Presentation is loading. Please wait.

Presentation is loading. Please wait.

Enforcing Anonymity and Improving Pseudonymity in Tails David Wolinsky Yale University.

Published byDwayne Booker Modified over 9 years ago

Similar presentations

Presentation on theme: "Enforcing Anonymity and Improving Pseudonymity in Tails David Wolinsky Yale University."— Presentation transcript:

1 Enforcing Anonymity and Improving Pseudonymity in Tails David Wolinsky Yale University

2 What Is Nymix Alice Internet Alice’s Laptop Cloud Storage Nyms

3 The Leaky Boat

4 Application Level Attacks Bob’s Booby-trap Blog Alice Tor-based Secure Channel Unsecured Channel: “Here’s my IP” Javascript Exploit Freetopia Repressistan Alice’s Laptop Alice in Repressistan

5 Bob Correlation Attacks Internet Bob’s Laptop Bob of Freetopia

6 Confiscation Attacks Carol Carol the Landofopportunian Border patrol

7 Attack Recap

8 Nymix – One Layer Deeper Alice Internet Alice’s Laptop Cloud Storage Nym Manager CommVM AnonVM

9 Attacks Executed in Nymix

10 Application Level Attacks Bob’s Booby-trap Blog Alice Tor-based Secure Channel Unsecured Channel: “Here’s my IP” Javascript Exploit Freetopia Repressistan Alice’s Laptop Alice in Repressistan

11 Application Level Attacks Bob’s Booby-trap Blog Alice Tor-based Secure Channel Javascript Exploit Freetopia Repressistan Alice’s Laptop Alice in Repressistan

12 Attacks Executed in Nymix

13 Bob Correlation Attacks Internet Bob’s Laptop Bob of Freetopia

14 Bob Correlation Attacks Internet Bob’s Laptop Bob of Freetopia Alice’s Laptop

15 Attacks Executed in Nymix

16 Confiscation Attacks Carol Carol the Landofopportunian Border patrol

17 Confiscation Attacks Carol Carol the Landofopportunian

18 Confiscation Attacks Carol Carol the Landofopportunian Border patrol X

19 Attacks Executed in Nymix

20 Evaluation I7 – 4 cores at 2.7 GHz 8 GB Ram Connects to a test deployment of Tor 10 Mbit bandwidth 200 ms latency 3 relays Nym memory usage AnonVM – 384 MB RAM, 128 MB Disk (stored in RAM) CommVM – 128 MB RAM, 16 MB Disk (stored in RAM)

21 CPU Evaluations

22 Memory Usage

23 Network Overhead

24 Nymix is not… It is… Not a complete solution An exploration of pseudonymity potential with virtualization A ready to use system A research prototype looking at potential integration with tails

25 Implementation Ubuntu 14.04 Qemu (KVM) for virtualization OverlayFS for union file system Google Chromium (required in order to support a circumvention software)

26 Integration with Tails To CommVM or not CommVM Each VM is not cheap Must share a common Tor guard Sharing a common base image with Tails Tails is well hardened Tails has many configurations undesirable for AnonVM Persistence Models Store all data in the cloud Encrypted (LUKS) volume, store header elsewhere

27 Futher Challenges Resolution of VMM Fingerprintable CPU VMM timing channels Accessing local hardware / data

28 Going Forward Tomorrow – 15:00 – 16:00 – Follow up discussion Slides available PDF http://goo.gl/XUVZmC PPTX http://goo.gl/0pkHM5 Text available http://arxiv.org/abs/1312.3665http://arxiv.org/abs/1312.3665 Github https://github.com/DeDiS/WiNoN

Download ppt "Enforcing Anonymity and Improving Pseudonymity in Tails David Wolinsky Yale University."

Similar presentations

Microsoft ® Official Course First Look Clinic Overview of Windows 8 By Ragowo Riantory, S.Kom, MCP.

Microsoft ® Official Course First Look Clinic Overview of Windows 8 By Ragowo Riantory, S.Kom, MCP.
Virtual Switching Without a Hypervisor for a More Secure Cloud Xin Jin Princeton University Joint work with Eric Keller(UPenn) and Jennifer Rexford(Princeton)

Virtual Switching Without a Hypervisor for a More Secure Cloud Xin Jin Princeton University Joint work with Eric Keller(UPenn) and Jennifer Rexford(Princeton)
PIR-Tor: Scalable Anonymous Communication Using Private Information Retrieval Prateek Mittal University of Illinois Urbana-Champaign Joint work with: Femi.

PIR-Tor: Scalable Anonymous Communication Using Private Information Retrieval Prateek Mittal University of Illinois Urbana-Champaign Joint work with: Femi.
Case Study: T-Mobile Retail Personal Coverage Check Kiosk Joe Wong, Integral GIS Sean Alexis, T-Mobile April 18, 2007.

