❤❤❤❤❤❤ ✭ ✭✭✭✭✭✭ ❤ g 1 AS1299 Pr( g 2 ) = 0 . 25 Pr( g 2 ) = 0 . 25 Pr( g 2 ) = 0 . 33 ❤❤❤❤❤❤ ✭ ✭✭✭✭✭✭ ❤ g 2 AS44 Pr( g 3 ) = 0 . 5 Pr( g 3 ) = 0 . 5 Pr( g 3 ) = 0 . 67 ✭✭✭✭✭✭ ❤❤❤❤❤❤ ✭ ❤ g 3 16

  39. DeNASA Example Pr( g 1 ) = 0 . 25 Pr( g 1 ) = 0 . 25 Pr( g 1 ) = 0 ❤❤❤❤❤❤ ✭ ✭✭✭✭✭✭ ❤ g 1 AS1299 Pr( g 2 ) = 0 . 25 Pr( g 2 ) = 0 . 25 Pr( g 2 ) = 0 . 33 ❤❤❤❤❤❤ ✭ ✭✭✭✭✭✭ ❤ g 2 AS44 Pr( g 3 ) = 0 . 5 Pr( g 3 ) = 0 . 5 Pr( g 3 ) = 0 . 67 ✭✭✭✭✭✭ ❤❤❤❤❤❤ ✭ ❤ g 3 16

  40. DeNASA Example Pr( g 1 ) = 0 . 25 Pr( g 1 ) = 0 . 25 Pr( g 1 ) = 0 ❤❤❤❤❤❤ ✭ ✭✭✭✭✭✭ ❤ g 1 AS1299 Pr( g 2 ) = 0 . 25 Pr( g 2 ) = 0 . 25 Pr( g 2 ) = 0 . 33 ❤❤❤❤❤❤ ✭ ✭✭✭✭✭✭ ❤ g 2 AS44 Pr( g 3 ) = 0 . 5 Pr( g 3 ) = 0 . 5 Pr( g 3 ) = 0 . 67 ✭✭✭✭✭✭ ❤❤❤❤❤❤ ✭ ❤ g 3 16

  41. DeNASA Example g-select leaks location information! 17

  42. DeNASA Example g 1 AS1299 AS1299 AS3356 g 2 AS44 AS88 Pr( g 3 | AS44 ) = 0 . 67 Pr( g 3 | AS88 ) = 1 g 3 18

  43. DeNASA Example g 1 AS1299 AS1299 AS3356 g 2 AS44 AS88 Pr( g 3 | AS44 ) = 0 . 67 Pr( g 3 | AS88 ) = 1 g 3 18

  44. DeNASA Example g 1 AS1299 AS1299 AS3356 g 2 AS44 AS88 Pr( g 3 | AS44 ) = 0 . 67 Pr( g 3 | AS88 ) = 1 g 3 18

  45. DeNASA Example g 3 middle exit Pr( AS44 | g 3 ) = 0 . 4 Pr( AS88 | g 3 ) = 0 . 6 19

  46. Our Tempest Attack Leak worsens over time! Pr( AS88 | G 1 ∧ G 2 ∧ · · · ∧ G N ) ≫ Pr( AS44 | G 1 ∧ G 2 ∧ · · · ∧ G N ) How can the adversary learn a client’s guard history? 20

  47. Adversary Model • Adversary runs a destination and some relays • Passive • Goal: learn client AS 21

  48. Discovering guards over time Day 1 Day 4 Day 3 Day 2 johndoe1 is now using g 3 ! johndoe1 is using g 1 ! g 1 m 1 johndoe1 e 1 g 2 m 2 AS?? e 2 g 3 m 3 22

  49. Discovering guards over time Day 1 Day 4 Day 3 Day 2 johndoe1 is now using g 3 ! johndoe1 is using g 1 ! g 1 m 1 johndoe1 e 1 g 2 m 2 AS?? e 2 g 3 m 3 22

