We have been actively working on several projects within the realm of security, privacy, and anonymity. The first has been a security analysis of Tor, a popular onion routing network used to anonymize TCP connections. Specifically, this work has examined how performance optimizations added to enhance the system's performance are fundamentally at odds with the network's ability to ensure strong anonymity properties. Through experimentation with an isolated Tor network deployed on Planetlab, we show that an low-resource adversary can compromise over 46% of all circuits through the network; this is a significant increase over the previously accepted analytical attack success prediction.
Another project has focused on characterizing and modeling anonymous network usage, focusing on Tor, as it is the most widely used anonymous network. We participate in the Tor network as a Tor router and provide a breakdown of application-level protocols that can be observed within Tor, a geopolitical distribution of Tor routers and clients, and a characterization of how networks like Tor are being abused by malicious parties. Our main objective through this study is to better understand the Tor network and through this understanding, propose improvements.
We have also been working on anonymizing protocols for specific applications. In particular, we proposed a simple protocol to add "plausible deniability" to the popular BitTorrent peer-to-peer file sharing protocol. In the current BitTorrent protocol, the identities of all peers sharing a particular file are published by the "tracker" server. Our protocol, called BitBlender, provides light-weight anonymity (in the spirit of the Crowds anomymizing network) by inserting special peers called "relay peers" into the BitTorrent system architecture. These peers act as proxies for other peers that actively share a particular file. In doing so, it becomes unclear to an adversary which peers listed by the trackers are engaged in the sharing of the file and which peers are merely relays. The adversary must now invest more resources and perform more sophisticated (and error-prone) traffic analysis tactics to ascertain the identities of the real peers.
Our projects also focus on security and privacy in wireless networks. Such completed projects include an identifier-free wireless link-layer, a confidential service discovery protocol, an accurate technique for wireless device driver fingerprinting, a method for constructing implicit identifiers using information extracted from the wireless physical layer, and a set of techniques to detect "evil twin" access points in 802.11.
Kevin Bauer, Damon McCoy, Eric Anderson, Markus Breitenbach, Greg Grudic, Dirk Grunwald, Douglas Sicker - The Directional Attack on Wireless Localization - or - How to Spoof your Location with a Tin Can
Proceedings of the IEEE Globecom Communications and Information Security Symposium , Honolulu, HI, USA, December, 2009
Kevin Bauer, Harold Gonzales, Damon McCoy - Mitigating Evil Twin Attacks in 802.11
Proceedings of 1st IEEE International Workshop on Information and Data Assurance (WIDA 2008) in conjunction with the 27th IEEE International Performance Computing and Communications Conference (IPCCC 2008) , Austin, TX, USA, December, 2008
Kevin Bauer, Damon McCoy, Dirk Grunwald, Douglas Sicker - BitBlender: Light-Weight Anonymity for BitTorrent
Proceedings of the Workshop on Applications of Private and Anonymous Communications (AlPACa 2008) in conjunction with SecureComm 2008 , Istanbul, Turkey, September, 2008
Ben Greenstein, Damon McCoy, Jeffrey Pang, Tadayoshi Kohno, Srinivasan Seshan, David Wetherall - Improving Wireless Privacy with an Identifier-Free Link Layer Protocol
MobiSys '08: 6th International Conference on Mobile Systems, Application, and Services , Breckenridge, CO, USA, June, 2008
Jason Franklin, Damon McCoy, Parisa Tabriz, Vicentiu Neagoe, Jamie Van Randwyk, Douglas Sicker - Passive Data Link Layer 802.11 Wireless Device Driver Fingerprinting
Proceedings of the 15th USENIX Security Symposium , Vancouver, BC, Canada, August, 2006
Response To Recent Controversy Regarding Our Tor Study
Recently, the researchers involved in this project were accused of potential wiretap, possible violation of human subject review and other issues by a graduate student who is also a blogger posting on the CNet news site.
On 24 July 2008, the University of Colorado conducted an internal review of the research methodologies and determined that no University of Colorado human subjects review was needed by this study, and that the study did not constitute research misconduct.
You can read more information about our response to these allegations at Response To Tor Study. The preceding is the private response of the researchers involved in this project, and not an official University of Colorado response to this topic. Please contact the University of Colorado press office for an official response.
