[ NNSquad ] Software improves p2p privacy by hiding in the crowd

NNSquad - Network Neutrality Squad
NNSquad Home Page
NNSquad Mailing List Information

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ NNSquad ] Software improves p2p privacy by hiding in the crowd

To: nnsquad@nnsquad.org
Subject: [ NNSquad ] Software improves p2p privacy by hiding in the crowd
From: Lauren Weinstein <lauren@vortex.com>
Date: Fri, 10 Apr 2009 08:09:57 -0700

----- Forwarded message from ssc <ssc@strikenet.kicks-ass.net> -----

Date: Fri, 10 Apr 2009 04:06:13 -0400
From: ssc <ssc@strikenet.kicks-ass.net>
Subject: Software improves p2p privacy by hiding in the crowd
To: Lauren Weinstein <lauren@vortex.com>

Software improves p2p privacy by hiding in the crowd

   [1]http://www.physorg.com/news158419063.html

Software improves p2p privacy by hiding in the crowd

   April 8th, 2009

   Researchers at the McCormick School of Engineering and Applied Science at
   Northwestern University have identified a new "guilt-by-association"
   threat to privacy in peer-to-peer (P2P) systems that would enable an
   eavesdropper to accurately classify groups of users with similar download
   behavior. To thwart this threat, they have released publicly available,
   open source software that restores privacy by masking a user's real
   download activity in such a manner as to disrupt classification.

   window.google_render_ad();

   [2]Ads by Google

   [3]Securing Your Network - [4]www.saturnpartners.com
   Saturn Partners assess your risks and gives you peace of mind!

   [5]Business Continuity Plan - [6]www.OngoingOperations.com
   CURecover is a comprehensive business continuity planning tool

   P2P systems are incredibly popular, enabling new and important Internet
   applications such as voice over IP (VoIP) and file sharing. These systems
   work by establishing network connections between machines that cooperate
   to perform a common goal. While many researchers have pointed out that the
   data exchanged over these connections can reveal personal information
   about users, an interdisciplinary collaboration between Fabian Bustamante,
   associate professor of electrical engineering and [7]computer science,
   Luis Amaral, associate professor of chemical and biological engineering,
   and Roger Guimer`a, research assistant professor of chemical and
   biological engineering, shows that only the patterns of connections -- not
   the data itself -- is sufficient to create a powerful threat to user
   privacy.

   The team of researchers, which includes graduate students David Choffnes
   (electrical engineering and computer science) and Dean Malmgren (chemical
   and biological engineering), and postdoctoral fellow Jordi Duch (chemical
   and biological engineering), studied connection patterns in the BitTorrent
   file-sharing network -- one of the largest and most popular P2P systems
   today. They found that over the course of weeks, groups of users formed
   communities where each member consistently connected with other community
   members more than with users outside the community.

   "This was particularly surprising because BitTorrent is designed to
   establish connections at random, so there is no a priori reason for such
   strong communities to exist," Bustamante says. After identifying this
   community behavior, the researchers showed that an eavesdropper could
   classify users into specific communities using a relatively small number
   of observation points. Indeed, a savvy attacker can correctly extract
   communities more than 85 percent of the time by observing only 0.01
   percent of the total users. Worse yet, this information could be used to
   launch a "guilt-by-association" attack, where an attacker need only
   determine the downloading behavior of one user in the community to
   convincingly argue that all users in the communities are doing the same.

   Given the impact of this threat, the researchers developed a technique
   that prevents accurate classification by intelligently hiding
   user-intended downloading behavior in a cloud of random downloading. They
   showed that this approach causes an eavesdropper's classification to be
   wrong the majority of the time, providing users with grounds to claim
   "plausible deniability" if accused.

   The research team implemented this strategy in software that has already
   been made available as a seamless extension to the popular Vuze BitTorrent
   client. The software, named SwarmScreen, downloads randomly-selected
   content in a way that prevents eavesdroppers from distinguishing it from
   user-desired content. SwarmScreen allows users to control the impact of
   these connections on the download performance for the data they want to
   keep.

