Enforcing Anonymity and Improving Pseudonymity in Tails David Wolinsky Yale University.

Slides:

Advertisements

Similar presentations

Microsoft ® Official Course First Look Clinic Overview of Windows 8 By Ragowo Riantory, S.Kom, MCP.

Advertisements

Virtual Switching Without a Hypervisor for a More Secure Cloud Xin Jin Princeton University Joint work with Eric Keller(UPenn) and Jennifer Rexford(Princeton)

PIR-Tor: Scalable Anonymous Communication Using Private Information Retrieval Prateek Mittal University of Illinois Urbana-Champaign Joint work with: Femi.

Case Study: T-Mobile Retail Personal Coverage Check Kiosk Joe Wong, Integral GIS Sean Alexis, T-Mobile April 18, 2007.

Information Security and Cloud Computing Naresh K. Sehgal, Sohum Sohoni, Ying Xiong, David Fritz, Wira Mulia, and John M. Acken 1 NKS.

Managing NymBoxes for Identity and Tracking Protection David Wolinsky, Daniel Jackowitz, and Bryan Ford Yale University.

VSphere vs. Hyper-V Metron Performance Showdown. Objectives Architecture Available metrics Challenges in virtual environments Test environment and methods.

Brocade Landmark Routing on Structured P2P Overlays Ben Zhao, Yitao Duan, Ling Huang Anthony Joseph and John Kubiatowicz (IPTPS 2002) Goals Improve routing.

Scheduler-based Defenses against Cross-VM Side- channels Venkat(anathan) Varadarajan, Thomas Ristenpart, and Michael Swift 1 D EPARTMENT OF C OMPUTER S.

Virtualization for Cloud Computing

Virtualization A way To Begin with Virtual Reality… - Rahul Khanwani.

Cloud Computing All Copyrights reserved to Talal Abu-Ghazaleh Organization

Computer SystemsComputer Systems Part 1: Computer Assembly, OS & Network SetupPart 1: Computer Assembly, OS & Network Setup.

Towards a Safe Playground for HTTPS and Middle-Boxes with QoS2 Zhenyu Zhou CS Dept., Duke University.

Storage Devices. Internal / External Hard Drive Also known as hard disks Internal drive stores the operating system software, application software and.

Cross-Domain Privacy-Preserving Cooperative Firewall Optimization.

Microsoft Azure Virtual Machines. Networking Compute Storage Virtual Machine Operating System Applications Data & Access Runtime Provision & Manage.

Slide 1 DESIGN, IMPLEMENTATION, AND PERFORMANCE ANALYSIS OF THE ISCSI PROTOCOL FOR SCSI OVER TCP/IP By Anshul Chadda (Trebia Networks)-Speaker Ashish Palekar.

Benefits: Increased server utilization Reduced IT TCO Improved IT agility.

George Skarbek May What drives? There are three types of virtual drives that can help. They are: A mapped network drive Virtual CD/DVD drive RAM.

Improving Network I/O Virtualization for Cloud Computing.

Presented by: Sanketh Beerabbi University of Central Florida COP Cloud Computing.

LCDLC Presents: Technology Toolbox Exploring Google Earth? The world is only a mouse click away.

Simplifying Resource Sharing in Voluntary Grid Computing with the Grid Appliance David Wolinsky Renato Figueiredo ACIS Lab University of Florida.

Ji-Yong Shin Cornell University In collaboration with Mahesh Balakrishnan (MSR SVC), Tudor Marian (Google), Lakshmi Ganesh (UT Austin), and Hakim Weatherspoon.

Inside your computer. Hardware Review Motherboard Processor / CPU Bus Bios chip Memory Hard drive Video Card Sound Card Monitor/printer Ports.

 Cloud computing is the use of computing resources (hardware and software) that are delivered as a service over a network (typically the Internet). 

1 CloudVS: Enabling Version Control for Virtual Machines in an Open- Source Cloud under Commodity Settings Chung-Pan Tang, Tsz-Yeung Wong, Patrick P. C.

Virtualization for the LHCb Online system CHEP Taipei Dedicato a Zio Renato Enrico Bonaccorsi, (CERN)

Challenges of deploying Wide-Area-Network Distributed Storage System under network and reliability constraints – A case study

Virtual Machines Created within the Virtualization layer, such as a hypervisor Shares the physical computer's CPU, hard disk, memory, and network interfaces.

Project Name Program Name Project Scope Title Project Code and Name Insert Project Branding Image Here.

Enabling Technologies for Distributed Computing Dr. Sanjay P. Ahuja, Ph.D. Fidelity National Financial Distinguished Professor of CIS School of Computing,

ClinicalSoftwareSolutions Patient focused.Business minded. Slide 1 Opus Server Architecture Fritz Feltner Sept 7, 2007 Director, IT and Systems Integration.

Chapter 1: How are computers organized?. Software, data, & processing ? A computers has no insight or intuition A computers has no insight or intuition.

MICROSOFT TESTS /291/293 Fairfax County Adult Education Courses 1477/1478/1479.