  50. Discovering guards over time Day 1 Day 4 Day 3 Day 2 johndoe1 is now using g 3 ! johndoe1 is using g 1 ! g 1 m 1 johndoe1 e 1 g 2 m 2 AS?? e 2 g 3 m 3 22

  51. Discovering guards over time Day 1 Day 4 Day 3 Day 2 johndoe1 is now using g 3 ! johndoe1 is using g 1 ! g 1 m 1 johndoe1 e 1 g 2 m 2 AS?? e 2 g 3 m 3 22

  52. Discovering guards over time Day 1 Day 4 Day 3 Day 2 johndoe1 is now using g 3 ! johndoe1 is using g 1 ! g 1 m 1 johndoe1 e 1 g 2 m 2 AS?? e 2 g 3 m 3 22

  53. Discovering guards over time Day 1 Day 4 Day 3 Day 2 johndoe1 is now using g 3 ! johndoe1 is using g 1 ! g 1 m 1 johndoe1 e 1 g 2 m 2 AS?? e 2 g 3 m 3 22

Recommend

CSE 158 Lecture 17 Web Mining and Recommender Systems More temporal dynamics This week

CSE 158 Lecture 17 Web Mining and Recommender Systems More temporal dynamics This week

CSE 158 Lecture 17 Web Mining and Recommender Systems More temporal dynamics This week Temporal models This week well look back on some of the topics already covered in this class, and see how they can be adapted to make use of temporal

858 views • 52 slides
CSE 258 Lecture 18 Web Mining and Recommender Systems More temporal dynamics This week

CSE 258 Lecture 18 Web Mining and Recommender Systems More temporal dynamics This week

CSE 258 Lecture 18 Web Mining and Recommender Systems More temporal dynamics This week Temporal models This week well look back on some of the topics already covered in this class, and see how they can be adapted to make use of temporal

690 views • 51 slides
7. Dynamics & Age Outline 7.1. Dynamics & Age 7.2. Temporal Information 7.3. Search in

7. Dynamics & Age Outline 7.1. Dynamics & Age 7.2. Temporal Information 7.3. Search in

7. Dynamics & Age Outline 7.1. Dynamics & Age 7.2. Temporal Information 7.3. Search in Web Archives 7.4. Historical Document Collections Advanced Topics in Information Retrieval / Dynamics & Age 2 7.1. Dynamics & Age The

989 views • 80 slides
Iterative Dynamics with Temporal Coherence Erin Catto ecatto@crystald.com Crystal Dynamics

Iterative Dynamics with Temporal Coherence Erin Catto ecatto@crystald.com Crystal Dynamics

Iterative Dynamics with Temporal Coherence Erin Catto ecatto@crystald.com Crystal Dynamics Menlo Park, California Game Developers Conference, 2005 Erin Catto (Crystal Dynamics) Iterative Dynamics GDC 2005 1 / 15 Introduction The Problem

335 views • 15 slides
Leveraging Temporal Dynamics of Document Content in Relevance

Leveraging Temporal Dynamics of Document Content in Relevance

Leveraging Temporal Dynamics of Document Content in Relevance Ranking Jonathan L. Elsas (CMU) Susan T. Dumais (MSR) Outline Document Dynamics on

741 views • 38 slides
A Predictive Model for the Temporal Dynamics of Information Diffusion in Online Social Networks

A Predictive Model for the Temporal Dynamics of Information Diffusion in Online Social Networks

International Workshop on Mining Social Network Dynamics Held in conjunction with the 21st International World Wide Web Conference - Lyon, France - 16th April, 2012 A Predictive Model for the Temporal Dynamics of Information Diffusion in Online

255 views • 14 slides
CSE 190 Lecture 17 Data Mining and Predictive Analytics More temporal dynamics This week

CSE 190 Lecture 17 Data Mining and Predictive Analytics More temporal dynamics This week

CSE 190 Lecture 17 Data Mining and Predictive Analytics More temporal dynamics This week Temporal models This week well look back on some of the topics already covered in this class, and see how they can be adapted to make use of

605 views • 46 slides
Bitcoin and Anonymity Anonymity Basics How to de-anonymize Bitcoin Mixing

