1,721,018 research outputs found
Multipath Routing on Anonymous Communication Systems: Enhancing Privacy and Performance
Full text linkWe live in an era where mass surveillance and online tracking against civilians and organizations have reached alarming levels. This has resulted in more and more users relying on anonymous communications tools for their daily online activities. Nowadays, Tor is the most popular and widely deployed anonymization network, serving millions of daily users in the entire world.
Tor promises to hide the identity of users (i.e., IP addresses) and prevents that external agents disclose relationships between the communicating parties.
However, the benefit of privacy protection comes at the cost of severe performance loss. This performance loss degrades the user experience to such an extent that many users do not use anonymization networks and forgo the privacy protection offered. On the other hand, the popularity of Tor has captured the attention of attackers wishing to deanonymize their users.
As a response, this dissertation presents a set of multipath routing techniques, both at transport and circuit level, to improve the privacy and performance offered to Tor users. To this end, we first present a comprehensive taxonomy to identify the implications of integrating multipath on each design aspect of Tor.
Then, we present a novel transport design to address the existing performance unfairness of the Tor traffic.In Tor, traffic from multiple users is multiplexed in a single TCP connection between two relays. While this has positive effects on privacy, it negatively influences performance and is characterized by unfairness as TCP congestion control gives all the multiplexed Tor traffic as little of the available bandwidth as it gives to every single TCP connection that competes for the same resource. To counter this, we propose to use multipath TCP (MPTCP) to allow for better resource utilization, which, in turn, increases throughput of the Tor traffic to a fairer extend.
Our evaluation in real-world settings shows that using out-of-the-box MPTCP leads to 15% performance gain. We analyze the privacy implications of MPTCP in Tor settings and discuss potential threats and mitigation strategies.
Regarding privacy, in Tor, a malicious entry node can mount website fingerprinting (WFP) attacks to disclose the identities of Tor users by only observing patterns of data flows.In response to this, we propose splitting traffic over multiple entry nodes to limit the observable patterns that an adversary has access to. We demonstrate that our sophisticated splitting strategy reduces the accuracy from more than 98% to less than 16% for all state-of-the-art WFP attacks without adding any artificial delays or dummy traffic. Additionally, we show that this defense, initially designed against WFP, can also be used to mitigate end-to-end correlation attacks.
The contributions presented in this thesis are orthogonal to each other and their synergy comprises a boosted system in terms of both privacy and performance. This results in a more attractive anonymization network for new and existing users, which, in turn, increases the security of all users as a result of enlarging the anonymity set
Automation of Controller Area Network Reverse Engineering: Approaches, Opportunities and Security Threats
Full text linkController Area Network (CAN ) is the de-facto in-vehicle communication system in the automotive industry today. CAN data represents a valuable source of information regarding the vehicle, which can be exploited for a multitude of purposes by aftermarket companies, from fleet management to infotainment. With the rise of Vehicular Ad Hoc Networks (VANETs) and autonomous driving, we can expect the amount of data transiting on the CAN bus to further augment in the near future. While not encrypted, the communication inside the CAN bus is typically encoded using proprietary formats of the Original Equipment Manufacturers (OEM s) in order to prevent easy access to the information exchanged on the network. However, given the unwillingness of the OEM s to disclose the formats of most of the CAN signals of commercial vehicles (cars in particular) to the general public, the most common way to obtain such information is through reverse engineering. Recently, researchers have started investigating the automation of this process to make it faster, scalable and standardised. Aside from the evident advantages that it would bring to the industry, the automation of CAN bus reverse engineering has also gained interest in the scientific community, where automotive cybersecurity is a prominent topic. While achieving convincing results, the automation of CAN reverse engineering is still invasive, often includes complex hardware configurations or requires the presence of a human operator in the vehicle. This dissertation aims to analyse the main advancements achieved in the field of CAN bus reverse engineering and shed light on open issues.
