Presentation is loading. Please wait.

Presentation is loading. Please wait.

Privacy-Preserving Attribution and Provenance UC San Diego & University of Washington Alex C. Snoeren & Yoshi Kohno, PIs Stefan Savage, Amin Vahdat, Geoff.

Published byJoseph McKinney Modified over 10 years ago

Similar presentations

Presentation on theme: "Privacy-Preserving Attribution and Provenance UC San Diego & University of Washington Alex C. Snoeren & Yoshi Kohno, PIs Stefan Savage, Amin Vahdat, Geoff."— Presentation transcript:

1 Privacy-Preserving Attribution and Provenance UC San Diego & University of Washington Alex C. Snoeren & Yoshi Kohno, PIs Stefan Savage, Amin Vahdat, Geoff Voelker (UCSD)

2 Privacy-respecting forensics Privacy: No extra information to bad guys. Attributable / trackable: Can track the bad guys with special properties Violate privacy: Bad guys can track the good guys without intended special properties Avoid attribution / tracking: Bad guys can circumvent tracking

3 Evidence-based security research Pursue a two-pronged research agenda Long-term clean slate architectural design, grounded in Principled work on todays concrete security environment Obvious analogy to the medical field Ongoing, fundamental research into biological processes Continuously developing treatments for prevalent disease Each independent process informs and guides the other

4 A vision for a future Internet Strong anonymityStrong forensics We are here Can we get here and here simultaneously?

5 What we have today Each hop and destination might: Inspect/influence payload Fingerprint OS Fingerprint application Fingerprint physical device Ad hoc ; easy to fool if skilled attacker; but loss of privacy if average user A B

6 A B A Attributable: Trusted third party can attribute physical origin of every single packet Verifiable: Every hop and destination can verify that the trusted third party can attribute origin Anonymous: Unauthorized parties cannot attribute physical origin of packets What we want

7 Our System: Clue Dual Pentium 3.4GHz, 4GB RAM; Dual Pentium 3GHz, 1GB RAM

8 CSI/FBI Computer Crime and Security Survey: Laptop and mobile device theft prevalent and expensive problem: $30k per incident 10% of laptops are lost or stolen in first year 97% of lost or stolen laptops never recovered Lost/stolen Internet devices

9 Privacy-respecting recovery Goal: Recover locations of lost or stolen devices Timeline Owner possession (not lost nor stolen) Lost or stolen but unmodified State erased or reset Machine destroyed Recoverability: Loss or flea market thief Location privacy: Tracking service, thief, outsider

10 Lookup I Ki (T) I Ki (T),E Ki (LocationInfo) Adeona Forward secure PRG to evolve keys over time Use shared key to compute indices as well as encrypt data Use DHT to prevent traffic profiling

11 Our goal: Determine feasibility of putting privacy- respecting attribution into the network But lots of issues, including: Who should be the trusted third pary? Internet is multi-national Remember the Clipper Chip? Intels Processor Serial Number? Politics and technology

Download ppt "Privacy-Preserving Attribution and Provenance UC San Diego & University of Washington Alex C. Snoeren & Yoshi Kohno, PIs Stefan Savage, Amin Vahdat, Geoff."

Similar presentations

ACHIEVING NETWORK LEVEL PRIVACY IN WIRELESS SENSOR NETWORKS.

ACHIEVING NETWORK LEVEL PRIVACY IN WIRELESS SENSOR NETWORKS.
CLOSENESS: A NEW PRIVACY MEASURE FOR DATA PUBLISHING

CLOSENESS: A NEW PRIVACY MEASURE FOR DATA PUBLISHING
Network support for DoS Protection Stefan Savage Dept of Computer Science and Engineering UC San Diego.

Network support for DoS Protection Stefan Savage Dept of Computer Science and Engineering UC San Diego.
Architectural issues for network-layer identifiers Stefan Savage Dept of Computer Science & Engineering UC San Diego.

Architectural issues for network-layer identifiers Stefan Savage Dept of Computer Science & Engineering UC San Diego.
Beyond Compliance: Advanced SmartGrid Authentication Paul Miller Uniloc.

Beyond Compliance: Advanced SmartGrid Authentication Paul Miller Uniloc.
Identify risks with mobile devices: Portable data storage Wireless connections 3 rd party applications Data integrity Data availability 2.

Identify risks with mobile devices: Portable data storage Wireless connections 3 rd party applications Data integrity Data availability 2.
Mobile Devices and Wireless Tracy Jackson Liz Nenni Matt Hinson Chris Eiben.

Mobile Devices and Wireless Tracy Jackson Liz Nenni Matt Hinson Chris Eiben.
OC RIMS Cyber Safety & Security Incident Response.

OC RIMS Cyber Safety & Security Incident Response.
Travelers CyberRisk for Insurance Companies

Travelers CyberRisk for Insurance Companies

Craig Rimando Luke White. “hacking” - negative connotation Not always that way Originally a compliment Not all hacking necessarily bad “Good” hacking?

Craig Rimando Luke White. “hacking” - negative connotation Not always that way Originally a compliment Not all hacking necessarily bad “Good” hacking?
A Mobile Ad hoc Biosensor Network Muzammil KP S7,ECE Govt. Engg. College, Wayanad.

A Mobile Ad hoc Biosensor Network Muzammil KP S7,ECE Govt. Engg. College, Wayanad.
Securing. Agenda  Hard Drive Encryption  User Account Permissions  Root Level Access  Firewall Protection  Malware Protection.

Securing. Agenda  Hard Drive Encryption  User Account Permissions  Root Level Access  Firewall Protection  Malware Protection.
Is There a Security Problem in Computing? Network Security / G. Steffen1.

Is There a Security Problem in Computing? Network Security / G. Steffen1.
Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL 6788 11.

Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL
EEC 688/788 Secure and Dependable Computing Lecture 2 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

EEC 688/788 Secure and Dependable Computing Lecture 2 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Policies.

CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Policies.
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
1 Steve Chenoweth Friday, 10/21/11 Week 7, Day 4 Right – Good or bad policy? – Asking the user what to do next! From malware.net/how-to-remove-protection-system-

1 Steve Chenoweth Friday, 10/21/11 Week 7, Day 4 Right – Good or bad policy? – Asking the user what to do next! From malware.net/how-to-remove-protection-system-
1 Pertemuan 26 Contingency Planning Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.

1 Pertemuan 26 Contingency Planning Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.

Similar presentations

Ads by Google