EAGER: Collaborative: Towards Understanding the Attack Vector of Privacy Technologies

EAGER：协作：了解隐私技术的攻击向量

• 批准号: 1643249
• 负责人: Guevara Noubir
• 金额: $ 12.5万
• 依托单位: Northeastern University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2016
• 资助国家: 美国
• 起止时间: 2016-09-01 至 2018-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1643249&HistoricalAwards=false
• 关键词: EAGER; Collaborative; Towards; Understanding; Attack

Advances in privacy-enhancing technologies, including cryptographic mechanisms, standardized security protocols, and infrastructure, significantly improved privacy and had a significant impact on society by protecting users. At the same time, the success of such infrastructure has attracted abuse from illegal activities, including sophisticated botnets and ransomware, and has become a marketplace for drugs and contraband; botnets rose to be a major tool for cybercrime and their developers proved to be highly resourceful. It is contended that the next waves of botnets will extensively attempt to subvert privacy infrastructure and cryptographic mechanisms, which has the potential of both undermining their legal basis and future performance. This project will develop the theoretical and experimental foundations for analyzing, monitoring and mitigating the next generation of botnets that subvert privacy-enhancing technologies. Towards that goal, the project will develop tools for: 1) Analytical framework: the project develops a concrete strategy for approaching the detection, characterization, and mitigation of abuse of privacy infrastructure by crystallizing an analytical framework for reasoning about such botnets. This includes the identification
and formalization of their key properties (e.g., traceback and tomography resiliency, stealthy monetization), enabling mechanisms (e.g., IP address de-coupling, control/data traffic indistinguishability), fundamental limitations, and evaluation metrics. The project will explore analogous scenarios of abuse in future Internet architectures where anonymity is facilitated by design. 2) Monitoring and analysis: the project develops an experimental framework to track activities of the next generation of botnets for scalable and effective mitigation. Such framework will exploit their ideal design and behavioral properties, and draws on various preliminary measurement results in related contexts. 3) Mitigation: The project has the ultimate
goal of proactively developing an arsenal of mitigation techniques grounded in a sound theoretical foundation, analyzed within the theoretical framework, and evaluated within the experimental framework. The mitigation techniques span the gamut of increasing the cost of operating such botnets, to actively containing
and neutralizing bots, to proposing modifications to the privacy-enhancing protocols. The results of this project will be communicated with the concerned communities for having a direct and immediate impact on existing and future privacy infrastructure. The project will also develop educational material to train students in the foundations and systems for enabling privacy enhancing technologies.

加密机制、标准化安全协议和基础设施等隐私增强技术的进步，大大改善了隐私，并通过保护用户对社会产生了重大影响。与此同时，这种基础设施的成功吸引了非法活动的滥用，包括复杂的僵尸网络和勒索软件，并已成为毒品和违禁品的市场;僵尸网络已成为网络犯罪的主要工具，其开发者证明非常足智多谋。有人认为，下一波僵尸网络将广泛地试图破坏隐私基础设施和加密机制，这有可能破坏其法律的基础和未来的表现。该项目将为分析、监控和缓解下一代破坏隐私增强技术的僵尸网络奠定理论和实验基础。为实现这一目标，该项目将开发工具：1）分析框架：该项目通过明确分析僵尸网络的推理框架，制定一项具体战略，以接近隐私基础设施滥用的检测，定性和缓解。这包括识别#8232;和其关键属性的形式化（例如，回溯和层析成像弹性，隐形货币化），使能机制（例如，IP地址去耦合、控制/数据业务不可扩展性）、基本限制和评估指标。该项目将探讨未来互联网架构中类似的滥用情况，在这些架构中，匿名性通过设计得到促进。2)监测和分析：该项目开发了一个实验框架，以跟踪下一代僵尸网络的活动，从而实现可扩展和有效的缓解。这种框架将利用他们的理想设计和行为特性，并借鉴了相关背景下的各种初步测量结果。3)缓解措施：该项目具有最终
目标是积极主动地开发一套基于良好理论基础的缓解技术，在理论框架内进行分析，并在实验框架内进行评估。缓解技术涵盖了增加运营此类僵尸网络的成本，积极遏制和中和僵尸程序，以及对隐私增强协议提出修改的范围。该项目的结果将与有关社区进行沟通，对现有和未来的隐私基础设施产生直接和直接的影响。该项目还将开发教育材料，对学生进行基础和系统方面的培训，以实现隐私增强技术。

项目成果

QOI: Assessing Participation in Threat Information Sharing

QOI：评估威胁信息共享的参与情况

• DOI: 10.1109/icassp.2018.8462036
• 发表时间: 2018
• 期刊: ICASSP 2018
• 作者: Park, Jemon;Alasmary, Hisham;Al-Ibrahim, Omar;Kamhoua, Charlies;Kwiat, Kevin;Njilla, Laurent;Mohaisen, Aziz
• 通讯作者: Mohaisen, Aziz

Trusted Code Execution on Untrusted Platforms using Intel SGX

使用 Intel SGX 在不可信平台上执行可信代码

• 发表时间: 2016
• 期刊: Virus bulletin
• 作者: Guevara Noubir, Amirali Sanatinia

Honey Onions: A framework for characterizing and identifying misbehaving Tor HSDirs

• DOI: 10.1109/cns.2016.7860478
• 发表时间: 2016-10
• 期刊: 2016 IEEE Conference on Communications and Network Security (CNS)
• 作者: Amirali Sanatinia;G. Noubir

Understanding the Hidden Cost of Software Vulnerabilities: Measurements and Predictions

了解软件漏洞的隐藏成本：测量和预测

• 发表时间: 2018
• 期刊: International Conference on Security and Privacy in Communication Systems
• 作者: Anwar, Afsah;Khormali, Aminollah;Nyang, DaeHun;Mohaisen, Aziz
• 通讯作者: Mohaisen, Aziz

Delving Into Internet DDoS Attacks by Botnets: Characterization and Analysis

• DOI: 10.1109/tnet.2018.2874896
• 发表时间: 2018-12-01
• 期刊: IEEE-ACM TRANSACTIONS ON NETWORKING
• 影响因子: 3.7
• 作者: Wang, An;Chang, Wentao;Mohaisen, Aziz
• 通讯作者: Mohaisen, Aziz