DistOS-2011W Attribution: Difference between revisions

From Soma-notes
No edit summary
No edit summary
Line 26: Line 26:
==Thursday, March 10th==
==Thursday, March 10th==
<b>Basic Proposal:</b><br/>
<b>Basic Proposal:</b><br/>
Upon questioning the capabilities of the currently deployed global network, it was agreed that it lacks the ability of achieving a relatively high attribution property. By <i>"relatively"</i>, we mean in comparison to the "world's" attribution standards (i.e., the percentage of success in binding an act to a person in the real world).  
Upon questioning the capabilities of the currently deployed global network, it was agreed that it lacks the ability of achieving a relatively high attribution property. By <i>"relatively"</i>, we mean in comparison to the "world's" attribution standards (i.e., the percentage of success in binding an act to a person in the real world). Moreover, any system (h/w or s/w) that is to operate at the end systems is useless because it can be messed with.
As a result, a proposed model was basically discussed. It employs the rule:<br/>
As a result, a proposed model was basically discussed. It employs the rule:<br/>
<i>"An act cannot use network resources nor can it be routed if it is anonymously bound."</i><br/>
<i>"An act cannot use network resources nor can it be routed if it is anonymously bound."</i><br/>
To be done:
Noticeably, the routers, as primary constituents to the intermediate systems, should refrain from routing any data packets that are not fully attributed. As they are the main driving power behind delivering all malicious or benign packets, they should have great responsibility in achieving highly reliable attribution mechanism.
The proposed system requires the following:
# Globally trustful entity(s) (e.g., government)
# A DNS-like world-wide distributed system is to be deployed and encrypted. The system can ONLY be accessible for READ operations by the intermediate systems (routers) and can ONLY be accessible for WRITE operations by the trustful entity defined in number 1.
# Any newly bought (or even handmade/privately manufactured) device that has access capabilities must be licensed from certain trustful entity (e.g., government), or else, it will not exploit global routing services.
# The licensing mechanism
 
Full attribution is not still very well defined, but meanwhile, each data packet must have an <i>identification stamp</i> that mixes a human unique feature (e.g., iris intricate structure) with the MAC address. A VERY WELL protected distributed server system is to be deployed world wide that is only accessed by governments in order to insert the data of a new <i>access</i> interface
<b>To be done:</b><br/>
* Strictly define the requirements of a good attribution system.
* Strictly define the requirements of a good attribution system.
* Analyzing what the currently implemented attribution systems lack.
* Analyzing what the currently implemented attribution systems lack.

Revision as of 05:07, 13 March 2011

Members

  • AbdelRahman Abdou
  • Raghad Al-Awwad
  • Omi Iyamu
  • Rakhim Davletkaliyev

Meeting Briefings

Tuesday, March 1st

After 20 minutes of brainstorming, we agreed on:

  • Current internet infrastructure lacks the ability of achieving highly scalable and efficient attribution mechanism.
  • Attribution must be implemented in a distributed manner and must be automated and not owned.
  • Threats that should be addressed include (but not limited to):
    • Computers, individuals and applications impersonation
    • All types of electronic spoofing.
  • The skeleton of our project will constitute four main aspects:
    • Tracing/Tracking: baseline for attribution.
    • Human identification: a MUST to include!
    • Machine identification: to be dissolved with human identification.
    • Storage: how and where to store data traces and the identification stamps.

Thursday, March 3rd

Decided Task Distribution:

  • Tracing/Tracking: Omi
  • Human identification: Raghad
  • Machine identification: AbdelRahman
  • Storage: Rakhim

Thursday, March 10th

Basic Proposal:
Upon questioning the capabilities of the currently deployed global network, it was agreed that it lacks the ability of achieving a relatively high attribution property. By "relatively", we mean in comparison to the "world's" attribution standards (i.e., the percentage of success in binding an act to a person in the real world). Moreover, any system (h/w or s/w) that is to operate at the end systems is useless because it can be messed with. As a result, a proposed model was basically discussed. It employs the rule:
"An act cannot use network resources nor can it be routed if it is anonymously bound."
Noticeably, the routers, as primary constituents to the intermediate systems, should refrain from routing any data packets that are not fully attributed. As they are the main driving power behind delivering all malicious or benign packets, they should have great responsibility in achieving highly reliable attribution mechanism. The proposed system requires the following:

  1. Globally trustful entity(s) (e.g., government)
  2. A DNS-like world-wide distributed system is to be deployed and encrypted. The system can ONLY be accessible for READ operations by the intermediate systems (routers) and can ONLY be accessible for WRITE operations by the trustful entity defined in number 1.
  3. Any newly bought (or even handmade/privately manufactured) device that has access capabilities must be licensed from certain trustful entity (e.g., government), or else, it will not exploit global routing services.
  4. The licensing mechanism

Full attribution is not still very well defined, but meanwhile, each data packet must have an identification stamp that mixes a human unique feature (e.g., iris intricate structure) with the MAC address. A VERY WELL protected distributed server system is to be deployed world wide that is only accessed by governments in order to insert the data of a new access interface To be done:

  • Strictly define the requirements of a good attribution system.
  • Analyzing what the currently implemented attribution systems lack.
  • (optional) Proposing a model that arguably employs attribution.

