Mitigating Inference Attacks in Peer-assisted CDNs

anonymity in peer assisted cdns inference attacks n.w
1 / 26
Embed
Share

Discover insights on inference attacks in Peer-assisted CDNs and effective mitigation strategies to safeguard user privacy and prevent data leaks. Learn about real-world case studies, passive versus active attacks, and the importance of anonymity in popular web content delivery. Explore the contributions of Anonymous Peer-assisted CDNs and the implications of revealing users' browsing history.

  • Privacy Protection
  • CDN Security
  • Inference Attacks
  • Web Content Delivery
  • Anonymity
rayaanacharya
eecha Follow

Uploaded on | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. Anonymity in Peer-assisted CDNs: Inference Attacks and Mitigation Yaoqi Jia, Guangdong Bai, Prateek Saxena, and Zhenkai Liang National University of Singapore 0

  2. Web Content Delivery Popular websites receive millions of hits per day A fast way to deliver web content Options to deliver content: Own servers Amazon EC2, Azure Content delivery networks (CDN) Akamai, CloudFlare 1

  3. Peer-assisted CDNs Insight: Involve web clients to serve content Akamai NetSession, Swarmify, Maygh NetSession offloads 70-80% traffic [NSDI12,IMC 13] Swarmify reduces over 60% network latency Server Server Privacy issue: Infer neighbors contents Client Client 2 Client Client

  4. Contributions Inference attacks on real-world services i.e., Swarmify, BemTV and P2PSP Anonymous Peer-assisted CDN (APAC) Involves browsers as peers Preserve high level of anonymity Desired performance Compatible with browsers 3

  5. Inference Attacks in Peer-assisted CDNs 4

  6. Inference Attacks Goal Infer what content a victim user has requested or delivered (browsing history) Implication Revealing a user s browsing history significantly leaks the user s privacy A user s digital identity can be revealed [S&P 10] A user s geolocation/political orientation [W2SP 14] 5

  7. Inference Attacks in Peer-assisted CDNs Passive attacks:adversary pre-stores all content potentially interesting to the victim Active attacks:adversary traverses all content potentially served by the victim Server Server Passive Active Request Request Fetch Deliver Adversary Adversary Victim Victim 6

  8. Real-world Case Studies Swarmify,BemTV & P2PSP A deployed site with 10 images and 2 videos A victim peer requests and stores resources An adversary in the same LAN frequently requests and serves resources No defense against inference attacks Adversary can observe all resources from/to the victim Even open for content pollution attacks How to mitigate inference attacks? 7

  9. Anonymous Peer-assisted CDN 8

  10. Threat Model Initiator:peer initiates the request Responder: peer responds the request Honest-but-curious adversary Follow protocols Out of scope Sybil attacks Denial-of-service attacks (DoS) 9

  11. Anonymous Peer-assisted CDN (APAC) Goal Anonymity:conceal a user s identity to unlink her id with her online trace Performance:acceptable network latency Compatibility:no (or minor) changes on websites and clients Intuition Onion-routing (OR) techniques 10

  12. Onion Routing,but with Careful Parameter Selection OR: Messages are encapsulated in layers of encryption (onions) Limitations: Only initiator anonymity Non-negligible circuit setup latency Nodes randomly chosen Encryption Decryption Circuit 11

  13. Overview of APAC Peer server constructs the circuit for each request instead of peers (anonymity) Region-based circuit construction (performance) Choose intermediate nodes in three regions: near-initiator, near-responder and globally random Communications via WebRTC (compatibility) 12

  14. Initiation in APAC Peers fetch resources from the content server Content Server Fetch Store Peer vA Peer vB 13

  15. Content Delivery via Peers Peers fetch resources from other peers Peer Server Request Report Request via OR circuit Reply Peer vB (Responder) Peer vA (Initiator) Peer vB (Intermediate) 14

  16. Region-based Circuit Construction Peer Server Peer vB (Intermediate) Peer vB (Responder) Peer vA (Initiator) 15

  17. Anonymity Analysis for APAC 16

  18. Degree of Anonymity Def 1: The degree of initiator anonymity provided by a system is defined by: D(I |O)=1-HM-H(I |O) HM =H(I |O) HM Result: The degree of initiator anonymity can be represented as: 1 Lmax Lmax-l+1 l=1 log2((1- f)N) log2N Lmax f2 D(I |O)= 1- 17

  19. Parameter Selection Level of anonymity The maximum number of intermediate nodes Lmax Distribution factors: the fraction of intermediate nodes near the initiator/responder init/ res The total number of peers N and the number of peers having requested resources NR When Lmax 2, APAC can preserve the standard degree of anonymity (i.e., 0.8) achieved by previous work 18

