strengthening weak identities through inter domain trust
play

Strengthening Weak Identities Through Inter-Domain Trust Transfer - PowerPoint PPT Presentation

Nov 16, 2023 •341 likes •748 views

Strengthening Weak Identities Through Inter-Domain Trust Transfer Giridhari Venkatadri, Oana Goga , Changtao Zhong, Bimal Viswanath, Nishanth Sastry, Krishna Gummadi Online

  1. Strengthening Weak Identities Through Inter-Domain Trust Transfer Giridhari ¡Venkatadri, ¡ Oana ¡Goga , ¡Changtao ¡Zhong, ¡Bimal ¡ Viswanath, ¡Nishanth ¡Sastry, ¡Krishna ¡Gummadi ¡ ¡

  2. Online identity-infrastructures oana.goga@mpi-sws.org Trusted certificate Trusted certificate weak strong identity-infrastructure identity-infrastructure 2

  3. Online identity-infrastructures oana.goga@mpi-sws.org Trusted certificate Trusted certificate weak strong identity-infrastructure identity-infrastructure Accountability Anonymity Adoption Resistance to fake identity attacks 2

  4. Online identity-infrastructures oana.goga@mpi-sws.org Trusted certificate Trusted certificate weak strong identity-infrastructure identity-infrastructure Up to 40% of newly Accountability created identities on Twitter are malicious!! Anonymity Adoption Resistance to fake identity attacks 2

  5. Online identity-infrastructures oana.goga@mpi-sws.org Challenge: How to reason about the Trusted certificate Trusted certificate weak strong identity-infrastructure trustworthiness of weak identities? identity-infrastructure Up to 40% of newly Accountability created identities on Twitter are malicious!! Anonymity Adoption Resistance to fake identity attacks 2

  6. Limitations of current technique Current techniques: Based on the past activity of each identity within the domain Limitation: Domains need to observe the behavior of weak identities over time (time lag) • Malicious users can still exploit new identities to misbehave • Honest users must wait to acquire access to resources (e.g., Reddit posting quotas) 3

  7. Key idea Strengthen weak identities through inter-domain trust-transfer Trusted certificate 4

  8. Key idea Strengthen weak identities through inter-domain trust-transfer Trusted certificate ‣ Use the weak identities of users on other domains as external trust certificates 4

  9. Why would this actually work? 1. Many hones users maintain weak identities on multiple domains and they already interconnect their identities (e.g., social login) 2. Malicious attackers would incur additional costs 3. More established domains could provide good trust references for newer domains 5

  10. This talk 1. Potential for inter-domain trust transfer 2. Inter-domain trust transfer framework 3. Leverage inter-domain trust transfer for identity curation 6

  11. This talk 1. Potential for inter-domain trust transfer 2. Inter-domain trust transfer framework 3. Leverage inter-domain trust transfer for identity curation 6

  12. Potential for inter- domain trust transfer Can activity signals from Facebook and Twitter help Pinterest reason about trustworthiness better? Dataset • 1.7M random identities on Pinterest, and their matching identities on Facebook and Twitter • Activity signals computed based on public data on Twitter and Facebook (e.g., account age, # followers, suspension) • Diverse set of untrustworthy identities on Pinterest 7

  13. Source domain and trustworthiness activity signal (untrustworthiness on Pinterest) 8

  14. Source domain and trustworthiness activity signal Correlation between untrustworthiness on Pinterest and the choice of the source domain! (untrustworthiness on Pinterest) 8

  15. Suspension signal and trustworthiness 0.6 Fraction of identities Facebook 0.5 Twitter activity signal suspended 0.4 0.3 0.2 0.1 0 0 0.05 0.1 0.15 >0.2 Fraction of blocked pins (untrustworthiness on Pinterest) 9

  16. Suspension signal and trustworthiness 0.6 Fraction of identities Facebook 0.5 Twitter activity signal suspended 0.4 Untrustworthy Pinterest identities are more likely to be suspended on Twitter 0.3 (but not on Facebook!) 0.2 0.1 0 0 0.05 0.1 0.15 >0.2 Fraction of blocked pins (untrustworthiness on Pinterest) 9

