Mike Kosek,Luca Schumann,Robin Marx,Trinh Viet Doan,Vaibhav Bajpai

DOI: https://doi.org/10.1145/3517745.3561445

2023-05-03

Abstract:Over the last decade, Web traffic has significantly shifted towards HTTPS due to an increased awareness for privacy. However, DNS traffic is still largely unencrypted, which allows user profiles to be derived from plaintext DNS queries. While DNS over TLS (DoT) and DNS over HTTPS (DoH) address this problem by leveraging transport encryption for DNS, both protocols are constrained by the underlying transport (TCP) and encryption (TLS) protocols, requiring multiple round-trips to establish a secure connection. In contrast, QUIC combines the transport and cryptographic handshake into a single round-trip, which allows the recently standardized DNS over QUIC (DoQ) to provide DNS privacy with minimal latency. In the first study of its kind, we perform distributed DoQ measurements across multiple vantage points to evaluate the impact of DoQ on Web performance. We find that DoQ excels over DoH, leading to significant improvements with up to 10% faster loads for simple webpages. With increasing complexity of webpages, DoQ even catches up to DNS over UDP (DoUDP) as the cost of encryption amortizes: With DoQ being only ~2% slower than DoUDP, encrypted DNS becomes much more appealing for the Web.

Networking and Internet Architecture

Jayasree Sengupta,Mike Kosek,Justus Fries,Simone Ferlin,Pratyush Dikshit,Vaibhav Bajpai

2024-02-01

Abstract:Every Web session involves a DNS resolution. While, in the last decade, we witnessed a promising trend towards an encrypted Web in general, DNS encryption has only recently gained traction with the standardisation of DNS over TLS (DoT) and DNS over HTTPS (DoH). Meanwhile, the rapid rise of QUIC deployment has now opened up an exciting opportunity to utilise the same protocol to not only encrypt Web communications, but also DNS. In this paper, we evaluate this benefit of using QUIC to coalesce name resolution via DNS over QUIC (DoQ), and Web content delivery via HTTP/3 (H3) with 0-RTT. We compare this scenario using several possible combinations where H3 is used in conjunction with DoH and DoQ, as well as the unencrypted DNS over UDP (DoUDP). We observe, that when using H3 1-RTT, page load times with DoH can get inflated by $>$30\% over fixed-line and by $>$50\% over mobile when compared to unencrypted DNS with DoUDP. However, this cost of encryption can be drastically reduced when encrypted connections are coalesced (DoQ + H3 0-RTT), thereby reducing the page load times by 1/3 over fixed-line and 1/2 over mobile, overall making connection coalescing with QUIC the best option for encrypted communication on the Internet.

Cryptography and Security,Networking and Internet Architecture,Performance

Binanda Sengupta,Yingjiu Li,Kai Bu,Robert H. Deng

DOI: https://doi.org/10.1145/3372046

IF: 5.3

2020-01-01

ACM Transactions on Internet Technology

Abstract:The end-users communicating over a network path currently have no control over the path. For a better quality of service, the source node often opts for a superior (or premium) network path to send packets to the destination node. However, the current Internet architecture provides no assurance that the packets indeed follow the designated path. Network path validation schemes address this issue and enable each node present on a network path to validate whether each packet has followed the specific path so far. In this work, we introduce two notions of privacy-path privacy and Index privacy-in the context of network path validation. We show that, in case a network path validation scheme does not satisfy these two properties, the scheme is vulnerable to certain practical attacks (that affect the privacy, reliability, neutrality and quality of service offered by the underlying network). To the best of our knowledge, ours is the first work that addresses privacy issues related to network path validation. We design PrivNPV, a privacy-preserving network path validation protocol, that satisfies both path privacy and index privacy. We discuss several attacks related to network path validation and how PrivNPV defends against these attacks. Finally, we discuss the practicality of PrivNPV based on relevant parameters.

