invisible internet project i2p
play

Invisible Internet Project (I2P) Tim de Boer and Vincent Breider - PowerPoint PPT Presentation

Jan 12, 2023 •1.28k likes •1.51k views

Invisible Internet Project (I2P) Tim de Boer and Vincent Breider Research question(s) Is it possible for an entity that intercepts network traffic to fingerprint and positively identify hosts that are participating in the I2P network?

  1. Invisible Internet Project (I2P) Tim de Boer and Vincent Breider

  2. Research question(s) Is it possible for an entity that intercepts network traffic to fingerprint and positively identify hosts that are participating in the I2P network? Sub-questions: - How does the I2P network work, how does the protocol operate? - Can traffic be identified as I2P during the bootstrapping/initialisation phase of the protocol? - Can traffic be identified as I2P by scraping the netDb distributed hash table? - Is fingerprinting of the protocol itself possible using statistical analysis based on connection meta-data? 2

  3. Related work Bazli et al, investigated how forensic investigation into the I2P network could be conducted, by examining the forensic artefacts of the I2P installer. Timpanaro et al, performed a study in which they design a distributed monitoring system for the I2P network. Hjelmvik and John, looked closer on how statistical analysis can be used to identify network protocols. 3

  4. How does I2P work? Like TOR it uses Onion Routing and communicates as a mixnet. However it is decentralised and gathers information on other network participants via the Network Database (netDb) which is implemented as a distributed hash table. Routers always relay each others traffic, build multi-hop tunnels for anonymity and participate in each others tunnels. To make statistical analysis harder, routers collect and pack multiple messages in one packet, this is called garlic routing. 4

  5. How does I2P work? - Onion Routing Source: https://1technation.com/tech-savvy-dark-side-onion-router/ Source: https://geti2p.net/en/docs/how/tech-intro 5

  6. How does I2P work? - Tunnel Establishment Plaatje over tunnel building + netDb 6

  7. How does I2P work? - Garlic Routing Source: An Empirical Study of the I2P Anonymity Network and its Source: The Invisible Internet Project - Andrew Savchenko, FOSDEM 2018 Censorship Resistance - Nguyen et al. 7

  8. Lab environment Deployed using Infrastructure as Code with Ansible. 6 VMs with I2P routers participating in the live network. After a router deployment, network traffic is automatically captured using tcpdump. PCAPs are parsed to CSV using Bash. Statistics are extracted and anonymised using Python and R. 8

  9. Detectability of I2P Sub-questions: - Can traffic be identified as I2P by network analysis? - Can traffic be identified as I2P by scraping the netDb distributed hash table? 9

  10. Detectability of I2P Initialisation/bootstrapping phase - DNS queries - HTTPS requests, cert fingerprints 10

  11. Detectability of I2P Operational phase - Packets are completely encrypted without detectable and identifiable constants - netDb parser -> IDS rules -> every other minute -> not feasible.. - Interesting results with statistical analysis 11

  12. Statistical analysis on live I2P routers "Top Talker" ports are relatively easy to determine Router ports are randomly chosen (non-privileged range >1023) 12

  13. Statistical analysis on live I2P routers "Top Talker" ports are relatively easy to determine Router ports are randomly chosen (non-privileged range >1023) Message sizes aren't random 13

  14. Conclusion Is it possible for an entity that intercepts network traffic to fingerprint and positively identify hosts that are participating in the I2P network? Initialisation phase -> Yes, under default circumstances this is trivial. Operational phase -> Theoretically not, but potentially with use of statistical analysis or with a harvested historical netDb. 14

  15. Discussion Current patterns are difficult for a traditional IDS: - potentially possible over a longer period of time - requires lots of resources for mapping these data - quickly refreshing "static rules" with IP-Address/Port combinations from netDb entries 15

  16. Future research To further investigate the message length, a follow-up study should compare our data: - With traffic captured from a private I2P network setup, with fixed and known tunnel lengths. - With traffic captured from other protocols that use Onion Routing, such as TOR. Is it possible using active probing techniques to discover I2P routers? Is it possible to exploit an I2P router, forcing it into reseeding? 16

  17. Questions? 17

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

The Invisible Internet Project Andrew Savchenko Moscow, Russia FOSDEM 2018 3 & 4 February

The Invisible Internet Project Andrew Savchenko Moscow, Russia FOSDEM 2018 3 & 4 February

The Invisible Internet Project Andrew Savchenko Moscow, Russia FOSDEM 2018 3 & 4 February . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . The Arpanet

621 views • 44 slides
Fresh for tomorrow? Peter Martin, The Age Invisible? Invisible? Invisible? When searching for

Fresh for tomorrow? Peter Martin, The Age Invisible? Invisible? Invisible? When searching for

Fresh for tomorrow? Peter Martin, The Age Invisible? Invisible? Invisible? When searching for an analogy to describe the government, the first thing that comes to a government ministers mind is a company. Invisible? When searching for

638 views • 37 slides
An On-Site Presentation of Invisible Prehistoric Landscapes Article in Internet Archaeology