  17. This talk 1. Potential for inter-domain trust transfer 2. Inter-domain trust transfer framework 3. Leverage inter-domain trust transfer for identity curation 10

  18. This talk 1. Potential for inter-domain trust transfer 2. Inter-domain trust transfer framework 3. Leverage inter-domain trust transfer for identity curation 10

  19. Inter-domain trust transfer framework Source domains S2 Sn S1 Target domain 11

  20. Inter-domain trust transfer framework Source domains S2 Sn S1 What are the challenges? Target domain 11

  21. 1. How to link the matching identities of a user? Source domains S2 Sn S1 Target domain 12

  22. 1. How to link the matching identities of a user? Source domains S2 Sn S1 Target domain 12

  23. 1. How to link the matching identities of a user? Solution: single sign-on protocols Source domains S2 Sn S1 Target domain 12

  24. 1. How to link the matching identities of a user? Solution: single sign-on protocols Source domains S2 Sn S1 this can be done in an anonymous way as well! Target domain 12

  25. 2. What information to export? Source domains S2 Sn S1 Target domain 13

  26. 2. What information to export? Source domains S2 Sn S1 Inf( ) Target domain 13

  27. 2. What information to export? Ideal information: • Useful for the target domain Source domains • Do not ruin the privacy of users S2 Sn S1 Inf( ) Target domain 13

  28. 2. What information to export? Ideal information: • Useful for the target domain Source domains • Do not ruin the privacy of users S2 Sn S1 Inf( ) Solution: • The target domain can ask the permission of the user (e.g., OAuth) • The source domain only exports coarse grain information Target domain 13

  29. 3. How to interpret and combine the information? Inf( ) Inf( ) 1000 likes 100 followers 14

  30. 3. How to interpret and combine the information? Solution: Target domain needs to do a calibration step Inf( ) (e.g. using a classifier and all available activity signals) Inf( ) 1000 likes 100 followers 14

  31. This talk 1. Potential for inter-domain trust transfer 2. Inter-domain trust transfer framework 3. Leverage inter-domain trust transfer for identity curation 15

  32. This talk 1. Potential for inter-domain trust transfer 2. Inter-domain trust transfer framework 3. Leverage inter-domain trust transfer for identity curation 15

  33. Identity curation Curated set of identities: a set of identities with high probability to be trustworthy Why curate? I. Early access to elevated privileges II. Sybil-resilient content recommendation Question: Can activity signals from Facebook/Twitter help Pinterest: • Curate more identities? • Curate identities early-on? 16

  34. Pinterest can curate more identities 0.99 All signals Pinterest signals 0.98 Purity level Random 0.97 0.96 0.95 0.94 0.93 0 10 20 30 40 50 60 70 80 90 100 Coverage 17

  35. Pinterest can curate more identities 0.99 All signals 0.975 Pinterest signals 0.98 Purity level Random 0.97 0.96 0.95 0.94 0.93 0 10 20 30 40 50 60 70 80 90 100 Coverage 17

  36. Pinterest can curate more identities 0.99 All signals 0.975 Pinterest signals 0.98 Purity level Random 0.97 0.96 Trust transfer allows to curate more than twice as many identities !! 0.95 0.94 0.93 0 10 20 30 40 50 60 70 80 90 100 Coverage 17

  37. Pinterest can curate identities early-on 1 CDF of identities Pinterest curated Additionally curated 0.8 0.6 0.4 0.2 0 -5 0 5 10 15 20 25 30 Age in months on Pinterest 18

  38. Pinterest can curate identities early-on 1 CDF of identities Pinterest curated Additionally curated 0.8 0.6 0.4 0.2 0 -5 0 5 10 15 20 25 30 Age in months on Pinterest 18

  39. Pinterest can curate identities early-on 1 CDF of identities Pinterest curated Additionally curated 0.8 0.6 0.4 0.2 Trust transfer allows to curate identities up to 15 months in advance !! 0 -5 0 5 10 15 20 25 30 Age in months on Pinterest 18