  20. Performance Evaluation 19

  21. Measurement Setup Scenario: CDN operators place edges servers in major cities, but users are not located in those cities Deployed site provides images 1KB 2 MB Content server / peer server in City A (New York) 100 Peers in City B (Singapore) 20

  22. Network Latency Reduction (NLR) % 80 70 60 50 LAN WLAN WAN-City 40 30 20 10 0 Swarmify 2-node For a 4-node circuit where APAC provides a latency reduction (49.7%) lower than the performance obtained for Swarmify (69.4%) and non-anonymous setting (76.1%). 3-node 4-node 5-node 6-node 21

  23. Effect of Distribution Factors NRL(%) 30 25 20 15 10 5 0 #Nodes in each region 3-0-0 2-1-0 2-0-1 1-2-0 1-1-1 1-0-2 0-3-0 0-2-1 0-1-2 0-0-3 Locating intermediate nodes near initiator/responder reduces network latency 22

  24. Sweet Spot NLR (%) 70 60 50 40 Sweet Spot 30 20 10 Degree of Anonymity 0 0.5 0.6 0.7 0.8 0.9 With up-to 2 intermediate nodes, APAC preserves adequate degree of anonymity (i.e., 0.8) and desired performance (e.g., 97.3% bandwidth savings) 23

  25. Conclusion Inference attacks on peer-assisted CDNs Anonymous Peer-assisted CDN (APAC) High degree of anonymity Desired network latency reduction and bandwidth savings Compatible with current browsers 24

  26. Thanks You Q & A E-mail: jiayaoqi@comp.nus.edu.sg 25

Related


The APAC Surgical Robotics Industry is estimated to reach $8,068.7 Mn by 2032

The APAC Surgical Robotics Industry is estimated to reach $8,068.7 Mn by 2032

ashim_bisresearch
Keep Your Pets Entertained with Interactive Toys

Keep Your Pets Entertained with Interactive Toys

heartcraftedgifts
Best service for Dog Boarding in Eunos

Best service for Dog Boarding in Eunos

robert1
Discover Different Pets - Bigginyn, Moddey, and More!

Discover Different Pets - Bigginyn, Moddey, and More!

gia
Enhancing Work-Based Learning Experiences for Students with Disabilities

Enhancing Work-Based Learning Experiences for Students with Disabilities

ayesha
Creating a Cozy Haven for Your Furry Friends

Creating a Cozy Haven for Your Furry Friends

de
Shelbyfield Animal Rescue - Adoptable Pets and Benefits of Pet Ownership

Shelbyfield Animal Rescue - Adoptable Pets and Benefits of Pet Ownership

alphonso
A Fresh, Safe Home for Your Pets Starts with the Right Disinfectant

A Fresh, Safe Home for Your Pets Starts with the Right Disinfectant

John10
Innovative Pet Feeder System with Smart Features

Innovative Pet Feeder System with Smart Features

brummer_m
Assessment of Schlemm's Canal in Acute Primary Angle Closure: AS-OCT Study

Assessment of Schlemm's Canal in Acute Primary Angle Closure: AS-OCT Study

ditz
Exotic Pets and Public Health Concerns Addressed in Sooke Bylaws

Exotic Pets and Public Health Concerns Addressed in Sooke Bylaws

eandr
Essential Home Safety and Pet Advice for Families with Children Under 5

Essential Home Safety and Pet Advice for Families with Children Under 5

nmax
Comprehensive Insurance Coverage for Rotary Clubs and Members at PETS 2015

Comprehensive Insurance Coverage for Rotary Clubs and Members at PETS 2015

amat_re
Discussion Group Session on Building and Transferring Files to APAC - May 21, 2024

Discussion Group Session on Building and Transferring Files to APAC - May 21, 2024

emar_7
The Good Samaritan 2022 Android Project for Locating People at Risk and Lost Pets

The Good Samaritan 2022 Android Project for Locating People at Risk and Lost Pets

getchell_d
Bake the Cake - A Pet Bakery in Amman, Jordan

Bake the Cake - A Pet Bakery in Amman, Jordan

galasso_l
Shelbyfield Animal Rescue - Meet Adoptable Pets!

Shelbyfield Animal Rescue - Meet Adoptable Pets!

pbebo
APAC Space Based Edge Computing Market

APAC Space Based Edge Computing Market

Mohit
APAC Advanced Space Composites Market

APAC Advanced Space Composites Market

Mohit
APAC Missile Tracking Systems Market

APAC Missile Tracking Systems Market

Mohit
APAC Interventional Imaging Market Demand, Segments, and Forecast

APAC Interventional Imaging Market Demand, Segments, and Forecast

Mohit
APAC Medical X-Ray Detectors Market

APAC Medical X-Ray Detectors Market

Mohit

More Related Content