An On-Site Presentation of Invisible Prehistoric Landscapes Article in Internet Archaeology

See discussions, stats, and author profiles for this publication at: https://www.researchgate.net/publication/312480749 An On-Site Presentation of Invisible Prehistoric Landscapes Article in Internet Archaeology March 2017 DOI:

1.08k views • 13 slides
Infocognitive OCR Product Walkthrough Invisible Documents A Hidden Problem Invisible? In your

Infocognitive OCR Product Walkthrough Invisible Documents A Hidden Problem Invisible? In your

Infocognitive OCR Product Walkthrough Invisible Documents A Hidden Problem Invisible? In your EMS/DMS, one t thir ird d of Searchable Unsearchable your documents and attachments may be invisible to search. Where do these invisible

135 views • 12 slides
Exploring the Academic Invisible Web Das wissenschaftliche Invisible Web erkunden Dr. Dirk

Exploring the Academic Invisible Web Das wissenschaftliche Invisible Web erkunden Dr. Dirk

Exploring the Academic Invisible Web Das wissenschaftliche Invisible Web erkunden Dr. Dirk Lewandowski Heinrich-Heine-Universitt Dsseldorf, Information Science Research done in collaboration with Philipp Mayr, Bonn Agenda 1. Introduction

340 views • 23 slides
Invisible Logic 1 9/20/10 2 9/20/10 3 9/20/10 4 9/20/10

Invisible Logic 1 9/20/10 2 9/20/10 3 9/20/10 4 9/20/10

9/20/10 Invisible Logic Embedded Systems & Kinetic Art Fall 2009 CS5968 / FA3800 Invisible Logic 1 9/20/10 2 9/20/10 3 9/20/10 4 9/20/10 5 9/20/10 6 9/20/10

284 views • 13 slides
on the Internet of Things Software Project What is the Internet of Things? A system in which

on the Internet of Things Software Project What is the Internet of Things? A system in which

on the Internet of Things Software Project What is the Internet of Things? A system in which objects in the physical world can be connected to the Internet by sensors and actuators (coined 1999 by Kevin Ashton) Key aspects: E2E

343 views • 10 slides
are. I can create invisible ink. I can experiment using invisible ink. What are chemical

are. I can create invisible ink. I can experiment using invisible ink. What are chemical

Week 5 Science L.O. To investigate chemical reactions. I can explain what chemical reactions are. I can create invisible ink. I can experiment using invisible ink. What are chemical reactions? A chemical reaction is what happens when a

292 views • 5 slides
to your home church! Its All About Jesus Colossians 1:15-23 He is the image of the invisible

to your home church! Its All About Jesus Colossians 1:15-23 He is the image of the invisible

Welcome to your home church! Its All About Jesus Colossians 1:15-23 He is the image of the invisible God, the firstborn of all creation. For by him all things were created, in heaven and on earth, visible and invisible, whether thrones or

518 views • 15 slides
Jesus Is First! Colossians 1:15-20 The Son is the image of the invisible God, the firstborn over

Jesus Is First! Colossians 1:15-20 The Son is the image of the invisible God, the firstborn over

6/18/2018 Jesus Is First! Colossians 1:15-20 The Son is the image of the invisible God, the firstborn over all creation. For in him all things were created; things in heaven and on earth, visible and invisible, whether thrones or powers or

371 views • 4 slides
THE IAEAS INTERNET REACTOR THE IAEAS INTERNET REACTOR LABORATORY PROJECT (IRL) LABORATORY

THE IAEAS INTERNET REACTOR THE IAEAS INTERNET REACTOR LABORATORY PROJECT (IRL) LABORATORY

THE IAEAS INTERNET REACTOR THE IAEAS INTERNET REACTOR LABORATORY PROJECT (IRL) LABORATORY PROJECT (IRL) F. FOULON 1 , A. BORIO-DI-TIGLIOLE 2 , J. VYSHNIAUSKAS-GOMEZ 3 , D. RIDIKAS 4 , P. CANTERO 5 1 National Institute for Nuclear science

991 views • 22 slides
Security through Distrusting Joanna Rutkowska Invisible Things Lab &

Security through Distrusting Joanna Rutkowska Invisible Things Lab &

427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 Security through Distrusting Joanna Rutkowska Invisible Things Lab & Qubes OS Project Black Hat EU, London, UK, December 7, 2017 427F11FD

1.39k views • 65 slides
on the Invisible Hand Daniel Schoch Nottingham University Malaysia December 11 2019 Can we shed

on the Invisible Hand Daniel Schoch Nottingham University Malaysia December 11 2019 Can we shed

From Adam to Vernon Smith: Shedding Light on the Invisible Hand Daniel Schoch Nottingham University Malaysia December 11 2019 Can we shed some light on the Invisible Hand? I am not the first person to declare this notion of the invisible

558 views • 17 slides
Measuring the Internet Project Introduction Mat Ford / David Belson measuring@isoc.org

Measuring the Internet Project Introduction Mat Ford / David Belson measuring@isoc.org

14 September, 2020 African Internet Summit Measuring the Internet Project Introduction Mat Ford / David Belson measuring@isoc.org Presentation title Client name Measuring the Internet Why? The Internet Societys efforts focus on

