how broadcast data reveals your identity and social graph
play

How Broadcast Data Reveals Your Identity and Social Graph Rolf - PowerPoint PPT Presentation

Sep 26, 2022 •180 likes •364 views

How Broadcast Data Reveals Your Identity and Social Graph Rolf Winter <rolf.winter@hs-augsburg.de> Michael Faath <michael.faath@hs-augsburg.de> Fabian Weisshaar <fabian.weisshaar@hs-augsburg.de> Idea Connect to a large

  1. How Broadcast Data Reveals Your Identity and Social Graph Rolf Winter <rolf.winter@hs-augsburg.de> Michael Faath <michael.faath@hs-augsburg.de> Fabian Weisshaar <fabian.weisshaar@hs-augsburg.de>

  2. Idea Connect to a large network and analyse everything received ● Excluding the traffic the listener introduces ○ Are there protocols “polluting” the network? ● What can we learn from this data? ● Protocols ○ Devices ○ Users and groups of users ○ 2 How Broadcast Data Reveals Your Identity and Social Graph

  3. Experiment locations The lab ● Controlled environment ○ A wireless campus network: Eduroam ● Over 6,000 students and staff ○ IETF Meeting network ● IETF 93 - Prague / IETF 94 - Yokohama ○ 3 How Broadcast Data Reveals Your Identity and Social Graph

  4. Legal aspects - I am not a lawyer IETF Meeting experiment announcement 1 ● First reaction: “doesn't this fall under human subjects rules for experiments [...]?” 1 ○ Over 40 mailing list responses ○ Experiment might break EU data protection laws ○ But: more positive than negative reactions ○ Legal questions could not be resolved in time ● Experiment for the 93rd IETF meeting cancelled ○ → Proposal to establish the IETF Experiment Ethics Review Board 2 ○ 1 “Multicast/Broadcast Experiment at IETF94 (email thread),” Nov. 2015. [Online]. Available: https://www.ietf.org/mail-archive/web/94attendees/current/msg00490.html 2 https://www.ietf.org/blog/2015/09/experiment-ethics-and-privacy/ 4 How Broadcast Data Reveals Your Identity and Social Graph

  5. Legal aspects - I am not a lawyer Legal statement by the German National Research and Education ● Network (DFN) 1 It is not okay (for universities in Germany) to store and analyze broadcast data ○ Consent of every user in the network is necessary ○ It might be okay to store and analyze for specific research if privacy of users is ensured ○ Remove all personally identifiable information ● MACs, IPs, hostnames etc. hashed ○ Analyzation only for selected protocols possible ○ Don’t store raw data ○ 1 H. Sporleder, “Dein Name ist Programm”, DFN Infobrief Recht, pp. 16–18, Nov. 2015 5 How Broadcast Data Reveals Your Identity and Social Graph

  6. Data analysis: Campus network All eduroam users on campus are in one broadcast domain ● Plus all of the VPN users from home ○ Six months ● ~40 GB of data seen ● ~215 MB per day on ○ average 6 How Broadcast Data Reveals Your Identity and Social Graph

  7. Data analysis: Campus network ~35,000 MAC addresses seen ● max. 21,000 from real devices ○ ~90% UDP packets ● Focus on most seen protocols ○ Analysis of payload ○ Cloud storage 7 How Broadcast Data Reveals Your Identity and Social Graph

  8. Desktop app of a popular cloud storage service Used to store and share data in the cloud ● Implements a protocol for local data exchange ● Broadcasts multiple packets every 30 seconds ● host_int ○ Unique ID for application installation ■ Tracking of a user even if IP or MAC address changes ■ namespaces ○ List of unique IDs for all known shares ■ 8 How Broadcast Data Reveals Your Identity and Social Graph

  9. Data analysis: Cloud storage service 2,560 application installations ● 9,361 unique shares ● Students might use the application to share data from lectures ● ...can we draw a graph from this? ○ 9 How Broadcast Data Reveals Your Identity and Social Graph

  10. Data analysis: Cloud storage - a community graph Identify communites (Louvain method 1 ) ● 1 V.D. Blondel, J.L. Guillaume, R. Lambiotte, and E.L.J.S. Mech. Fast unfolding of communities in large networks. J. Stat. Mech, 2008 10 How Broadcast Data Reveals Your Identity and Social Graph