Mahdi Safaei Yaraziz,Ahmad Jalili,Mehdi Gheisari,Yang Liu

DOI: https://doi.org/10.1049/cds2.12138

2023-01-01

IET Circuits Devices & Systems

Abstract:The Internet of Things (IoT) is a self-configuring, intelligent system in which things connect to the Internet and communicate with each other. As “things” are autonomous and rely on a significant amount of autonomy to carry out their individual and collective tasks, it is possible that the autonomous environment of IoT may raise privacy concerns. IoT encounters significant privacy and security challenges, including inaccurate device updates, a lack of efficient privacy solutions, user unawareness, and famed active device monitoring capabilities. In this paper, the authors describe the background of IoT systems and privacy and security measures, (a) approaches to preserving privacy in IoT-based systems, (b) existing privacy solutions, and (c) recommending privacy models for different layers of IoT applications. Based on the results of our study, it is clear that new methods such as Blockchain, Machine Learning, Data Minimization, and Data Encryption can greatly impact privacy issues to ensure security and privacy. Moreover, it makes sense that users can protect their personal information easier if there is less data to collect, store, and share by smart devices. Thus, the use of Data Minimization methods in these networks can be very beneficial for privacy-preserving, which is useful to route researchers to

Jaydip Sen

DOI: https://doi.org/10.48550/arXiv.1012.2177

2012-05-04

Abstract:Since the beginning of the Internet thirty years ago, we have witnessed a number of changes in the application of communication technologies. Today, the Internet can be described to a large extent as a ubiquitous infrastructure that is always accessible. After the era of connecting places and connecting people, the Internet of the future will also connect things. The idea behind the resulting Internet of Things is to seamlessly gather and use information about objects of the real world during their entire lifecycle. In this paper, we consider different approaches to technological protection of user data privacy in the world of Internet of Things. In particular,we consider what kind of security problems are being faced and what level of protection can be provided by applying approaches based on secure multi-party computations.

Cryptography and Security,Networking and Internet Architecture

B H Priyanka,Ravi Prakash

DOI: https://doi.org/10.48550/arXiv.1512.07207

2015-12-20

Abstract:Over the last two decades, the scale and complexity of the Internet and its associated technologies built on the World Wide Web has grown exponentially with access to Internet as a facility occupying a prime place with other amenities of modern lives. In years to come, usage of Internet may unravel more pleasant surprises for us as far as novelty in its usage is concerned. As a democratic function of Internet, and relying on the open model on which it has been built, there has been concerted efforts in the direction of privacy protection and use of privacy enhancing tools which have gained tangible traction. Innovation in use of VPN, TLS/SSL and cryptographic tools are a testimony to it. Another popular tool is Tor, which has gained widespread popularity as it is being increasingly used by anonymity seeking users to effectively maintain their discretion while surfing the web. However, there is a darker side to increased proliferation of Internet in our everyday routine. We are certainly not living in a utopian age and there are potentials of misuse of Internet as well. Across every nook and cranny of Internet's sprawling virtual world, there are cyber criminals lurking n dangerous alleys to use the very same Internet as malevolent tool to abuse it and cause financial, physical and social harm to ordinary people. Failing to manage the widespread spawning of World Wide Web has rendered it weak against misuse. In last few decades especially, Internet has been inundated with malware, ransomware, viruses, Trojans, illegal spy tools and what not created with malignant sentiments. In this paper, we will analyze few of the subverting privacy infrastructures.

Computers and Society,Cryptography and Security

Chao Li,Balaji Palanisamy

DOI: https://doi.org/10.1109/jiot.2018.2864168

IF: 10.6

2019-02-01

IEEE Internet of Things Journal

Abstract:Ubiquitous deployment of low-cost smart devices and widespread use of high-speed wireless networks have led to the rapid development of the Internet of Things (IoT). IoT embraces countless physical objects that have not been involved in the traditional Internet and enables their interaction and cooperation to provide a wide range of IoT applications. Many services in the IoT may require a comprehensive understanding and analysis of data collected through a large number of physical devices that challenges both personal information privacy and the development of IoT. Information privacy in IoT is a broad and complex concept as its understanding and perception differ among individuals and its enforcement requires efforts from both legislation as well as technologies. In this paper, we review the state-of-the-art principles of privacy laws, the architectures for IoT and the representative privacy enhancing technologies (PETs). We analyze how legal principles can be supported through a careful implementation of PETs at various layers of a layered IoT architecture model to meet the privacy requirements of the individuals interacting with IoT systems. We demonstrate how privacy legislation maps to privacy principles which in turn drives the design of necessary PETs to be employed in the IoT architecture stack.