  40. Conclusions • Lack of external trust certificates for weak identities could be mitigated by user’s weak identities on other domains • Users can keep their identities anonymous! • Inter-domain trust transfer framework • Low deployment overheads • Without significant loss of privacy • Evaluation on real-world domains is very promising! • Even simple activity signals go a long way 19

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

INTER-TRUST Interoperable Trust Assurance Infrastructure Grant agreement no: 317731 Introduction

INTER-TRUST Interoperable Trust Assurance Infrastructure Grant agreement no: 317731 Introduction

INTER-TRUST ICT FP7- G.A. 317731 INTER-TRUST Interoperable Trust Assurance Infrastructure Grant agreement no: 317731 Introduction The main objective of the INTER-TRUST project is to develop a framework to support trustworthy applications

255 views • 4 slides
1 Inter-Domain Routing Network comprised of many Autonomous Systems (ASes) or domains 23

1 Inter-Domain Routing Network comprised of many Autonomous Systems (ASes) or domains 23

CSE/EE 461 Lecture 11 Inter-domain Routing This Lecture Focus How do we make routing scale? Application Presentation Inter-domain routing Session ASes and BGP Transport Network Data Link Physical sdg // CSE/EE 461,

395 views • 5 slides
Inter-Domain DOTS Use Cases draft-nishizuka-dots-inter-domain-usecases-00 Kaname Nishizuka, NTT

Inter-Domain DOTS Use Cases draft-nishizuka-dots-inter-domain-usecases-00 Kaname Nishizuka, NTT

Inter-Domain DOTS Use Cases draft-nishizuka-dots-inter-domain-usecases-00 Kaname Nishizuka, NTT Communications Nov. 2015 IETF94@yokohama Draft Overview Motivation The volume of DDoS attack will exceed available anti- DDoS capability by

802 views • 10 slides
How NOC manages and controls inter-domain traffic? 5 th tf-noc meeting, Dubrovnik

How NOC manages and controls inter-domain traffic? 5 th tf-noc meeting, Dubrovnik

How NOC manages and controls inter-domain traffic? 5 th tf-noc meeting, Dubrovnik nino.ciurleo@garr.it Agenda Inter-domain traffic: o how does NOC monitor and control it? Common case as example: new BGP peer activation -> new

479 views • 35 slides
CS 557 Inter-Domain Routing Introduction to BGP Routing Tutorial slides from Tim Griffin, 2001

CS 557 Inter-Domain Routing Introduction to BGP Routing Tutorial slides from Tim Griffin, 2001

CS 557 Inter-Domain Routing Introduction to BGP Routing Tutorial slides from Tim Griffin, 2001 Spring 2013 Inter-domain Routing 2153 11537 1706 52 FRGP Level 3 ARIZONA ColoState Autonomous Systems (AS) Border Gateway Protocol

566 views • 30 slides
Bootstrapping evolvability for inter-domain routing with D-BGP Raja Sambasivan David Tran-Lam,

Bootstrapping evolvability for inter-domain routing with D-BGP Raja Sambasivan David Tran-Lam,

Bootstrapping evolvability for inter-domain routing with D-BGP Raja Sambasivan David Tran-Lam, Aditya Akella, Peter Steenkiste This talk in one slide What evolvability features needed in any Q inter-domain protocol? New New Existing

609 views • 26 slides
Inter-Domain Routing Security Inter-Domain Routing Security ~ ~BGP BGP Route Hijacking~ Route

Inter-Domain Routing Security Inter-Domain Routing Security ~ ~BGP BGP Route Hijacking~ Route

Inter-Domain Routing Security Inter-Domain Routing Security ~ ~BGP BGP Route Hijacking~ Route Hijacking~ Mar 1 2007 in APRICOT 2007 NTT Communications Corp. Taka Mizuguchi Tomoya Yoshida What s BGP Route Hijacking? s BGP Route

583 views • 40 slides
Bootstrapping evolvability for inter-domain routing Raja Sambasivan , David Tran-Lam, Aditya

Bootstrapping evolvability for inter-domain routing Raja Sambasivan , David Tran-Lam, Aditya

