P2P-Zone

P2P-Zone (http://www.p2p-zone.com/underground/index.php)
-   Peer to Peer (http://www.p2p-zone.com/underground/forumdisplay.php?f=5)
-   -   Researchers Able To Track Anonymous P2P Packets (http://www.p2p-zone.com/underground/showthread.php?t=23302)

JackSpratts 12-11-06 09:17 PM
Researchers Able To Track Anonymous P2P Packets
 
In a paper published last fall, researchers at George Mason University claim to have successfully identified originating addresses of P2P packets even when encrypted and sent over Internet anonymising services, and accomplished it with near 100% accuracy by secretly watermarking the streams (PDF) with special queueing sequences.

On telephone calls generated with Skype, a low latency packet switching Voice-Over-Internet Protocol (VOIP) peer-to-peer service and encrypted in 256 bit AES and further VPN anonymised through findnot.com, they achieved successful tracking in every instance the calls were at least two minutes in length.

The new technique works by delaying outgoing data in amounts so miniscule researchers claim it’s undetectable to users, and then precisely timing its arrival.

The team did not say if they can also track encrypted data on other anonymous file-sharing networks like so-called darknets.

The US Air Force supplied partial funding.

- js.

Malk-a-mite 22-11-06 01:22 PM
Remind me to dig up the whitepapers on tracing TOR users back to their original IP. Fun stuff.

brownbag 02-01-07 11:12 AM
Adding a watermark
 
I wonder how much it will slow transfers down.

JackSpratts 02-01-07 03:16 PM
Quote:
Originally Posted by brownbag (Post 251579)
I wonder how much it will slow transfers down.
according to the paper the delay is so slight as to be undetectable by users.

while we're on the subject there's a new detection system in the wings, a really clever one that examines how internal computer clocks are affected by the heat pcs generate. steven murdoch the researcher claims timing skews are so unique they're a virtual fingerprint, tracable right back to your machine.

here's how it works -

If an attacker wants to learn the IP address of a hidden server on the Tor network, he'll suddenly request something difficult or intensive from that server. The added load will cause it to warm up.

Because temperature affects how fast most electronics operate, warming up the machine causes microscopic changes in clock skew over time. Now the attacker queries computers on the public internet that he suspects of being the Tor server, looking for the shift in skew over the course of hours.

When he finds a computer that has guilty change in its timestamps, he has a match.

'It's actually quite hard to defend against,' says Murdoch. '(You can) lock the timestamp, but even without explicate timestamps, it's conceivable.'


he chose tor because of its stealthy attributes. as malk notes there are other ways of tracing users but ominously this new technique doesn't end there -

Ironically it might be the most extremely hardened computers that would be most vulnerable to this style of attack. Murdoch theorizes that military computers with precise time reporting should be easier than more casual networks like Tor, in the long run.

there's more in wir 12-30-06

- js.

Malk-a-mite 11-01-07 11:56 PM
Less and less time for posting lately....


http://www.fortconsult.net/images/pdf/tpr_100506.pdf

As promised.


All times are GMT -6. The time now is 03:26 PM.

Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
© www.p2p-zone.com - Napsterites - 2000 - 2024 (Contact grm1@iinet.net.au for all admin enquiries)