Global Internet Traffic Routing and Privacy

Current Internet Protocol routing provides minimal privacy, which enables multiple exploits. The main issue is that the source and destination addresses of all packets appear in plain text. This enables numerous attacks, including surveillance, man-in-the-middle (MITM), and denial of service (DoS). The talk explains how these attacks work in the current network. Endpoints often believe that use of Network Address Translation (NAT), and Dynamic Host Configuration Protocol (DHCP) can minimize the loss of privacy.We will explain how the regularity of human behavior can be used to overcome these countermeasures. Once packets leave the local autonomous system (AS), they are routed through the network by the Border Gateway Protocol (BGP). The talk will discuss the unreliability of BGP and current attacks on the routing protocol. This will include an introduction to BGP injects and the PEERING testbed for BGP experimentation. One experiment we have performed uses statistical methods (CUSUM and F-test) to detect BGP injection events. We describe work we performed that applies BGP injects to Internet Protocol (IP) address randomization to replace fixed IP addresses in headers with randomized addresses. We explain the similarities and differences of this approach with virtual private networks (VPNs). Analysis of this work shows that BGP reliance on autonomous system (AS) numbers removes privacy from the concept, even though it would disable the current generation of MITM and DoS attacks. We end by presenting a compromise approach that creates software-defined data exchanges (SDX), which mix traffic randomization with VPN concepts. We contrast this approach with the Tor overlay network and provide some performance data.

[1]  Mauro Conti,et al.  A Survey of Man In The Middle Attacks , 2016, IEEE Communications Surveys & Tutorials.

[2]  Sharon Goldberg,et al.  Why is it taking so long to secure internet routing? , 2014, Commun. ACM.

[3]  Nick Feamster,et al.  Global Measurement of DNS Manipulation , 2017, USENIX Security Symposium.

[4]  Hongxin Hu,et al.  Towards Efficient Traffic Monitoring for Science DMZ with Side-Channel based Traffic Winnowing , 2018, SDN-NFV@CODASPY.

[5]  George Danezis,et al.  Low-cost traffic analysis of Tor , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[6]  Gaël Varoquaux,et al.  Scikit-learn: Machine Learning in Python , 2011, J. Mach. Learn. Res..

[7]  Ganesh Kumar Venayagamoorthy,et al.  Side channel analysis of multiple PMU data in electric power systems , 2015, 2015 Clemson University Power Systems Conference (PSC).

[8]  Vern Paxson,et al.  Detecting Forged TCP Reset Packets , 2009, NDSS.

[9]  Yuval Shavitt,et al.  China’s Maxim – Leave No Access Point Unexploited: The Hidden Story of China Telecom’s BGP Hijacking , 2018, Military Cyber Affairs.

[10]  Micah Sherr,et al.  Users get routed: traffic correlation on tor by realistic adversaries , 2013, CCS.

[11]  Paul F. Syverson,et al.  Locating hidden servers , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[12]  Philipp Winter,et al.  ScrambleSuit: a polymorphic network protocol to circumvent censorship , 2013, WPES.

[13]  Nino Vincenzo Verde,et al.  Bypassing Censorship: A Proven Tool against the Recent Internet Censorship in Turkey , 2014, 2014 IEEE International Symposium on Software Reliability Engineering Workshops.

[14]  Robert N. M. Watson,et al.  Ignoring the Great Firewall of China , 2006, Privacy Enhancing Technologies.

[15]  Richard R. Brooks,et al.  Wavelet based Denial-of-Service detection , 2006, Comput. Secur..

[16]  L. Leemis Applied Linear Regression Models , 1991 .

[17]  Alberto Dainotti,et al.  BGP hijacking classification , 2019, 2019 Network Traffic Measurement and Analysis Conference (TMA).

[18]  Nick Feamster,et al.  Spying on the Smart Home: Privacy Attacks and Defenses on Encrypted IoT Traffic , 2017, ArXiv.

[19]  Richard R. Brooks,et al.  Distributed Denial of Service Attacks , 2020 .

[20]  Ilker Ozcelik DoS Attack Detection and Mitigation , 2015 .

[21]  J. Alex Halderman,et al.  Internet Censorship in Iran: A First Look , 2013, FOCI.

[22]  Ronald J. Deibert The geopolitics of internet control: censorship, sovereignty, and cyberspace , 2008 .