Privacy-Preserving Attribution and Provenance UC San Diego & University of Washington Alex C. Snoeren & Yoshi Kohno, PIs Stefan Savage, Amin Vahdat, Geoff.

Slides:

Advertisements

Similar presentations

ACHIEVING NETWORK LEVEL PRIVACY IN WIRELESS SENSOR NETWORKS.

Advertisements

CLOSENESS: A NEW PRIVACY MEASURE FOR DATA PUBLISHING

Network support for DoS Protection Stefan Savage Dept of Computer Science and Engineering UC San Diego.

Architectural issues for network-layer identifiers Stefan Savage Dept of Computer Science & Engineering UC San Diego.

Beyond Compliance: Advanced SmartGrid Authentication Paul Miller Uniloc.

Identify risks with mobile devices: Portable data storage Wireless connections 3 rd party applications Data integrity Data availability 2.

Mobile Devices and Wireless Tracy Jackson Liz Nenni Matt Hinson Chris Eiben.

OC RIMS Cyber Safety & Security Incident Response.

Travelers CyberRisk for Insurance Companies

Craig Rimando Luke White. “hacking” - negative connotation Not always that way Originally a compliment Not all hacking necessarily bad “Good” hacking?

A Mobile Ad hoc Biosensor Network Muzammil KP S7,ECE Govt. Engg. College, Wayanad.

Securing. Agenda  Hard Drive Encryption  User Account Permissions  Root Level Access  Firewall Protection  Malware Protection.

Is There a Security Problem in Computing? Network Security / G. Steffen1.

Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL

EEC 688/788 Secure and Dependable Computing Lecture 2 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Policies.

Security+ Guide to Network Security Fundamentals

1 Steve Chenoweth Friday, 10/21/11 Week 7, Day 4 Right – Good or bad policy? – Asking the user what to do next! From malware.net/how-to-remove-protection-system-

1 Pertemuan 26 Contingency Planning Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.

Dan Boneh with Monica Lam, David Mazieres, John Mitchell, and many students. Security for Mobile Devices NSF Site Visit, June 2010.

Decoupling Policy from Mechanism in Internet Routing Alex C. Snoeren and Barath Raghavan University of California, San Diego.

Security Awareness: Applying Practical Security in Your World

APPLAUS: A Privacy-Preserving Location Proof Updating System for Location-based Services Zhichao Zhu and Guohong Cao Department of Computer Science and.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

A Guide to major network components

CPSC 6126 Computer Security Information Assurance.

Michael Vrable, Justin Ma, Jay Chen, David Moore, Erik Vandekieft, Alex C. Snoeren, Geoffrey M. Voelker, and Stefan Savage Presenter: Martin Krogel.

The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions Steve Katz, CISSP Security.

A Secure Protocol for Spontaneous Wireless Ad Hoc Networks Creation.

PART THREE E-commerce in Action Norton University E-commerce in Action.

MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.

COEN 252 Computer Forensics

© NeoAccel, Inc. TWO FACTOR AUTHENTICATION Corporate Presentation.

Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #6 Forensics Services September 10, 2007.

Csci5233 Computer Security1 Bishop: Chapter 10 (Cont.) Key Management: Storage & Revoking.

Information System Security and Control

Protecting Users’ Privacy when Tracing Network Traffic Stefan Saroiu and Troy Ronda University of Toronto.

CS CS 5150 Software Engineering Lecture 18 Security.

COEN 252 Computer Forensics Collecting Network-based Evidence.

Identity-Based Secure Distributed Data Storage Schemes.

Review 2 Chapters 7, 8, 9. 2  Define a network and its purpose.  Explain how communications technologies are used in our every day lives.  Understand.

The State of Computer & Data Security in Corporations Independent Survey.

Doc.: IEEE /495r1 Submission July 2001 Jon Edney, NokiaSlide 1 Ad-Hoc Group Requirements Report Group met twice - total 5 hours Group size ranged.

. 1. Computer Security Concepts 2. The OSI Security Architecture 3. Security Attacks 4. Security Services 5. Security Mechanisms 6. A Model for Network.

Lecture 6 Page 1 Advanced Network Security Review of Networking Basics Advanced Network Security Peter Reiher August, 2014.

1 Network and E-commerce Security Nungky Awang Chandra Fasilkom Mercu Buana University.

Dr. Hilton CHAN Technology Crime Division Commercial Crime Bureau

IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.