STORAGE LOCAL OR ONLINE. DATA STORAGE: DATA YOU STORE ONLINE FILES SUCH AS IMAGES, SPREADSHEETS, VIDEO OR MUSIC. ONLINE DATA STORAGE: WHEN FILES ARE STORES.

© 2014 kCura. All rights reserved. vCloud Hybrid Services VMUG

By: Joel Dominic and Carroll Wongchote 4/18/2012.

Chapter 3 Getting Started. Copyright © 2005 Pearson Addison-Wesley. All rights reserved. Objectives To give an overview of the structure of a contemporary.

High Performance Computing (HPC)

Prof. Jong-Moon Chung’s Lecture Notes at Yonsei University

Md Baitul Al Sadi, Isaac J. Cushman, Lei Chen, Rami J. Haddad

Bentley Systems, Incorporated

Give Your Data the Edge A Scalable Data Delivery Platform

By Chris immanuel, Heym Kumar, Sai janani, Susmitha

Berkeley Cluster Projects

Prepared by: Assistant prof. Aslamzai

Software Defined Storage

Hybrid Cloud Architecture for Software-as-a-Service Provider to Achieve Higher Privacy and Decrease Securiity Concerns about Cloud Computing P. Reinhold.

Securing the Network Perimeter with ISA 2004

Enrico Bonaccorsi, (CERN) Loic Brarda, (CERN) Gary Moine, (CERN)

Sebastian Solbach Consulting Member of Technical Staff

Windows Azure Migrating SQL Server Workloads

Design and Implement Cloud Data Platform Solutions

הכרת המחשב האישי PC - Personal Computer

المحور 3 : العمليات الأساسية والمفاهيم

Windows Server 2016 Software Defined Storage

CS 140 Lecture Notes: Technology and Operating Systems

Assessment Findings System Professional <Insert Consultant Name>

IS 4506 Server Configuration (HTTP Server)

CS 140 Lecture Notes: Technology and Operating Systems

Chapter 1: How are computers organized?

Cloud computing mechanisms

COMP4442 Cloud Computing: Assignment 1

SCONE: Secure Linux Containers Environments with Intel SGX

COMP4442 Cloud Computing: Assignment 1

ENA Cloud Services.

What is an operating system An operating system is the most important software that runs on a computer. It manages the computer's memory and processes,

Presentation transcript:

Enforcing Anonymity and Improving Pseudonymity in Tails David Wolinsky Yale University

What Is Nymix Alice Internet Alice’s Laptop Cloud Storage Nyms

The Leaky Boat

Application Level Attacks Bob’s Booby-trap Blog Alice Tor-based Secure Channel Unsecured Channel: “Here’s my IP” Javascript Exploit Freetopia Repressistan Alice’s Laptop Alice in Repressistan

Bob Correlation Attacks Internet Bob’s Laptop Bob of Freetopia

Confiscation Attacks Carol Carol the Landofopportunian Border patrol

Attack Recap

Nymix – One Layer Deeper Alice Internet Alice’s Laptop Cloud Storage Nym Manager CommVM AnonVM

Attacks Executed in Nymix

Application Level Attacks Bob’s Booby-trap Blog Alice Tor-based Secure Channel Unsecured Channel: “Here’s my IP” Javascript Exploit Freetopia Repressistan Alice’s Laptop Alice in Repressistan

Application Level Attacks Bob’s Booby-trap Blog Alice Tor-based Secure Channel Javascript Exploit Freetopia Repressistan Alice’s Laptop Alice in Repressistan

Attacks Executed in Nymix

Bob Correlation Attacks Internet Bob’s Laptop Bob of Freetopia

Bob Correlation Attacks Internet Bob’s Laptop Bob of Freetopia Alice’s Laptop

Attacks Executed in Nymix

Confiscation Attacks Carol Carol the Landofopportunian Border patrol

Confiscation Attacks Carol Carol the Landofopportunian

Confiscation Attacks Carol Carol the Landofopportunian Border patrol X

Attacks Executed in Nymix

Evaluation I7 – 4 cores at 2.7 GHz 8 GB Ram Connects to a test deployment of Tor 10 Mbit bandwidth 200 ms latency 3 relays Nym memory usage AnonVM – 384 MB RAM, 128 MB Disk (stored in RAM) CommVM – 128 MB RAM, 16 MB Disk (stored in RAM)

CPU Evaluations

Memory Usage

Network Overhead

Nymix is not… It is… Not a complete solution An exploration of pseudonymity potential with virtualization A ready to use system A research prototype looking at potential integration with tails

Implementation Ubuntu Qemu (KVM) for virtualization OverlayFS for union file system Google Chromium (required in order to support a circumvention software)

Integration with Tails To CommVM or not CommVM Each VM is not cheap Must share a common Tor guard Sharing a common base image with Tails Tails is well hardened Tails has many configurations undesirable for AnonVM Persistence Models Store all data in the cloud Encrypted (LUKS) volume, store header elsewhere

Futher Challenges Resolution of VMM Fingerprintable CPU VMM timing channels Accessing local hardware / data

Going Forward Tomorrow – 15:00 – 16:00 – Follow up discussion Slides available PDF PPTX Text available Github