computer science, information systems,telecommunications,engineering, electrical & electronic

Jordi Paillisse,Alberto Rodriguez-Natal,Fabio Maino,Albert Cabellos

DOI: https://doi.org/10.48550/arXiv.2208.05420

2022-08-11

Abstract:In the last 15 years, the Internet architecture has continued evolving organically, introducing new headers and protocols to the classic TCP/IP stack. More specifically, we have identified two major trends. First, it is common that most communications are encrypted, either at L3 or L4. And second, due to protocol ossification, developers have resorted to upper layers to introduce new functionalities (L4 and above). For example, QUIC's connection migration feature provides mobility at L4. In this paper we present a reflection around these changes, and attempt to formalize them by adding two additional protocol headers to the TCP/IP stack: one for security, and another for new functionalities. We must note that we are not presenting a new architecture, but trying to draw up what it's already out there. In addition, we elaborate on the forces that have brought us here, and we enumerate current proposals that are shaping these new headers. We also analyze in detail three examples of such trends: the Zero Trust Networking paradigm, the QUIC transport protocol, and modern SD-WAN systems. Finally, we present a formalization of this architecture by adding these two additional layers to the TCP/IP protocol stack. Our goal is triggering a discussion on the changes of the current Internet architecture.

Networking and Internet Architecture

Levente Csikor,Dinil Mon Divakaran

DOI: https://doi.org/10.48550/arXiv.2312.04577

2023-12-01

Abstract:DNS, one of the fundamental protocols of the TCP/IP stack, has evolved over the years to protect against threats and attacks. This study examines the risks associated with DNS and explores recent advancements that contribute towards making the DNS ecosystem resilient against various attacks while safeguarding user privacy.

Cryptography and Security,Networking and Internet Architecture

Minzhao Lyu,Hassan Habibi Gharakheili,Vijay Sivaraman

DOI: https://doi.org/10.1145/3547331

2022-07-08

Abstract:The domain name system (DNS) that maps alphabetic names to numeric Internet Protocol (IP) addresses plays a foundational role for Internet communications. By default, DNS queries and responses are exchanged in unencrypted plaintext, and hence, can be read and/or hijacked by third parties. To protect user privacy, the networking community has proposed standard encryption technologies such as DNS over TLS (DoT), DNS over HTTPS (DoH), and DNS over QUIC (DoQ) for DNS communications, enabling clients to perform secure and private domain name lookups. We survey the DNS encryption literature published since 2016, focusing on its current landscape and how it is misused by malware, and highlighting the existing techniques developed to make inferences from encrypted DNS traffic. First, we provide an overview of various standards developed in the space of DNS encryption and their adoption status, performance, benefits, and security issues. Second, we highlight ways that various malware families can exploit DNS encryption to their advantage for botnet communications and/or data exfiltration. Third, we discuss existing inference methods for profiling normal patterns and/or detecting malicious encrypted DNS traffic. Several directions are presented to motivate future research in enhancing the performance and security of DNS encryption.

