[talks] Yixin Sun will present her General Exam on Monday, May 2, 2016 at 10:15am in CS 402

[Nicki Gotsis]

Yixin Sun will present her General Exam on Monday, May 2, 2016 at 10:15am in CS 402.

The members of her committee are Mung Chiang & Prateek Mittal (advisers), Nick Feamster, and Arvind Narayanan.

Everyone is invited to attend her talk, and those faculty wishing to remain for the oral exam following are welcome to do so.  Her abstract and reading list follow below.

Abstract:
The Tor network is a widely used system for anonymous communication. However, the vulnerability of the Tor network to adversaries who can monitor Internet traffic, such as Autonomous Systems (ASes), is not well understood. We present a suite of new attacks, called Raptor, that can be launched by Autonomous Systems (ASes) to compromise user anonymity. First, AS-level adversaries can exploit the asymmetric nature of Internet routing to increase the chance of observing at least one direction of user traffic at both ends of the communication. Second, strategic adversaries can manipulate Internet routing via BGP hijacks (to discover the users using specific Tor guard nodes) and interceptions (to perform traffic analysis). We demonstrate the feasibility of Raptor attacks by performing real-world attacks on the live Tor network, while ensuring that we do not harm real users. Third, we measure the vulnerability of the Tor network to such active BGP attacks. We show that more than 90% of BGP prefixes hosting Tor relays are vulnerable to more-specific prefix attacks, and some Autonomous Systems that carry a large portion of Tor traffic, such as OVH, also have low resilience to equally-specific prefix attacks. Finally, we present the BGP monitoring system that detects routing anomalies on the Tor network in real time. We evaluate the system on live BGP data and show that it has no false positives while successfully detects an attack injected by us. 

Reading list:
Computer Networks (5th Edition) by TANENBAUM and WETHERALL. Chapters 1, 5-8.
Security Engineering (2nd Edition) by Anderson. Chapters 1-8, 21-24.
1. Ballani, H., Francis, P. and Zhang, X., 2007, August. A study of prefix hijacking and interception in the Internet. In ACM SIGCOMM Computer Communication Review (Vol. 37, No. 4, pp. 265-276). ACM.
2. Lad, M., Oliveira, R., Zhang, B. and Zhang, L., 2007, June. Understanding resiliency of internet topology against prefix hijack attacks. In Dependable Systems and Networks, 2007. DSN'07. 37th Annual IEEE/IFIP International Conference on (pp. 368-377). IEEE.
3. Lad, M., Massey, D., Pei, D., Wu, Y., Zhang, B. and Zhang, L., 2006, August. PHAS: A Prefix Hijack Alert System. In Usenix Security.	
4. Dingledine, R., Mathewson, N. and Syverson, P., 2004. Tor: The second-generation onion router. Naval Research Lab Washington DC.
5. Johnson, A., Wacek, C., Jansen, R., Sherr, M. and Syverson, P., 2013, November. Users get routed: Traffic correlation on Tor by realistic adversaries. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security (pp. 337-348). ACM.
6. Murdoch, S.J. and Zieliński, P., 2007, June. Sampled traffic analysis by internet-exchange-level adversaries. In Privacy Enhancing Technologies (pp. 167-183). Springer Berlin Heidelberg.
7. Akhoondi, M., Yu, C. and Madhyastha, H.V., 2012, May. LASTor: A low-latency AS-aware Tor client. In Security and Privacy (SP), 2012 IEEE Symposium on (pp. 476-490). IEEE.
8. Edman, M. and Syverson, P., 2009, November. AS-awareness in Tor path selection. In Proceedings of the 16th ACM conference on Computer and communications security (pp. 380-389). ACM.
9. Feamster, N. and Dingledine, R., 2004, October. Location diversity in anonymity networks. In Proceedings of the 2004 ACM workshop on Privacy in the electronic society (pp. 66-76). ACM.
10. Starov, O., Nithyanand, R., Zair, A., Gill, P. and Schapira, M., 2015. Measuring and mitigating AS-level adversaries against Tor. arXiv preprint arXiv:1505.05173.