In the first part of this dissertation, we explore opportunities and challenges of the automation of CAN bus reverse engineering and present three approaches that achieve different degrees of automation. The first, FastCAN, is based on the taxonomy of signals. Its goal is to provide a complete, standardised and modular pipeline for semi-automated reverse engineering and reduce the total time for data collection. The second, CSI, is a Machine Learning (ML )-based algorithm for the identification of critical signals working under limited assumptions. We use CSI as a case study to investigate whether CAN reverse engineering can be achieved with no other hardware than a dongle for the collection of raw data. The third, CANMatch, is a complete and fully automated approach based on frame matching. Through CANMatch we seek to demonstrate that the reuse of CAN frame IDs can be exploited to reverse engineer a high number of signals with minimal hardware requirements and human effort. In the second part of this dissertation, we discuss the implications that the full automation of the reverse engineering process has on the security of the bus. In this context, we investigate whether the anonymisation of the CAN frame IDs is sufficient to prevent frame-matching based reverse engineering. The results highlight that ML models can fingerprint CAN frames despite the anonymisation of their IDs. Finally, we propose a defence against frame fingerprinting based on traffic mutations, such as padding on the payload and morphing on the sending frequency. We conclude that traffic mutations are a promising study direction to prevent frame-matching based reverse engineering
Going Beyond Counting First Authors in Author Co-citation Analysis
Full text linkThe present study examines one of the fundamental aspects of author co-citation analysis (ACA) - the way co-citation
counts are defined. Co-citation counting provides the data on which all subsequent statistical analyses and mappings
are based, and we compare ACA results based on two different types of co-citation counting - the traditional type that
only counts the first one among a cited work's authors on the one hand and a non-traditional type that takes into
account the first 5 authors of a cited work on the other hand. Results indicate that the picture produced through this non-traditional author co-citation counting contains more coherent author groups and is therefore considerably clearer. However, this picture represents fewer specialties in the research field being studied than that produced through the traditional first-author co-citation counting when the same number of top-ranked authors is selected and analyzed. Reasons for these effects are discussed
Variations on the Author
Full text link“Variations on the Author” discusses two of Eduardo Coutinho’s recent films (Um Dia na Vida, from 2010, and Últimas Conversas, posthumously released in 2015) and their contribution to the general question of documentary authorship. The director’s filmography is characterized by a consistent yet self-effacing form of authorial self-inscription: Coutinho often features as an interviewer that rather than express opinions propels discourses; an interviewer that is good at listening. This mode of self-inscription characterizes him as an author who is not expressive but who is nonetheless markedly present on the screen. In Um Dia na Vida, however, Coutinho is completely absent form the image, while Últimas Conversas, on the contrary, includes a confessional prologue that moves the director from the margins to the center of his films. This article examines the ways in which these works stand out in the filmography of a director who offers new insights into the notion of cinematic authorship
Appropriate Similarity Measures for Author Cocitation Analysis
Full text linkWe provide a number of new insights into the methodological discussion about author cocitation analysis. We first argue that the use of the Pearson correlation for measuring the similarity between authors’ cocitation profiles is not very satisfactory. We then discuss what kind of similarity measures may be used as an alternative to the Pearson correlation. We consider three similarity measures in particular. One is the well-known cosine. The other two similarity measures have not been used before in the bibliometric literature. Finally, we show by means of an example that our findings have a high practical relevance.information science;Pearson correlation;cosine;similarity measure;author cocitation analysis
Dispelling the Myths Behind First-author Citation Counts
Full text linkWe conducted a full-scale evaluative citation analysis study of scholars in the XML research field to explore just how different from each other author rankings resulting from different citation counting methods actually are, and to demonstrate the capability of emerging data and tools on the Web in supporting more realistic citation counting methods. Our results contest some common arguments for the continued
use of first-author citation counts in the evaluation of scholars, such as high correlations between author rankings by first-author citation counts and other citation
counting methods, and high costs of using more realistic citation counting methods that are not well-supported by the ISI databases. It is argued that increasingly available digital full text research papers make it possible for citation analysis studies to go beyond what the ISI databases have directly supported and to employ more
sophisticated methods
On the evolution of onion routing networks
No full textThe desire for anonymous communication has been an integral part of the digital society since the early approaches many decades ago. Today, anonymous Internet communication is more relevant than ever. At the same time, it is confronted with significant new challenges: On the one hand, better performance is needed in order to provide acceptable usability to a growing number of users transferring growing amounts of data. On the other hand, however, anonymity requirements are growing too, as Internet users are facing stronger adversaries. Anonymous communication networks (ACNs) will have to adapt to these demands in order to continue providing online privacy to Internet users in the future. Therefore, evolution of ACNs is a core theme that is central to the future development of anonymous communication.
Our work thus constitutes a thorough investigation of the evolution of ACNs necessary to keep pace with the changing demands of modern online communication, specifically concerning performance and anonymity. Having in mind the real-world significance of the topic, we focus particularly on onion routing networks such as Tor, the most prominent anonymity system as of today. In essence, we analyze what can be changed to improve performance and anonymity, how such changes can be carried out, and in particular what would be the consequences thereof. In doing so, we investigate the two fundamental dimensions that enable evolution of distributed systems: Firstly, changes to the network protocols, such as on the transport layer, and secondly, changes to the network infrastructure, e.g., by adding resources.