Case Study: T-Mobile Retail Personal Coverage Check Kiosk Joe Wong, Integral GIS Sean Alexis, T-Mobile April 18, 2007.
Information Security and Cloud Computing Naresh K. Sehgal, Sohum Sohoni, Ying Xiong, David Fritz, Wira Mulia, and John M. Acken 1 NKS.

Information Security and Cloud Computing Naresh K. Sehgal, Sohum Sohoni, Ying Xiong, David Fritz, Wira Mulia, and John M. Acken 1 NKS.
Managing NymBoxes for Identity and Tracking Protection David Wolinsky, Daniel Jackowitz, and Bryan Ford Yale University.

Managing NymBoxes for Identity and Tracking Protection David Wolinsky, Daniel Jackowitz, and Bryan Ford Yale University.
VSphere vs. Hyper-V Metron Performance Showdown. Objectives Architecture Available metrics Challenges in virtual environments Test environment and methods.

VSphere vs. Hyper-V Metron Performance Showdown. Objectives Architecture Available metrics Challenges in virtual environments Test environment and methods.
Brocade Landmark Routing on Structured P2P Overlays Ben Zhao, Yitao Duan, Ling Huang Anthony Joseph and John Kubiatowicz (IPTPS 2002) Goals Improve routing.

Brocade Landmark Routing on Structured P2P Overlays Ben Zhao, Yitao Duan, Ling Huang Anthony Joseph and John Kubiatowicz (IPTPS 2002) Goals Improve routing.
Scheduler-based Defenses against Cross-VM Side- channels Venkat(anathan) Varadarajan, Thomas Ristenpart, and Michael Swift 1 D EPARTMENT OF C OMPUTER S.

Scheduler-based Defenses against Cross-VM Side- channels Venkat(anathan) Varadarajan, Thomas Ristenpart, and Michael Swift 1 D EPARTMENT OF C OMPUTER S.
Virtualization for Cloud Computing

Virtualization for Cloud Computing
Virtualization A way To Begin with Virtual Reality… - Rahul Khanwani.

Virtualization A way To Begin with Virtual Reality… - Rahul Khanwani.
Cloud Computing All Copyrights reserved to Talal Abu-Ghazaleh Organization -2013 1.

Cloud Computing All Copyrights reserved to Talal Abu-Ghazaleh Organization
Computer SystemsComputer Systems Part 1: Computer Assembly, OS & Network SetupPart 1: Computer Assembly, OS & Network Setup.

Computer SystemsComputer Systems Part 1: Computer Assembly, OS & Network SetupPart 1: Computer Assembly, OS & Network Setup.
Towards a Safe Playground for HTTPS and Middle-Boxes with QoS2 Zhenyu Zhou CS Dept., Duke University.

Towards a Safe Playground for HTTPS and Middle-Boxes with QoS2 Zhenyu Zhou CS Dept., Duke University.
Storage Devices. Internal / External Hard Drive Also known as hard disks Internal drive stores the operating system software, application software and.

Storage Devices. Internal / External Hard Drive Also known as hard disks Internal drive stores the operating system software, application software and.
Cross-Domain Privacy-Preserving Cooperative Firewall Optimization.

Cross-Domain Privacy-Preserving Cooperative Firewall Optimization.
Microsoft Azure Virtual Machines. Networking Compute Storage Virtual Machine Operating System Applications Data & Access Runtime Provision & Manage.

Microsoft Azure Virtual Machines. Networking Compute Storage Virtual Machine Operating System Applications Data & Access Runtime Provision & Manage.
Slide 1 DESIGN, IMPLEMENTATION, AND PERFORMANCE ANALYSIS OF THE ISCSI PROTOCOL FOR SCSI OVER TCP/IP By Anshul Chadda (Trebia Networks)-Speaker Ashish Palekar.

Slide 1 DESIGN, IMPLEMENTATION, AND PERFORMANCE ANALYSIS OF THE ISCSI PROTOCOL FOR SCSI OVER TCP/IP By Anshul Chadda (Trebia Networks)-Speaker Ashish Palekar.
Benefits: Increased server utilization Reduced IT TCO Improved IT agility.

Benefits: Increased server utilization Reduced IT TCO Improved IT agility.
George Skarbek May 2010. What drives? There are three types of virtual drives that can help. They are: A mapped network drive Virtual CD/DVD drive RAM.

George Skarbek May What drives? There are three types of virtual drives that can help. They are: A mapped network drive Virtual CD/DVD drive RAM.

Similar presentations

Ads by Google