   More information: SwarmScreen is available for download on the Aqualab
   website or via the Vuze plugin installation menu. For more details about
   this work, visit
   [8]http://aqualab.cs.northwestern.edu/projects/SwarmScreen.html

References

   Visible links
   1. http://www.physorg.com/news158419063.html
   2. http://services.google.com/feedback/abg?url=http://www.physorg.com/news158419063.html&hl=en&client=ca-pub-0536483524803400&adU=www.saturnpartners.com&adT=Securing+Your+Network&adU=www.OngoingOperations.com&adT=Business+Continuity+Plan&done=1
   3. http://googleads.g.doubleclick.net/aclk?sa=l&ai=BsJSOUfzeScDFM4bGVoDjueILoOyPEpD_yfYCwI23AcDfchABGAEg9raFAigCOABQ8YiD-Pj_____AWDJ9qmLwKSMELIBD3d3dy5waHlzb3JnLmNvbcgBAdoBKWh0dHA6Ly93d3cucGh5c29yZy5jb20vbmV3czE1ODQxOTA2My5odG1sgAIBqAMB6AP0AugDwQLoA68C9QMAABAE9QMgAAAA&num=1&sig=AGiWqtze40rUkFalWTNK4eZHCT4N4va8Hg&client=ca-pub-0536483524803400&adurl=http://www.saturnpartners.com
   4. http://googleads.g.doubleclick.net/aclk?sa=l&ai=BsJSOUfzeScDFM4bGVoDjueILoOyPEpD_yfYCwI23AcDfchABGAEg9raFAigCOABQ8YiD-Pj_____AWDJ9qmLwKSMELIBD3d3dy5waHlzb3JnLmNvbcgBAdoBKWh0dHA6Ly93d3cucGh5c29yZy5jb20vbmV3czE1ODQxOTA2My5odG1sgAIBqAMB6AP0AugDwQLoA68C9QMAABAE9QMgAAAA&num=1&sig=AGiWqtze40rUkFalWTNK4eZHCT4N4va8Hg&client=ca-pub-0536483524803400&adurl=http://www.saturnpartners.com
   5. http://googleads.g.doubleclick.net/aclk?sa=l&ai=BT3utUfzeScDFM4bGVoDjueIL38vTH5eD260DwI23AYCQThACGAIg9raFAigCOABQqcHl4QJgyfapi8CkjBCyAQ93d3cucGh5c29yZy5jb23IAQHaASlodHRwOi8vd3d3LnBoeXNvcmcuY29tL25ld3MxNTg0MTkwNjMuaHRtbIACAagDAegD9ALoA8EC6AOvAvUDAAAQBPUDIAAAAA&num=2&sig=AGiWqtzy5MY7PlJgLPugjthh81dkmNzmCA&client=ca-pub-0536483524803400&adurl=http://www.ongoingoperations.com
   6. http://googleads.g.doubleclick.net/aclk?sa=l&ai=BT3utUfzeScDFM4bGVoDjueIL38vTH5eD260DwI23AYCQThACGAIg9raFAigCOABQqcHl4QJgyfapi8CkjBCyAQ93d3cucGh5c29yZy5jb23IAQHaASlodHRwOi8vd3d3LnBoeXNvcmcuY29tL25ld3MxNTg0MTkwNjMuaHRtbIACAagDAegD9ALoA8EC6AOvAvUDAAAQBPUDIAAAAA&num=2&sig=AGiWqtzy5MY7PlJgLPugjthh81dkmNzmCA&client=ca-pub-0536483524803400&adurl=http://www.ongoingoperations.com
   7. http://www.physorg.com/news158419063.html#
   8. http://aqualab.cs.northwestern.edu/projects/SwarmScreen.html

_______________________________________________
Strikenet mailing list
Strikenet@lists.sonic.net
http://lists.sonic.net/mailman/listinfo/strikenet

----- End forwarded message -----

Prev by Date: [ NNSquad ] French ISP law will be resubmitted -- Here comes the crypto!
Next by Date: [ NNSquad ] Big ISPs to Customers: Bend Over and Close Your Eyes
Previous by thread: [ NNSquad ] French ISP law will be resubmitted -- Here comes the crypto!
Next by thread: [ NNSquad ] Big ISPs to Customers: Bend Over and Close Your Eyes
Index(es):
- Date
- Thread