Throughout this work, we contribute answers to a number of research questions that all revolve around the evolution of onion routing networks for improving performance and anonymity. Having in mind the inherent trade-off between performance and anonymity, a special focus is put on the relationship between these two design goals. All of our contributions aim to either establish a more thorough understanding of evolution in ACNs in general, investigate the trade-off between performance and anonymity, or contribute concrete, practically relevant improvements. Our results range from a novel experimental transport protocol for the Tor network that is the first to explore the suitability of model predictive control to improve performance, to concrete insights on how topological properties of network growth influence the achieved level of anonymity. Our work therefore constitutes an important step towards evolving modern anonymity networks in a way that enables them to keep up with future demands regarding performance and anonymity.Der Wunsch nach anonymer Kommunikation ist in der modernen digitalen Gesellschaft tief verankert und so relevant wie nie zuvor. Dabei steht anonyme Kommunikation vor erheblichen Herausforderungen: Einerseits erfordern wachsende Datenmengen und eine steigende Anzahl an Nutzern eine verbesserte Performanz um weiterhin akzeptable Nutzbarkeit zu gewährleisten. Andererseits verschärfen sich auch die Anforderungen an die Anonymität angesichts stärkerer Angreifer. Da Anonymisierungsnetzwerke (ACNs) sich diesen veränderten Bedingungen anpassen werden müssen um Internetnutzern weiterhin Privatsphäre zu gewährleisten, ist die Weiterentwicklung von ACNs von zentraler Bedeutung für die Zukunft anonymer Kommunikation.
Diese Arbeit untersucht daher die Fortentwicklung von ACNs, die nötig ist um mit den veränderten Anforderungen moderner Internetkommunikation Schritt zu halten, insbesondere im Hinblick auf Performanz und Anonymität. Aufgrund der praktischen Bedeutung liegt ein besonderer Fokus auf Onion-Routing-Netzwerken wie Tor, dem prominentesten ACN heutzutage. Die Arbeit beleuchtet insbesondere, welche Änderungen die Performanz und Anonymität verbessern können, wie diese durchgeführt werden können, und was die Konsequenzen derartiger Entwicklungen wären. Dabei werden die beiden grundlegenden Dimensionen der Evolution verteilter Systeme betrachtet: einerseits die eingesetzten Netzwerkprotokolle, beispielsweise auf der Transportschicht, und andererseits Veränderungen der Netzwerkinfrastruktur, zum Beispiel durch zusätzliche Ressourcen.
In dieser Arbeit wird eine Vielzahl von Forschungsfragen beantwortet, die alle die Weiterentwicklung von Onion-Routing-Netzwerken für verbesserte Performanz und Anonymität zum Thema haben. Aufgrund des inhärenten Widerspruchs zwischen Performanz und Anonymität liegt ein besonderes Augenmerk auf dem Zusammenhang zwischen diesen beiden Systemeigenschaften. Alle Beiträge dieser Arbeit haben zum Ziel, entweder das allgemeine Verständnis der Weiterentwicklung von ACNs zu stärken, den Zusammenhang zwischen Performanz und Anonymität zu untersuchen oder konkrete Verbesserungen beizusteuern. Die Ergebnisse dieser Arbeit reichen von einem neuartigen Transportprotokoll für das Tor-Netzwerk, das erstmals die Anwendbarkeit von Model Predictive Control für verbesserte Performanz untersucht, bis hin zu konkreten Erkenntnissen über den Einfluss verschiedener topologischer Eigenschaften von Netzwerkwachstum auf die Anonymität. Damit leistet diese Arbeit einen wichtigen Beitrag um Anonymisierungsnetzwerke dahingehend weiterzuentwickeln, dass sie zukünftige Anforderungen an Performanz und Anonymität erfüllen können.DFG, 451732324, Vereinbarkeit von Anonymität und Performanz in Onion-Routing-Netzwerke
koamabayili/VECTRON-author-checklist: VECTRON author checklist
No full textWe have done our best to complete the author checklist relating to the use of animals in the hut study. Note that the objective for the hut study was to evaluate the IRS treatment applications for residual efficacy against Anopheles mosquitoes, including the local An. coluzzii mosquito population. Cows were only used to attract mosquitoes into the huts and no tests were carried out directly on the cows. The author checklist is intended for use with studies where experiments are carried out on animals, which is why we have had such difficulty in completing this for the hut study, as many of the questions do not relate to how the cows were used
- …