  11. Data analysis: Hostnames Some protocols broadcast hostnames ● mDNS, NetBIOS, LLMNR, … ○ 7,600 hostnames found ● removed duplicates and typical strings (“iphone”, “macbook”, …) ○ 5,300 host names remaining ○ Lots of users reveal ● Language (“iPhone von John Doe”) ○ Device vendor / model (“MacBook Pro”) ○ Locations and functions (“printer”, “cs-faculty”) ○ Names (login names, nicknames, initials) ○ 11 How Broadcast Data Reveals Your Identity and Social Graph

  12. Data analysis: Hostnames Helps to partially identify nodes ● But we can do more ○ If there would be a database containing all students… ○ 12 How Broadcast Data Reveals Your Identity and Social Graph

  13. Data analysis: LDAP LDAP server of the university is accessible from within the network ● Crawl all entries: >8,400 users ● Login, first and last name ○ Department ○ Course of study ○ Status (student, professor, staff, …) ○ Date of last password change ○ 4,564 unique last names ● 1,300 unique first names ● Compare them to the hostnames ● 13 How Broadcast Data Reveals Your Identity and Social Graph

  14. Data analysis: LDAP 2,900 first names matched ● ~17% (500) match uniquely ○ 929 last names matched ● ~50% (464) match uniquely ○ 293 full names matched ● ~90% (263) match uniquely ○ 14 How Broadcast Data Reveals Your Identity and Social Graph

  15. Combining the data Add LDAP users to nodes ● Several users could be identified ● Same course of studies ○ Same date for last password changed ○ Those help to identify nodes with ● multiple LDAP matches 15 How Broadcast Data Reveals Your Identity and Social Graph

  16. Data verification We made some surprise visits to lectures ● Controlled experiment ○ Voluntarily data verification ○ Other things to do ● Look for social network profiles ○ Crawl the timetables of the university and match online times of the community ○ 16 How Broadcast Data Reveals Your Identity and Social Graph

  17. Countermeasures Don’t name your device after yourself 1 ● Not even if it is a common nickname ○ Restrict publicly visible data in your online profiles ● Switch off broadcast/multicast functionalities ● Don’t actually do this ○ Broadcast and multicast protocols are important ○ Be careful when designing broadcast protocols ● IETF draft: Privacy considerations for IP broadcast and multicast protocol designers 2 ○ 1 https://tools.ietf.org/html/rfc8117 2 https://datatracker.ietf.org/doc/draft-intarea-broadcast-consider/ 17 How Broadcast Data Reveals Your Identity and Social Graph

  18. Conclusion Personal information can be learned from broadcasts ● No protocol alone is to blame ● Check with a lawyer before doing anything like this ● Note: criminals might not care about privacy ○ Countermeasures are available and easy ● But need a change in user behaviour ○ 18 How Broadcast Data Reveals Your Identity and Social Graph

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Contents Graph and Social Network Analysis Graph Construction Graph Visualization Graph Query

Contents Graph and Social Network Analysis Graph Construction Graph Visualization Graph Query

Social Network Analysis with R Yanchang Zhao http://www.RDataMining.com R and Data Mining Course Beijing University of Posts and Telecommunications, Beijing, China July 2019 Chapter 11: Social Network Analysis, in R and Data Mining:

606 views • 37 slides
Tao: Facebook's Distributed Data Store For The Social Graph Bronson et. al., ATC 2013 Joy

Tao: Facebook's Distributed Data Store For The Social Graph Bronson et. al., ATC 2013 Joy

Tao: Facebook's Distributed Data Store For The Social Graph Bronson et. al., ATC 2013 Joy Arulraj CMU 15-799 : Paper Presentation Talk Overview Graph-aware cache backed by a database Efficiency vs. consistency Motivation Memcached

778 views • 24 slides
Data Mining: Concepts and Techniques Chapter 9 Graph mining and Social Network Analysis

Data Mining: Concepts and Techniques Chapter 9 Graph mining and Social Network Analysis

Data Mining: Concepts and Techniques Chapter 9 Graph mining and Social Network Analysis Li Xiong Slides credits: Jiawei Han and Micheline Kamber 1 April 2, 2008 Graph Mining and Social Network Analysis Graph mining Frequent

879 views • 62 slides
DS504/CS586: Big Data Analytics Graph Mining Prof. Yanhua Li Time: 6:00pm 8:50pm R Location:

DS504/CS586: Big Data Analytics Graph Mining Prof. Yanhua Li Time: 6:00pm 8:50pm R Location:

Welcome to DS504/CS586: Big Data Analytics Graph Mining Prof. Yanhua Li Time: 6:00pm 8:50pm R Location: AK232 Fall 2016 Graph Data: Social Networks Facebook social graph 4-degrees of separation [Backstrom-Boldi-Rosa-Ugander-Vigna, 2011]

645 views • 40 slides
Graph Data Processing M. Tamer Ozsu 1 / 75 Outline Introduction RDF Graph Querying

Graph Data Processing M. Tamer Ozsu 1 / 75 Outline Introduction RDF Graph Querying

Graph Data Processing M. Tamer Ozsu 1 / 75 Outline Introduction RDF Graph Querying General Graph Processing Offline analytics Online querying 2 / 75 Graph Data are Very Common Internet 3 / 75 Graph Data are Very Common Social

985 views • 75 slides
Protecting Your Identity, Data, and Assets 1 Its Not a Matter of If, but When 17.6

Protecting Your Identity, Data, and Assets 1 Its Not a Matter of If, but When 17.6

Protecting Your Identity, Data, and Assets 1 Its Not a Matter of If, but When 17.6 million 63% Identity fraud is a serious issue. people experienced of confirmed data Fraudsters have identity theft in 2014 breaches involved stolen

605 views • 29 slides
CS141: Intermediate Data Structures and Algorithms Graphs Amr Magdy Graph Data Structure A set

CS141: Intermediate Data Structures and Algorithms Graphs Amr Magdy Graph Data Structure A set

CS141: Intermediate Data Structures and Algorithms Graphs Amr Magdy Graph Data Structure A set of nodes (vertices) and edges connecting them 2 Graph Applications Road network Social media networks Knowledge bases 3 Graph Representations

807 views • 66 slides
CS141: Intermediate Data Structures and Algorithms Graphs Amr Magdy Graph Data Structure A set

CS141: Intermediate Data Structures and Algorithms Graphs Amr Magdy Graph Data Structure A set

CS141: Intermediate Data Structures and Algorithms Graphs Amr Magdy Graph Data Structure A set of nodes (vertices) and edges connecting them 2 Graph Applications Road network Social media networks Knowledge basesS 3 Graph Representations

1.33k views • 73 slides
Engaging God Pathway of relationship that leads to deeper intimacy with God and reveals our

Engaging God Pathway of relationship that leads to deeper intimacy with God and reveals our

Engaging God Pathway of relationship that leads to deeper intimacy with God and reveals our identity as sons of God as we engage with Gods presence within us Flowing from inside out - heaven through the gateways of our spirit, soul

721 views • 46 slides
Identity in organisational social media from a representational to a performative perspective Jo

Identity in organisational social media from a representational to a performative perspective Jo

Identity in organisational social media from a representational to a performative perspective Jo Orsatti Kai Reimer Why is Identity Important? Drivers of identity expression Communication Recognition Identification Shared understanding

471 views • 23 slides
Broadcast Receiver Why do we need Broadcast Receiver? Broadcast Receivers Broadcast receiver

Broadcast Receiver Why do we need Broadcast Receiver? Broadcast Receivers Broadcast receiver

Broadcast Receiver Why do we need Broadcast Receiver? Broadcast Receivers Broadcast receiver (a BroadcastReceiver subclass) is one of the application's components. Broadcast receivers enable applications to receive intents that are

597 views • 17 slides
Broadcast Receiver Why do we need Broadcast Receiver? Broadcast Receivers Broadcast receiver

Broadcast Receiver Why do we need Broadcast Receiver? Broadcast Receivers Broadcast receiver

Broadcast Receiver Why do we need Broadcast Receiver? Broadcast Receivers Broadcast receiver (a BroadcastReceiver subclass) is one of the application's components. Broadcast receivers enable applications to receive intents that are

560 views • 18 slides
TAO: Facebooks Distributed Data Store for the Social Graph Before TAO Data stored in MySQL

TAO: Facebooks Distributed Data Store for the Social Graph Before TAO Data stored in MySQL

TAO: Facebooks Distributed Data Store for the Social Graph Before TAO Data stored in MySQL and cached in memcached Caching managed by apps Problems: Operations on lists are inefficient in memcached (update whole list) Complexity

150 views • 10 slides
Artefacts and Social Identity Penelope Allison School of Archaeology and Ancient History

Artefacts and Social Identity Penelope Allison School of Archaeology and Ancient History

Artefacts and Social Identity Penelope Allison School of Archaeology and Ancient History Projects based on Pompeian Data Current PhD candidates, Univ. of Leicester David Griffiths The social and economic impact of artificial light in