Cryptography and Security,Networking and Internet Architecture

Geong Sen Poh,Dinil Mon Divakaran,Hoon Wei Lim,Jianting Ning,Achintya Desai

DOI: https://doi.org/10.48550/arXiv.2101.04338

2021-01-12

Cryptography and Security

Abstract:Middleboxes in a computer network system inspect and analyse network traffic to detect malicious communications, monitor system performance and provide operational services. However, encrypted traffic hinders the ability of middleboxes to perform such services. A common practice in addressing this issue is by employing a "Man-in-the-Middle" (MitM) approach, wherein an encrypted traffic flow between two endpoints is interrupted, decrypted and analysed by the middleboxes. The MitM approach is straightforward and is used by many organisations, but there are both practical and privacy concerns. Due to the cost of the MitM appliances and the latency incurred in the encrypt-decrypt processes, enterprises continue to seek solutions that are less costly. There were discussion on the many efforts required to configure MitM. Besides, MitM violates end-to-end privacy guarantee, raising privacy concerns and issues on compliance especially with the rising awareness on user privacy. Furthermore, some of the MitM implementations were found to be flawed. Consequently, new practical and privacy-preserving techniques for inspection over encrypted traffic were proposed. We examine them to compare their advantages, limitations and challenges. We categorise them into four main categories by defining a framework that consist of system architectures, use cases, trust and threat models. These are searchable encryption, access control, machine learning and trusted hardware. We first discuss the man-in-the-middle approach as a baseline, then discuss in details each of them, and provide an in-depth comparisons of their advantages and limitations. By doing so we describe practical constraints, advantages and pitfalls towards adopting the techniques. We also give insights on the gaps between research work and industrial deployment, which leads us to the discussion on the challenges and research directions.

Aziz Mohaisen,Ah Reum Kang,Kui Ren

DOI: https://doi.org/10.1007/978-3-319-56549-1_1

2017-01-01

Abstract:DNS leakage happens when queries for names within a private namespace spread out to the public DNS infrastructure (Internet), which has various privacy implications. An example of this leakage includes the documented [1] leakage of. onion names associated with Tor hidden services to the public DNS infrastructure. To mitigate this leakage, and improve Tor's privacy, Appelbaum and Muffet [2] proposed the special use. onion domain name, and various best practice recommendations of blocking of. onion strings (hidden service addresses) at the stub (browser), recursive, and authoritative resolvers. Without any form of analysis of those recommendations in practice, it is very difficult to tell how much of privacy is provided by following them in various deployment settings. In this paper, we initiate for the study of those recommendations by analyzing them under various settings and conclude that while the unlikely universal deployment will naturally improve privacy by preventing leakage, partial deployment, which is the case for early adoption, will degrade the privacy of individuals not adopting those recommendations.

Vinod S. Khandkar,Manjesh K. Hanawal,Sameer G Kulkarni

DOI: https://doi.org/10.48550/arXiv.2207.01841

2022-07-05

Abstract:Security and Privacy are crucial in modern Internet services. Transport Layer Security (TLS) has largely addressed the issue of security. However, information about the type of service being accessed goes in plain-text in the initial handshakes of vanilla TLS, thus potentially revealing the activity of users and compromising privacy. The ``Encrypted ClientHello'' or ECH overcomes this issue by extending TLS 1.3 where all of the information that can potentially reveal the service type is masked, thus addressing the privacy issues in TLS 1.3. However, we notice that Internet services tend to use different versions of TLS for application data (primary connection/channel) and supporting data (side channels) such as scheduling information \textit{etc.}. %, during the active session. Although many internet services have migrated to TLS 1.3, we notice that it is only true for the primary connections which do benefit from TLS 1.3, while the side-channels continue to use lower version of TLS (e.g., 1.2) %which do not support ECH and continue to leak type of service accessed. We demonstrate that privacy information leaked from the side-channels can be used to affect the performance on the primary channels, like blocking or throttling specific service on the internet. Our work demonstrates that adapting ECH on primary channels alone is not sufficient to prevent the privacy leaks and attacks on primary channels. Further, we demonstrate that it is necessary for all of the associated side-channels also to migrate to TLS 1.3 and adapt ECH extension in order to offer complete privacy preservatio