Bootstrapping evolvability for inter-domain routing Raja Sambasivan , David Tran-Lam, Aditya Akella, Peter Steenkiste Inter-domain routing is stagnant Many proposed fi xes/replacements for BGP E.g., LISP [RFC 6830], S-BGP [SAC00], Wiser,

350 views • 23 slides
Inter-Domain Lies Based on TMA 2019 Paper - Focus on Infrastructure Julian M. Del Fiore Pascal

Inter-Domain Lies Based on TMA 2019 Paper - Focus on Infrastructure Julian M. Del Fiore Pascal

Filtering the Noise to Reveal Inter-Domain Lies Based on TMA 2019 Paper - Focus on Infrastructure Julian M. Del Fiore Pascal Merindol, Valerio Persico, Cristel Pelsser, Antonio Pescape AS C AS D p2p AS B AS X AS E Inter-Domain Lie

109 views • 9 slides
A Reproducibility Study of IP Spoofing Detection in Inter-Domain Traffic Jasper Eumann

A Reproducibility Study of IP Spoofing Detection in Inter-Domain Traffic Jasper Eumann

A Reproducibility Study of IP Spoofing Detection in Inter-Domain Traffic Jasper Eumann October 9, 2019 iNET RG, Hamburg University of Applied Sciences Overview IP Spoofing Mitigation in General Detection in Inter-Domain Traffic

778 views • 42 slides
Bloom Filter based Inter-domain Name Resolution: A Feasibility Study Konstantinos V. Katsaros,

Bloom Filter based Inter-domain Name Resolution: A Feasibility Study Konstantinos V. Katsaros,

Bloom Filter based Inter-domain Name Resolution: A Feasibility Study Konstantinos V. Katsaros, Wei Koong Chai and George Pavlou University College London, UK Outline Inter-domain name resolution in ICN Scalability concerns Bloom

694 views • 33 slides
Crossing Over the Bounded Domain: From Exponential To Power-law Inter- meeting time in MANET Han

Crossing Over the Bounded Domain: From Exponential To Power-law Inter- meeting time in MANET Han

Crossing Over the Bounded Domain: From Exponential To Power-law Inter- meeting time in MANET Han Cai, Do Young Eun Department of Electrical and Computer Engineering North Carolina State University Motivation inter-meeting time

720 views • 35 slides
CS 640: Introduction to Computer Networks Aditya Akella Lecture 11 - Inter-Domain Routing -

CS 640: Introduction to Computer Networks Aditya Akella Lecture 11 - Inter-Domain Routing -

CS 640: Introduction to Computer Networks Aditya Akella Lecture 11 - Inter-Domain Routing - BGP (Border Gateway Protocol) Intra -domain routing The Story So Far Routing protocols generate the forwarding table Two styles:

481 views • 12 slides
Inter-domain SDN Considera2ons Ronald van der Pol

Inter-domain SDN Considera2ons Ronald van der Pol

Inter-domain SDN Considera2ons Ronald van der Pol SURFnet Ronald.vanderPol@SURFnet.nl GLIF, 17 January 2013, Honolulu, USA Dis2nguish between:

575 views • 8 slides
Towards a Next- Generation Inter-domain Routing Protocol L. Subramanian, M. Caesar, C.T. Ee, M.

Towards a Next- Generation Inter-domain Routing Protocol L. Subramanian, M. Caesar, C.T. Ee, M.

Towards a Next- Generation Inter-domain Routing Protocol L. Subramanian, M. Caesar, C.T. Ee, M. Handley , Z. Mao, S. Shenker, and I. Stoica Routing 1999 Internet Map Coloured by ISP Source: Bill Cheswick, Lumeta AS-level Topology 2003

946 views • 37 slides
From weak online reputation metrics to standardized attack-resistant trust metrics Dr. Jean-Marc

From weak online reputation metrics to standardized attack-resistant trust metrics Dr. Jean-Marc

ITU Workshop on Future Trust and Knowledge Infrastructure, Phase 2 Geneva, Switzerland 1 July 2016 From weak online reputation metrics to standardized attack-resistant trust metrics Dr. Jean-Marc Seigneur President at Rputaction SAS,

