1,720,988 research outputs found
On the Mixing Time of Directed Social Graphs and Security Implications
Full text linkWhile many social graphs are directed by nature, applica- tions that use social graphs are often evaluated on undi- rected versions of these graphs. Manipulating a social graph in this manner, however, may change important properties like the mixing time, a critical parameter for applications such as Sybil defense and anonymous communication. In this paper we measure the mixing time and behavior of several directed graphs and their undirected counterparts. Counter-intuitively, we find that some directed graphs are faster mixing than their undirected counterparts, whereas the general pattern is that directed graphs are slower mix- ing than undirected ones. To relate to the applications sug- gested in the literature, we measure how directionality of edges in several social graphs impact these applications, and find that evaluation on the undirected graphs always over- estimates the security provided by these schemes
Hijacking the Vuze BitTorrent network: all your hop are belong to us
No full textVuze is a popular file-sharing client. When looking for content, Vuze selects from its list of neighbours, a set of 20 nodes to be contacted; the selection is performed such that the neighbours closest to the content in terms of Vuze ID are contacted first. To improve efficiency of its searches, Vuze implements a network coordinate system: from the set of 20 to-be-contacted nodes, queries are sent to the closest nodes in terms of network distance, which is calculated by the difference in network coordinates. However, network coordinate systems are inherently insecure and a malicious peer can lie about its coordinate to appear closest to every peer in the network. This allows the malicious peer to bias next-hop choices for victim peers such that queries will be sent to the attacker, thus hijacking every search query. In our experiments, almost 20% of the search queries are hijacked; the cost of performing this attack is minimal - less than $112/month.
One-way indexing for plausible deniability in censorship resistant storage
Full text linkSampling of large social graphs is used for addressing infeasibility of measurements in large social graphs, or for crawling graphs from online social network services where accessing an entire social graph at once is often impossible. Sampling algorithms aim at maintaining certain properties of the original graphs in the sampled (or crawled) ones. Several sampling algorithms, such as breadth-first search, standard random walk, and Metropolis-Hastings random walk, among others, are widely used in the literature for sampling graphs. Some of these sampling algorithms are known for their bias, mainly towards high degree nodes, while bias for other metrics is not well-studied. In this paper we consider the bias of sampling algorithms on the mixing time. We quantitatively show that some existing sampling algorithms, even those which are unbiased to the degree distribution, always produce biased estimation of the mixing time of social graphs. We argue that bias in sampling algorithms accepted in the literature is rather metric-dependent, and a given sampling algorithm, while may work nicely and unbiased to one property, may produce considerable amount of bias in other properties
Location leaks on the GSM air interface
No full textCellular phones have become a ubiquitous means of communications with over 5 billion users worldwide in 2010, of which 80% are GSM subscribers. Due to their use of the wireless medium and their mobile nature, those phones listen to broadcast communications that could reveal their physical location to a passive adversary. In this paper, we investigate techniques to test if a user is present within a small area, or absent from a large area by simply listening on the broadcast GSM channels. With a combination of readily available hardware and open source software, we demonstrate practical location test attacks that include circumventing the temporary identifier designed to
protect the identity of the end user. Finally we propose solutions that would improve the location privacy of users with low system impact
Throttling Tor Bandwidth Parasites
No full textTor's network congestion and performance problems stem from a small percentage of users that consume a large fraction of available relay bandwidth. These users continuously drain relays of excess bandwidth, creating new network bottlenecks and exacerbating the effects of existing ones. Attacking the problem at its source, we present the design of three new algorithms that throttle clients to reduce network congestion and increase interactive client performance. Unlike existing techniques, our algorithms adaptively adjust throttling parameters given only information local to a relay. We implement our algorithms in Tor and compare significant client performance benefits using network-wide deployments of our algorithms under a variety of network loads. We also analyze the effects of throttling on anonymity and compare the security of our algorithms under adversarial attack. Software patches for our algorithms will be submitted to Tor.Jansen, Rob; Syverson, Paul; Hopper, Nicholas J.. (2011). Throttling Tor Bandwidth Parasites. Retrieved from the University Digital Conservancy, https://hdl.handle.net/11299/215866
Shadow: Running Tor in a Box for Accurate and Efficient Experimentation
No full textTor is a large and popular overlay network providing both anonymity to its users and a platform for anonymous communication research. New design proposals and attacks on the system are challenging to test in the live network because of deployment issues and the risk of invading users' privacy, while alternative Tor experimentation techniques are limited in scale, are inaccurate, or create results that are difficult to reproduce or verify. We present the design and implementation of Shadow, an architecture for efficiently running accurate Tor experiments on a single machine. We validate Shadow's accuracy with a private Tor deployment on PlanetLab and a comparison to live network performance statistics. To demonstrate Shadow's powerful capabilities, we investigate circuit scheduling and find that the EWMA circuit scheduler reduces aggregate client performance under certain loads when deployed to the entire Tor network. Our software is open source and available for download.Jansen, Rob; Hopper, Nicholas J.. (2011). Shadow: Running Tor in a Box for Accurate and Efficient Experimentation. Retrieved from the University Digital Conservancy, https://hdl.handle.net/11299/215867
- …
