Applications for Measurement: Improving Anonymity Online Rishab - - PowerPoint PPT Presentation

applications for measurement improving anonymity online
SMART_READER_LITE
LIVE PREVIEW

Applications for Measurement: Improving Anonymity Online Rishab - - PowerPoint PPT Presentation

Oct 10, 2022 102 likes •263 views

Applications for Measurement: Improving Anonymity Online Rishab Nithyanand | Rachee Singh | Shinyoung Cho | Phillipa Gill Stony Brook University 1 Anonymity on the Internet Tor Network 2 Anonymity on the Internet Does not know the source

slide-1
SLIDE 1

Applications for Measurement: Improving Anonymity Online

Rishab Nithyanand | Rachee Singh | Shinyoung Cho | Phillipa Gill Stony Brook University

1

slide-2
SLIDE 2

Anonymity on the Internet

2

Tor Network

slide-3
SLIDE 3

Anonymity on the Internet

3

Tor Network

Does not know the destination Does not know the source

slide-4
SLIDE 4

Online Anonymity via Tor

Tor Client Server

4

entry relay middle relay exit relay

slide-5
SLIDE 5

Threat Model: Network Based Attacks

5

Tor Network

slide-6
SLIDE 6

Threat Model: Network Based Attacks

6

Tor Network

slide-7
SLIDE 7

Threat Model: Network Based Attacks

7

Tor Network

slide-8
SLIDE 8

Internet routing and timing attacks

AS1 AS4 AS3 AS5

8

AS5 AS6 AS2 AS2

Tor Network

slide-9
SLIDE 9

Internet routing and timing attacks

AS1 AS4 AS3 AS5

9

AS5 AS6 AS2 AS2

Tor Network

slide-10
SLIDE 10

Internet routing and timing attacks

AS1 AS4 AS3 AS5

10

AS5 AS6 AS2 AS2

Path asymmetry => Increases the attack surface [RAPTOR, USENIX 2015] TCP ACK numbers leak timing and size info on reverse path!

AS5 AS5

slide-11
SLIDE 11

Astoria [NDSS2016] + Cipollino*

  • What if the Tor client could pick relays to avoid timing attacks?
  • We show that there usually is a safe option [NDSS2016]
  • Challenge:

How can the Tor client learn network paths?

  • Astoria: Policy-based simulations on empirically derived AS graphs
  • Cipollino: Based on measured paths

* https://en.wikipedia.org/wiki/Cipollino

11

slide-12
SLIDE 12

Tor client measurement-plane requirements

  • Data needs to be current

E.g., if a path changes to go through a new AS we need to know!

  • Path computations need to be local

The client can’t ask a third party about paths to the destination!

  • Data needs to be compact + accurate
  • Trade-off between:

○ measured data as relevant as possible (near real-time). ○ Cipollino Tor client low-latency (not on-demand measurements)

12

slide-13
SLIDE 13

Our solution: PathCache

13

  • Basic idea: Reuse measurements already being made!
  • Combine publicly accessible traceroute measurements to learn new paths

Currently using RIPE Atlas + iPlane data

Augmenting with control-plane data RIPE NCC, Routeviews

Longer term: Efficient use of new measurements to increase coverage

  • http://pathcache.cs.stonybrook.edu

A B C D A D E A D E B C D

slide-14
SLIDE 14

Why is PathCache Useful?

  • Everyone needs traceroutes!
  • But why run redundant traceroutes at the expense of a constrained

measurement budget?

  • Measurement hardware can be more effectively utilised.
  • Standard and compact graphs as JSONs, easy to work with.
  • Try it out here: http://pathcache.cs.stonybrook.edu/api/v1/174 (AS174’s dest

based graph)

  • http://pathcache.cs.stonybrook.edu/api/v1/path?src=2119&dst=174

14

slide-15
SLIDE 15

Future Work?

  • Need more data

○ Huge benefit of periodic measurements from RIPE Atlas!

  • Path prediction as a service
  • A platform to maintain AS-level paths over time (benefit of retrospective

measurements)

  • Provide a generic interface to upload user-run measurements.
  • As a community, increase our coverage via measurement reuse

15