Technical Reports

Maginot lines and tourniquets : on the defendability of national cyberspace

2020-01-01T00:00:00Z

Maginot lines and tourniquets : on the defendability of national cyberspace Gosain, Devashish; Rawat, Madhur; Sharma, Piyush Kumar; Acharya, Hrishikesh Bhatt National governments know the Internet as both a blessing and a headache. On the one hand, it unlocks great economic and strategic opportunity. On the other hand, government, military, or emergency-services become vulnerable to scans (Shodan), attacks (DDoS from botnets like Mirai), etc., when made accessible on the Internet. How hard is it for a national government to effectively secure its entire cyberspace? We approach this problem from the view that a coordinated defense involves monitors and access control (firewalls etc.) to inspect traffic entering or leaving the country, as well as internal traffic. In several case studies, we consistently find a natural Line of Defense — a small number of Autonomous Systems (ASes) that intercept most (> 95%) network paths in the country. We conclude that in many countries, the structure of the Internet actually makes it practical to build a nation-scale cordon, to detect and filter cyber attacks.

The road not taken : re-thinking the feasibility of voice calling over tor

2019-01-01T00:00:00Z

The road not taken : re-thinking the feasibility of voice calling over tor Sharma, Piyush Kumar; Chaudhary, Shashwat; Hassija, Nikhil; Maity, Mukulika; Chakravarty, Sambuddho Anonymous VoIP calls over the Internet holds great significance for privacy-conscious users, whistle-blowers and political activists alike. Prior research deems popular anonymization systems like Tor unsuitable for providing requisite performance guarantees that real-time applications like VoIP need. Their claims are backed by studies that may no longer be valid due to constant advancements in Tor. Moreover, we believe that these studies lacked the requisite diversity and comprehensiveness. Thus, conclusions from these studies, led them to propose novel and tailored solutions. However, no such system is available for immediate use. Additionally, operating such new systems would incur significant costs for recruiting users and volunteered relays, to provide the necessary anonymity guarantees. It thus becomes imperative that the exact performance of VoIP over Tor be quantified and analyzed, so that the potential performance bottlenecks can be amended. The impact of interplay of the network performance attributes (e.g., RTT, bandwidth, etc.) on the perceived call quality thus also needs a fresh look to have a better understanding. We thus conducted an extensive empirical study across various in-lab and real world scenarios to shed light on VoIP performance over Tor. In over 0.5 million measurements spanning 12 months, across seven countries and covering about 6650 Tor relays, we observed that Tor supports good voice quality (Perceptual Evaluation of Speech Quality (PESQ) >3 and oneway delay <400ms) in more than 85% of cases. Further analysis indicates that in general for most Tor relays, the contentions due to cross-traffic were low enough to support VoIP calls, that are anyways transmitted at low rates (<120 Kbps). Our findings are supported by concordant measurements using iperf that show more than the adequate available bandwidth for most cases. Data published by the Tor Metrics also corroborates the same. Hence, unlike prior efforts, our research reveals that Tor is suitable for supporting anonymous VoIP calls.

Detecting activities at metro stations using smartphone sensors

2017-11-29T00:00:00Z

Detecting activities at metro stations using smartphone sensors Mongia, Aanchal; Gunturi, Venkata M. Viswanath; Naik, Vinayak Our paper aims to build a classification-model which delineates the typical motion-related activities performed at a metro station using smart phone sensors. We focus on typical movements, such as climbing the stairs or moving in the lift, waiting at security, waiting at the turnstile to check out and, moving on platform while waiting for a train. Such a classifier estimates crowd levels in a metro-station (and metro trains in an indirect sense), thereby adding towards the vision of efficient metro travel. However, building such a classification-model is challenging due to non-trivial decision boundaries among the classes of interest. Our experiments revealed that the best accuracy that a traditional multi-class classifier could obtain was 0:58, for a four-class classifier. To this end, we proposed a hierarchical approach of classification which divides the multi-class problem at hand into a set of manageable two-class classification problems. These two-class classifiers are then put together, in a hierarchy, to give an end-to-end solution which takes sensors values from the phone and predicts the class of motion being observed. Our model obtained an accuracy of around 0:75, a significantly higher value, on the real-data collected at Delhi Metro stations. The same classifiers can potentially be applied to detect crowd levels at train stations and bus depots, which will make transportation efficient in smart cities.

Qi points : placing decoy routers in the internet

2016-09-23T04:51:19Z

Qi points : placing decoy routers in the internet Gosain, Devashish; Agarwal, Anshika; Acharya, Hrishikesh Bhatt; Chakravarty, Sambuddho Decoy Routing, the use of routers (rather than end hosts) as proxies, is a new direction in anti-censorship research. However, existing proposals require control of hundreds of Autonomous Systems (AS) to provide Decoy Routing to Internet users in a single censorious country (e.g. China). This is considered necessary, as the adversary - in this case the Chinese Government - has connections to many Autonomous Systems (ASes), and we want to make sure it cannot simply route around those ASes which have decoy routers. In this paper, we present a new approach to the question of placing decoy routers. In decoy routing, the router intercepts messages en route to an overt destination and proxies them to covert destinations. Instead of trying to capture flows from an entire country, as proposed, we stipulate that the overt destination be a well known site (such as Alexa top-100), and concentrate on the AS-level paths to these sites. We construct a map of the structure of the Internet, as a graph of such AS-level paths and present a new way to identify key points - those few ASes which appear on a large fraction of paths leading to these popular websites. Our method yields results an order of magnitude cheaper than earlier proposals, and needs to be run only once, rather than for each censorious country. (We also identify the key routers inside a few key ASes.) Our results indicate that decoy routing is much more powerful than previously believed: using our new approach to place decoy routers, we need very few (less than 0:1% of Internet AS) to force an adversary to route through them. However, while the number of key ASes is small, the number of key routers in these ASes may be quite large – a new challenge for decoy routing.