298 views • 13 slides
Exponential Random Graph Models for (Social) Network Data Analysis - Statistical Models for

Exponential Random Graph Models for (Social) Network Data Analysis - Statistical Models for

Outline Exponential Random Graph Models for (Social) Network Data Analysis - Statistical Models for (Social) Network Data p 0 , p 1 , p 2 and and p* Overview, Challenges, Research Problems Graphons and Networks ERGM, bERGM, tERGM,

224 views • 9 slides
social hash an assignment framework for optimizing distributed systems operations in social

social hash an assignment framework for optimizing distributed systems operations in social

social hash an assignment framework for optimizing distributed systems operations in social networks the problem All user visible data on Facebook is maintained in a single directed graph called the Social Graph Contains millions of

406 views • 23 slides
Lecture 4 Notes: Bits and bytes Computer Literacy 1 Tuesday 28/9/2004 Lecture Overview Lecture

Lecture 4 Notes: Bits and bytes Computer Literacy 1 Tuesday 28/9/2004 Lecture Overview Lecture

Lecture 4 Notes: Bits and bytes Computer Literacy 1 Tuesday 28/9/2004 Lecture Overview Lecture topics: How computers encode information How to quantify information and memory How to represent and communicate binary data The aim

210 views • 7 slides
Memory usage and computational considerations Introduction Useful when designing deep neural

Memory usage and computational considerations Introduction Useful when designing deep neural

Day 2 Lecture 1 Memory usage and computational considerations Introduction Useful when designing deep neural network architectures to be able to estimate memory and computational requirements on the back of an envelope This lecture will

418 views • 25 slides
HDD: the Evolution What high-tech product advances the fastest ? It's probably the hard drive

HDD: the Evolution What high-tech product advances the fastest ? It's probably the hard drive

HDD: the Evolution What high-tech product advances the fastest ? It's probably the hard drive The capacity doubles easily every two years and sometimes every year Faster even than the chip progress described by Moore's Law 1956 First HDD,

578 views • 14 slides
UWB Non-Coher UWB Non- Coherent High Data ent High Data UWB Non-Coher UWB Non- Coherent High

UWB Non-Coher UWB Non- Coherent High Data ent High Data UWB Non-Coher UWB Non- Coherent High

Information Technology Information Technology Centre Centre Centre Europe Europe Europe Information Technology Information Technology Centre Europe Telecommunications Laboratory Telecommunications Laboratory Telecommunications

567 views • 20 slides
Benchmarking benchmarking, and optimizing optimization Daniel J. Bernstein University of

Benchmarking benchmarking, and optimizing optimization Daniel J. Bernstein University of

1 Benchmarking benchmarking, and optimizing optimization Daniel J. Bernstein University of Illinois at Chicago &amp; Technische Universiteit Eindhoven 2 Bit operations per bit of plaintext (assuming precomputed subkeys), as listed in recent

1.07k views • 46 slides
E2E circuits for the WLCG A user experience Amsterdam 2 December 2008

E2E circuits for the WLCG A user experience Amsterdam 2 December 2008

E2E circuits for the WLCG A user experience Amsterdam 2 December 2008 edoardo.martelli@cern.ch LHC The Large Hadron Collider is a particle accelerator - It collides beams of protons at an energy of 14 TeV - It operates at about

727 views • 15 slides
Lecture 13: Computer CSE 373 Data Structures and Memory Algorithms CSE 373 SP 18 - KASEY

Lecture 13: Computer CSE 373 Data Structures and Memory Algorithms CSE 373 SP 18 - KASEY

Lecture 13: Computer CSE 373 Data Structures and Memory Algorithms CSE 373 SP 18 - KASEY CHAMPION 1 Administrivia Sorry no office hours this afternoon :/ Midterm review session Monday 6-8pm Sieg 134 (hopefully) Written HW posted later today

661 views • 31 slides
Big ig Dat ata a an and Had adoop oop Venkatesh Vinayakarao venkateshv@cmi.ac.in

Big ig Dat ata a an and Had adoop oop Venkatesh Vinayakarao venkateshv@cmi.ac.in

Big ig Dat ata a an and Had adoop oop Venkatesh Vinayakarao venkateshv@cmi.ac.in http://vvtesh.co.in Chennai Mathematical Institute Data is the new oil. - Clive Humby, 2006. Venkatesh Vinayakarao (Vv) What Comes Next? byte kilobyte

266 views • 15 slides

More recommend