Computer Security Fundamentals by Chuck Easttom Chapter 14 Introduction to Forensics.

Tamra Pawloski Jeff Miller. The views, information, and content expressed herein are those of the authors and do not necessarily represent the views of.

INFORMATION TECHNOLOGY. RIGHT METHODS TO DEAL WITH THE COMPUTER  Screen’s brightness and position should be comfortable for your eyes.  Keyboard should.

m-Privacy for Collaborative Data Publishing

Firewall Matthew Prestifilippo, Bill Kazmierski, Pat Sparrow.

Mobile Security By Jenish Jariwala. What is Mobile Security?  Mobile Security is the protection of smartphones, tablets, laptops and other portable computing.

Security and Ethics Safeguards and Codes of Conduct.

Chapter 6 Discovering the Scope of the Incident Spring Incident Response & Computer Forensics.

Netprog: Chat1 Chat Issues and Ideas for Service Design Refs: RFC 1459 (IRC)

K. Salah1 Security Protocols in the Internet IPSec.

Fast Transmission to Remote Cooperative Groups: A New Key Management Paradigm.

Security Issues CS 560. Security in the software development process The security goal:  To make sure that agents (people or external systems) who interact.

Unit 2 Personal Cyber Security and Social Engineering Part 2.

Virtual Private Network (VPN) 1. A corporation with multiple geographic sites can use one of two approaches to building a corporate intranet. – Private.

Computer Forensics. OVERVIEW OF SEMINAR Introduction Introduction Defining Cyber Crime Defining Cyber Crime Cyber Crime Cyber Crime Cyber Crime As Global.

The Privacy Symposium: Transferring Risk of a Privacy Event Paul Paray & Scott Ernst August 20, 2008.

Information Security, Theory and Practice.

IC3 GS3 Standard COMPUTING FUNDAMENTALS Module

Security Issues with Wireless Protocols

Firewall Installation

Presentation transcript:

Privacy-Preserving Attribution and Provenance UC San Diego & University of Washington Alex C. Snoeren & Yoshi Kohno, PIs Stefan Savage, Amin Vahdat, Geoff Voelker (UCSD)

Privacy-respecting forensics Privacy: No extra information to bad guys. Attributable / trackable: Can track the bad guys with special properties Violate privacy: Bad guys can track the good guys without intended special properties Avoid attribution / tracking: Bad guys can circumvent tracking

Evidence-based security research Pursue a two-pronged research agenda Long-term clean slate architectural design, grounded in Principled work on todays concrete security environment Obvious analogy to the medical field Ongoing, fundamental research into biological processes Continuously developing treatments for prevalent disease Each independent process informs and guides the other

A vision for a future Internet Strong anonymityStrong forensics We are here Can we get here and here simultaneously?

What we have today Each hop and destination might: Inspect/influence payload Fingerprint OS Fingerprint application Fingerprint physical device Ad hoc ; easy to fool if skilled attacker; but loss of privacy if average user A B

A B A Attributable: Trusted third party can attribute physical origin of every single packet Verifiable: Every hop and destination can verify that the trusted third party can attribute origin Anonymous: Unauthorized parties cannot attribute physical origin of packets What we want

Our System: Clue Dual Pentium 3.4GHz, 4GB RAM; Dual Pentium 3GHz, 1GB RAM

CSI/FBI Computer Crime and Security Survey: Laptop and mobile device theft prevalent and expensive problem: $30k per incident 10% of laptops are lost or stolen in first year 97% of lost or stolen laptops never recovered Lost/stolen Internet devices

Privacy-respecting recovery Goal: Recover locations of lost or stolen devices Timeline Owner possession (not lost nor stolen) Lost or stolen but unmodified State erased or reset Machine destroyed Recoverability: Loss or flea market thief Location privacy: Tracking service, thief, outsider

Lookup I Ki (T) I Ki (T),E Ki (LocationInfo) Adeona Forward secure PRG to evolve keys over time Use shared key to compute indices as well as encrypt data Use DHT to prevent traffic profiling

Our goal: Determine feasibility of putting privacy- respecting attribution into the network But lots of issues, including: Who should be the trusted third pary? Internet is multi-national Remember the Clipper Chip? Intels Processor Serial Number? Politics and technology