Bitcoin and Anonymity Anonymity Basics How to de-anonymize Bitcoin Mixing

Cryptocurrency Technologies Bitcoin and Anonymity Bitcoin and Anonymity Anonymity Basics How to de-anonymize Bitcoin Mixing Decentralized Mixing Zerocoin and Zerocash Tor and the Silk Road Bitcoin and Anonymity

524 views • 39 slides
~130 Guests >80M tempest tests run in gate queue during

~130 Guests >80M tempest tests run in gate queue during

~130 Guests >80M tempest tests run in gate queue during kilo Each proposed patch spins up between 4 and 20 devstack environments for running tests Each tempest run starts ~130 guests in the

413 views • 20 slides
Measures of Anonymity/Privacy: k-Anonymity, L-Diversity,

Measures of Anonymity/Privacy: k-Anonymity, L-Diversity,

Measures of Anonymity/Privacy: k-Anonymity, L-Diversity, t-Closeness CompSci 590.03 Instructor: Ashwin Machanavajjhala Lecture 4 : 590.03 Fall 12 1

647 views • 61 slides
but quite a lot is. Coordination among users can help with anonymity. Debajyoti Das 1 Sebastian

but quite a lot is. Coordination among users can help with anonymity. Debajyoti Das 1 Sebastian

Not all is lost for anonymity but quite a lot is. Coordination among users can help with anonymity. Debajyoti Das 1 Sebastian Meiser 2 Esfandiar Mohammadi 3 Aniket Kate 1 1 Purdue University 2 Visa Research 3 ETH Zurich 1 Sender Anonymity

551 views • 44 slides
Online Anonymity Andrew Lewman andrew@torproject.org June 8, 2010 What is anonymity? Anonymity

Online Anonymity Andrew Lewman andrew@torproject.org June 8, 2010 What is anonymity? Anonymity

Online Anonymity Andrew Lewman andrew@torproject.org June 8, 2010 What is anonymity? Anonymity isnt cryptography Cryptography protects the contents in transit You still know who is talking to whom, how often, and how much data is

764 views • 54 slides
Theory and Design of Low-latency Anonymity Systems (Lecture 4) Paul Syverson U.S. Naval Research

Theory and Design of Low-latency Anonymity Systems (Lecture 4) Paul Syverson U.S. Naval Research

Theory and Design of Low-latency Anonymity Systems (Lecture 4) Paul Syverson U.S. Naval Research Laboratory syverson@itd.nrl.navy.mil http://www.syverson.org 1 Course Outline Lecture 1: Usage examples, basic notions of anonymity, types

611 views • 48 slides
Theory and Design of Low-latency Anonymity Systems (Lecture 1) Paul Syverson U.S. Naval Research

Theory and Design of Low-latency Anonymity Systems (Lecture 1) Paul Syverson U.S. Naval Research

Theory and Design of Low-latency Anonymity Systems (Lecture 1) Paul Syverson U.S. Naval Research Laboratory syverson@itd.nrl.navy.mil http://www.syverson.org 1 Course Outline Lecture 1: Usage examples, basic notions of anonymity, types

918 views • 88 slides
The dynamics of the vegetable cover of Mongolian semiarid zone according to the multi-temporal

The dynamics of the vegetable cover of Mongolian semiarid zone according to the multi-temporal

RUSSIAN ACADEMY OF SCIENCES SIBERIAN BRANCH BAIKAL INSTITUTE OF NATURE MANAGEMENT The dynamics of the vegetable cover of Mongolian semiarid zone according to the multi-temporal LANDSAT images (the case of Darkhan city model field) Zharnikova

184 views • 14 slides
Temporal Dynamics Fabricio Breve fabricio@rc.unesp.br Department of Statistics, Applied

Temporal Dynamics Fabricio Breve fabricio@rc.unesp.br Department of Statistics, Applied

1st BRICS Countries Congress (BRICS-CCI) and 11th Brazilian Congress (CBIC) on Computational Intelligence Combined Active and Semi-Supervised Learning using Particle Walking Temporal Dynamics Fabricio Breve fabricio@rc.unesp.br Department