Attribution Definition:
"Binding an act to a person" - Prof. Anil

Tuesday, March 15th

Surveyed Papers

[1]Marco Gruteser, Suman Banerjee, Marco Gruteser, Vladimir Barik, Wireless device identification with radiometric signatures, University of Wisconsin at Madison, Madison, WI, USA, 2008. PDF

  • ABSTRACT

We design, implement, and evaluate a technique to identify the source network interface card (NIC) of an IEEE 802.11 frame through passive radio-frequency analysis. This technique, called PARADIS, leverages minute imperfections of transmitter hardware that are acquired at manufacture and are present even in otherwise identical NICs. These imperfections are transmitter-specific and manifest themselves as artifacts of the emitted signals. In PARADIS, we measure differentiating artifacts of individual wireless frames in the modulation domain, apply suitable machine-learning classification tools to achieve significantly higher degrees of NIC identification accuracy than prior best known schemes. We experimentally demonstrate effectiveness of PARADIS in differentiating between more than 130 identical 802.11 NICs with accuracy in excess of 99%. Our results also show that the accuracy of PARADIS is resilient against ambient noise and fluctuations of the wireless channel. Although our implementation deals exclusively with IEEE 802.11, the approach itself is general and will work with any digital modulation scheme.


[2] Subhabrata Sen, Oliver Spatscheck, Dongmei Wang, Accurate, scalable in-network identification of p2p traffic using application signatures, AT&T Labs-Research, Florham Park, NJ, 2004. PDF

  • ABSTRACT

The ability to accurately identify the network traffic associated with different P2P applications is important to a broad range of network operations including application-specific traffic engineering, capacity planning, provisioning, service differentiation,etc. However, traditional traffic to higher-level application mapping techniques such as default server TCP or UDP network-port baseddisambiguation is highly inaccurate for some P2P applications.In this paper, we provide an efficient approach for identifying the P2P application traffic through application level signatures. We firstidentify the application level signatures by examining some available documentations, and packet-level traces. We then utilize the identified signatures to develop online filters that can efficiently and accurately track the P2P traffic even on high-speed network links.We examine the performance of our application-level identification approach using five popular P2P protocols. Our measurements show thatour technique achieves less than 5% false positive and false negative ratios in most cases. We also show that our approach only requires the examination of the very first few packets (less than 10packets) to identify a P2P connection, which makes our approach highly scalable. Our technique can significantly improve the P2P traffic volume estimates over what pure network port based approaches provide. For instance, we were able to identify 3 times as much traffic for the popular Kazaa P2P protocol, compared to the traditional port-based approach.


[3] Roger Clarke, Human Identification in Information Systems: Management Challenges and Public Policy Issues PDF/HTML

  • ABSTRACT

Many information systems involve data about people. In order reliably to associate data with particular individuals, it is necessary that an effective and efficient identification scheme be established and maintained. There is remarkably little in the information technology literature concerning human identification. Seeks to overcome that deficiency by undertaking a survey of human identity and human identification. Discusses techniques including names, codes, knowledge-based and token-based identification, and biometrics. Identifies the key challenge to management as being to devise a scheme which is practicable and economic, and of sufficiently high integrity to address the risks the organization confronts in its dealings with people. Proposes that much greater use be made of schemes which are designed to afford people anonymity, or which enable them to use multiple identities or pseudonyms, while at the same time protecting the organization's own interest. Describes multi-purpose and inhabitant registration schemes, and notes the recurrence of proposals to implement and extend them. Identifies public policy issues. Of especial concern is the threat to personal privacy that the general-purpose use of an inhabitant registrant scheme represents. Speculates that, where such schemes are pursued energetically, the reaction may be strong enough to threaten the social fabric.

Milestones

(Under Construction)

  • Problem definition
  • Literature review
  • Basic system proposal
  • ??

Project Progress

Coming Soon!

Requirements

  • incremental deployability
  • privacy

Readings

really hard to find anything not from psychology