336 views • 9 slides
How did the Internet come to be? It started as a research project to experiment with

How did the Internet come to be? It started as a research project to experiment with

How did the Internet come to be? It started as a research project to experiment with connecting computers 2: Internet History together with packet switched networks. It was developed with funding and leadership of the Defense

422 views • 4 slides
Search for Invisible Higgs Decays at the ILC Akimasa Ishikawa (Tohoku University) 20141019 New

Search for Invisible Higgs Decays at the ILC Akimasa Ishikawa (Tohoku University) 20141019 New

Search for Invisible Higgs Decays at the ILC Akimasa Ishikawa (Tohoku University) 20141019 New Higgs Working Group @ Toyama University Invisible Higgs Decays In the SM, an invisible Higgs decay is H ZZ* 4 process and its BF is

573 views • 20 slides
2 nd Restaurant Week VisitLorainCounty.com/LoCoeats #LoCoEats The Reservation Sponsored by the

2 nd Restaurant Week VisitLorainCounty.com/LoCoeats #LoCoEats The Reservation Sponsored by the

Lorain County Launches 2 nd Restaurant Week VisitLorainCounty.com/LoCoeats #LoCoEats The Reservation Sponsored by the Lorain County Commissioners and Visit Lorain County Lorain County Restaurant Week kicks off March 2 and runs through March

417 views • 17 slides
About us Kukhnia Bez Granits (KBG) was founded in 2004, merged with Masan Rus Trading (1996) in

About us Kukhnia Bez Granits (KBG) was founded in 2004, merged with Masan Rus Trading (1996) in

Instant food from a Russian manufacturer About us Kukhnia Bez Granits (KBG) was founded in 2004, merged with Masan Rus Trading (1996) in 2006, acquired Alexandra and Sofia (1994) in 2007; KBG introduced to the Russian market a new revolutionary

878 views • 21 slides
The Bar Mitzvah Prea reaknes kness s Hill Hills C s Cou ountr ntry C y Club ub

The Bar Mitzvah Prea reaknes kness s Hill Hills C s Cou ountr ntry C y Club ub

The Bar Mitzvah Prea reaknes kness s Hill Hills C s Cou ountr ntry C y Club ub Warm Warm & Wel & Welcomin coming Ex Excl clusi sivit ity, Ex Exce ceptional Cu tional Cuis isine ine, Ex Exqu quis isite ite S

126 views • 12 slides
Full Year 2019 Results Briefing February 28, 2020 Presenters Sunny Sun ny Ver ergh ghese

Full Year 2019 Results Briefing February 28, 2020 Presenters Sunny Sun ny Ver ergh ghese

Full Year 2019 Results Briefing February 28, 2020 Presenters Sunny Sun ny Ver ergh ghese ese A. . She Shekh khar ar N. Muth N. uthuk ukuma umar Co-Founder Executive Director Group CFO Group CEO CEO, Olam Food Ingredients 2

839 views • 38 slides
New Products 2018 Retail, Foodservice, Bake-off and On Board Catering presentation. Retail,

New Products 2018 Retail, Foodservice, Bake-off and On Board Catering presentation. Retail,

Primofornothe Ancient Italian Art of Baking . New Products 2018 Retail, Foodservice, Bake-off and On Board Catering presentation. Retail, Foodservice, Bake-off and On Board Catering presentation. Frozen & Chilled Line Frozen &

241 views • 20 slides
TABLE OF CONTENTS ABOUT ANCHOR BAR HISTORY MENU ANCHOR BAR SAUCE LOCATIONS

TABLE OF CONTENTS ABOUT ANCHOR BAR HISTORY MENU ANCHOR BAR SAUCE LOCATIONS

TABLE OF CONTENTS ABOUT ANCHOR BAR HISTORY MENU ANCHOR BAR SAUCE LOCATIONS BENEFITS INDUSTRY STATISTICS FAMOUS VISITORS MORE FAMOUS VISITORS FREQUENTLY ASKED QUESTIONS FINANCIAL INFORMATION OUR PROCESS

692 views • 16 slides
by David Licauco In Partnership with Resurgent Corporation David Licauco is a renowned model and

by David Licauco In Partnership with Resurgent Corporation David Licauco is a renowned model and

by David Licauco In Partnership with Resurgent Corporation David Licauco is a renowned model and actor partnering with Resurgent Corporation to give you fried chicken! Indulge your cravings for some tasty fried chicken by David Licauco. This

573 views • 14 slides
and guidance on its harmonised use Webinar 2 Sofia Ioannidou Alban Shahaj Laura Kirwan 3

and guidance on its harmonised use Webinar 2 Sofia Ioannidou Alban Shahaj Laura Kirwan 3

The FoodEx2 classification system and guidance on its harmonised use Webinar 2 Sofia Ioannidou Alban Shahaj Laura Kirwan 3 October 2018 FoodEx2 Webinar - GUIDE TO ATTENDEES This webinar is being recorded! The webinar is in English and

474 views • 21 slides

More recommend