1.08k views • 31 slides
Spatial and temporal dynamics of nitrogen biogeochemistry along a wetland-stream sequence Patrick

Spatial and temporal dynamics of nitrogen biogeochemistry along a wetland-stream sequence Patrick

Spatial and temporal dynamics of nitrogen biogeochemistry along a wetland-stream sequence Patrick Hurley a H.M. Valett a,c Ben Colman a Marc Peipoch b *b *a *c Acknowledgements Project Partners: Field & Lab Techs: Jim Ford, NRDP Claire

569 views • 31 slides
Spatial and Temporal Dynamics of the Singapore Housing Market Tay Jiajie, Darrell Department of

Spatial and Temporal Dynamics of the Singapore Housing Market Tay Jiajie, Darrell Department of

Spatial and Temporal Dynamics of the Singapore Housing Market Tay Jiajie, Darrell Department of Physics School of Physical and Mathematical Sciences 7 May 2014 Complexity Institute, Innovation Center 1 Have not returned to former highs 4

485 views • 26 slides
Conscript Your Friends into Larger Anonymity Sets with JavaScript Henry Corrigan-Gibbs

Conscript Your Friends into Larger Anonymity Sets with JavaScript Henry Corrigan-Gibbs

Conscript Your Friends into Larger Anonymity Sets with JavaScript Henry Corrigan-Gibbs Bryan Ford Stanford Yale ACM Workshop on Privacy in the Electronic Society 4 November 2013 New Anonymity Systems Have a

563 views • 27 slides
Soft Tempest: Hidden Data Transmission Using Electromagnetic Emanations Markus G. Kuhn and

Soft Tempest: Hidden Data Transmission Using Electromagnetic Emanations Markus G. Kuhn and

Soft Tempest: Hidden Data Transmission Using Electromagnetic Emanations Markus G. Kuhn and Ross J. Anderson Computer Laboratory http://www.cl.cam.ac.uk/~mgk25/ih98-tempest-slides.pdf The History of Compromising Emanations MI5 used in the

407 views • 14 slides
Piecewise-deterministic Markov processes for spatio-temporal population dynamics Samuel

Piecewise-deterministic Markov processes for spatio-temporal population dynamics Samuel

Piecewise-deterministic Markov processes for spatio-temporal population dynamics Samuel Soubeyrand and Rachid Senoussi Biostatistics and Spatial Processes research unit Workshop Statistique pour les PDMP Nancy February 2-3, 2017

404 views • 26 slides
Anonymity in Bitcoin Tumbler/Mixer Oct 9, 2019 Anonymity and Pseudonymity anonymous =

Anonymity in Bitcoin Tumbler/Mixer Oct 9, 2019 Anonymity and Pseudonymity anonymous =

Anonymity in Bitcoin Tumbler/Mixer Oct 9, 2019 Anonymity and Pseudonymity anonymous = Nameless, unidentifiable pseudonymous = Fake name, still traceable Tracing Bitcoin transactions Normal redeem script: Provide public key pk and proof

438 views • 33 slides
Time in Multiteam Systems: Establishing an Understanding of Temporal Influences in MTSs October

Time in Multiteam Systems: Establishing an Understanding of Temporal Influences in MTSs October

Time in Multiteam Systems: Establishing an Understanding of Temporal Influences in MTSs October 29, 2012 Advancing the Science of Rhetta Standifer Multiteam Systems Univ. of Wisconsin Eau Claire EAWOP Small Group Meeting Temporal

597 views • 20 slides
Anonymity Loves Company: Usability and the network effect Roger Dingledine, Nick Mathewson The

Anonymity Loves Company: Usability and the network effect Roger Dingledine, Nick Mathewson The

Anonymity Loves Company: Usability and the network effect Roger Dingledine, Nick Mathewson The Free Haven Project 1 Overview We design and deploy anonymity systems. Version 1: You guys are studying this in academia, and we're

684 views • 25 slides

More recommend