Cryptography and Security,Networking and Internet Architecture

Alexandra Nisenoff,Ranya Sharma,Nick Feamster

DOI: https://doi.org/10.48550/arXiv.2208.04991

2023-02-21

Abstract:Recent developments to encrypt the Domain Name System (DNS) have resulted in major browser and operating system vendors deploying encrypted DNS functionality, often enabling various configurations and settings by default. In many cases, default encrypted DNS settings have implications for performance and privacy; for example, Firefox's default DNS setting sends all of a user's DNS queries to Cloudflare, potentially introducing new privacy vulnerabilities. In this paper, we confirm that most users are unaware of these developments -- with respect to the rollout of these new technologies, the changes in default settings, and the ability to customize encrypted DNS configuration to balance user preferences between privacy and performance. Our findings suggest several important implications for the designers of interfaces for encrypted DNS functionality in both browsers and operating systems, to help improve user awareness concerning these settings, and to ensure that users retain the ability to make choices that allow them to balance tradeoffs concerning DNS privacy and performance.

Cryptography and Security,Human-Computer Interaction,Networking and Internet Architecture

Parvaneh Shayegh,Vijayanta Jain,Amin Rabinia,Sepideh Ghanavati

DOI: https://doi.org/10.48550/arXiv.1910.04133

2019-10-06

Abstract:The massive growth of the Internet of Things (IoT) as a network of interconnected entities [18], brings up new challenges in terms of privacy and security requirements to the traditional software engineering domain [4]. To protect the individuals' privacy, the FTC's Fair Information Practice Principles (FIPPs) [6] proposes to companies to give notice to the consumer about their data practices, provide them with choices and give them means to have control over their own data.. Using privacy policy is the most common way for this type of notices. However, privacy policies are not generally effective due to two main reasons: first, privacy policies are long and full of legal jargon which are not understandable by a normal user; second, it is not guaranteed that an IoT device behave as it is explained in its privacy policy. In this technical report, we propose and discuss our methodologies to analyze privacy policies. By the help of this analysis, we reduce the length of a privacy policy and make it organized based on privacy practices to improve understanding level for the user. We also come up with a method to find the inconsistencies between IoT devices and their privacy policies.

Cryptography and Security

Jayasree Sengupta,Debasmita Dey,Simone Ferlin,Nirnay Ghosh,Vaibhav Bajpai

2024-02-01

Abstract:The Tactile Internet paradigm is set to revolutionize human society by enabling skill-set delivery and haptic communication over ultra-reliable, low-latency networks. The emerging sixth-generation (6G) mobile communication systems are envisioned to underpin this Tactile Internet ecosystem at the network edge by providing ubiquitous global connectivity. However, apart from a multitude of opportunities of the Tactile Internet, security and privacy challenges emerge at the forefront. We believe that the recently standardized QUIC protocol, characterized by end-to-end encryption and reduced round-trip delay would serve as the backbone of Tactile Internet. In this article, we envision a futuristic scenario where a QUIC-enabled network uses the underlying 6G communication infrastructure to achieve the requirements for Tactile Internet. Interestingly this requires a deeper investigation of a wide range of security and privacy challenges in QUIC, that need to be mitigated for its adoption in Tactile Internet. Henceforth, this article reviews the existing security and privacy attacks in QUIC and their implication on users. Followed by that, we discuss state-of-the-art attack mitigation strategies and investigate some of their drawbacks with possible directions for future work