599 views • 26 slides
Coercion Mitigation Peter Y A Ryan Vincenzo Iovino and Peter Roenne Universit du

Coercion Mitigation Peter Y A Ryan Vincenzo Iovino and Peter Roenne Universit du

Selene: V oting with T ransparent V erifiability and Coercion Mitigation Peter Y A Ryan Vincenzo Iovino and Peter Roenne Universit du Luxembourg Voting16 26 Feb 2016 1 Outline End - To - End verifiability Outline of

522 views • 40 slides
DELEGATEE: BROKERED DELEGATION USING TRUSTED EXECUTION ENVIRONMENTS Sinisa Matetic, Moritz

DELEGATEE: BROKERED DELEGATION USING TRUSTED EXECUTION ENVIRONMENTS Sinisa Matetic, Moritz

DELEGATEE: BROKERED DELEGATION USING TRUSTED EXECUTION ENVIRONMENTS Sinisa Matetic, Moritz Schneider, Andrew Miller, Ari Juels, Srdjan Capkun OVERVIEW 1. Introduction 2. Motivations and Problem Statement 3. DelagaTEE 4. Security Analysis 5.

946 views • 46 slides
Article Feedback V5 Project Overview Prepared by: Fabrice Florin Wikimedia Foundation

Article Feedback V5 Project Overview Prepared by: Fabrice Florin Wikimedia Foundation

Truthsquad Fact check your news Article Feedback V5 Project Overview Prepared by: Fabrice Florin Wikimedia Foundation fflorin@wikimedia.org March 23, 2012 Article Feedback v5 Wikimedia Product Group Goal 1 : engage readers to

698 views • 40 slides
Conceptions of Conceptions of Privacy Privacy Engineering & Public Policy Lorrie Faith

Conceptions of Conceptions of Privacy Privacy Engineering & Public Policy Lorrie Faith

CyLab Conceptions of Conceptions of Privacy Privacy Engineering & Public Policy Lorrie Faith Cranor September 3, 2015 y & c S a e v c i u r P r i t e y l b L a a s b U o 8-533 / 8-733 / 19-608 / 95-818:

702 views • 23 slides
Comprehensive ESRD Care (CEC) Model Welcome to Todays Webinar The CEC Application We will

Comprehensive ESRD Care (CEC) Model Welcome to Todays Webinar The CEC Application We will

Comprehensive ESRD Care (CEC) Model Welcome to Todays Webinar The CEC Application We will begin promptly at 12 PM EST Dial-in: 1-800-832-0736 Meeting Room: *6291628# Note: All attendee phone lines are muted to prevent audio feedback.

1.15k views • 58 slides
The Web Centipede: Understanding How Web Communities Influence Each Other Through the Lens of

The Web Centipede: Understanding How Web Communities Influence Each Other Through the Lens of

The Web Centipede: Understanding How Web Communities Influence Each Other Through the Lens of Mainstream and Alternative News Sources Savvas Zannettou , Tristan Caulfield, Emiliano De Cristofaro, Nicolas Kourtellis, Ilias Leontiadis, Michael

670 views • 29 slides
Studying jerks on the Internet: A Data-Driven Approach Emiliano De Cristofaro (Thanks to Jeremy

Studying jerks on the Internet: A Data-Driven Approach Emiliano De Cristofaro (Thanks to Jeremy

Studying jerks on the Internet: A Data-Driven Approach Emiliano De Cristofaro (Thanks to Jeremy Blackburn and Savvas Zannettou for most of the slides) Outline 1. Hate on and raids from fringe communities like 4chan [ICWSM 2017] 2.

868 views • 57 slides
Action Item List 20 March 2001 Status 21 February 2001 AIRS Science Team meeting D1. Dave Tobin:

Action Item List 20 March 2001 Status 21 February 2001 AIRS Science Team meeting D1. Dave Tobin:

Action Item List 20 March 2001 Status 21 February 2001 AIRS Science Team meeting D1. Dave Tobin: check availability of the UW ground-track/slant path prediction program. Needs to be exportable to support AIRS ground campaigns.

399 views • 4 slides

More recommend