Cryptography and Security,Networking and Internet Architecture

Sandra Siby,Marc Juarez,Claudia Diaz,Narseo Vallina-Rodriguez,Carmela Troncoso

DOI: https://doi.org/10.48550/arXiv.1906.09682

2019-10-07

Abstract:Virtually every connection to an Internet service is preceded by a DNS lookup which is performed without any traffic-level protection, thus enabling manipulation, redirection, surveillance, and censorship. To address these issues, large organizations such as Google and Cloudflare are deploying recently standardized protocols that encrypt DNS traffic between end users and recursive resolvers such as DNS-over-TLS (DoT) and DNS-over-HTTPS (DoH). In this paper, we examine whether encrypting DNS traffic can protect users from traffic analysis-based monitoring and censoring. We propose a novel feature set to perform the attacks, as those used to attack HTTPS or Tor traffic are not suitable for DNS' characteristics. We show that traffic analysis enables the identification of domains with high accuracy in closed and open world settings, using 124 times less data than attacks on HTTPS flows. We find that factors such as location, resolver, platform, or client do mitigate the attacks performance but they are far from completely stopping them. Our results indicate that DNS-based censorship is still possible on encrypted DNS traffic. In fact, we demonstrate that the standardized padding schemes are not effective. Yet, Tor -- which does not effectively mitigate traffic analysis attacks on web traffic -- is a good defense against DoH traffic analysis.

Cryptography and Security

Samundra Deep,Xi Zheng,Alireza Jolfaei,Dongjin Yu,Pouya Ostovari,Ali Kashif Bashir

DOI: https://doi.org/10.1002/ett.3935

IF: 3.6

2020-03-16

Transactions on Emerging Telecommunications Technologies

Abstract:<p>Internet of Things (IoT) is a novel paradigm, which not only facilitates a large number of devices to be ubiquitously connected over the Internet but also provides a mechanism to remotely control these devices. The IoT is pervasive and is almost an integral part of our daily life. These connected devices often obtain user's personal data and store it online. The security of collected data is a big concern in recent times. As devices are becoming increasingly connected, privacy and security issues become more and more critical and these need to be addressed on an urgent basis. IoT implementations and devices are eminently prone to threats that could compromise the security and privacy of the consumers, which, in turn, could influence its practical deployment. In recent past, some research has been carried out to secure IoT devices with an intention to alleviate the security concerns of users. There have been research on blockchain technologies to tackle the privacy and security issues of the collected data in IoT. The purpose of this paper is to highlight the security and privacy issues in IoT systems. To this effect, the paper examines the security issues at each layer in the IoT protocol stack, identifies the under‐lying challenges and key security requirements and provides a brief overview of existing security solutions to safeguard the IoT from the layered context.</p>

telecommunications

Mike Kosek,Tanya Shreedhar,Vaibhav Bajpai

DOI: https://doi.org/10.1109/MCOM.001.2000877

2021-05-20

Abstract:The transport layer is ossified. With most of the research and deployment efforts in the past decade focussing on the Transmission Control Protocol (TCP) and its extensions, the QUIC standardization by the Internet Engineering Task Force (IETF) is to be finalized in early 2021. In addition to addressing the most urgent issues of TCP, QUIC ensures its future extendibility and is destined to drastically change the transport protocol landscape. In this work, we present a first look at emerging protocols and their IETF standardization efforts beyond QUIC v1. While multiple proposed extensions improve on QUIC itself, Multiplexed Application Substrate over QUIC Encryption (MASQUE) as well as WebTransport present different approaches to address long-standing problems, and their interplay extends on QUIC's take to address transport layer ossification challenges.

Networking and Internet Architecture

Shujuan Wang,Jian Wang,Zhengtao Yu

DOI: https://doi.org/10.1109/mwc.2017.1800109

IF: 12.777

2018-01-01

IEEE Wireless Communications

Abstract:Wireless IoT is a promising area in which large quantities of data and information are collected, exchanged, and stored constantly. While these data and information are utilized for good purposes in wireless IoT, great risks arise in that attackers are seeking to exploit the merits of this new technology for their own benefits. In such a resource-constrained environment, devices are easily exposed to various attacks. Confidential private information is as valuable as it is vulnerable. It is difficult for end users to trust wireless IoT and to adopt related applications due to the lack of satisfactory privacy-preserving mechanisms, which has become the major obstacle for the adoption and popularization of wireless IoT. In this article, we first introduce the classical application scenarios of wireless IoT, along with related security and privacy attack models. We then present a brief overview of privacy-preserving schemes of wireless IoT. Based on the classification of application scenarios, we further present recent advances in privacy-preserving mechanisms in wireless IoT. Finally, we discuss open issues and future research directions for these application scenarios in wireless IoT.