A link to the paper: Difference between revisions

From Soma-notes
 
(112 intermediate revisions by 4 users not shown)
Line 1: Line 1:
=Title=
#REDIRECT [[Internet Attribution: Between Privacy and Cruciality]]
Proposed titles:
* Requirements for Attribution on the Internet
* Internet Attribution: Between Privacy and Cruciality
 
=Abstract=
Present and past situations show a need for improved attribution systems, and arguably, scientific basis for a properly functioning attribution systems are not yet defined. This paper presents limits and advances in the attribution of actions to agents over the internet. It reviews current attribution technologies as well as the limits of those technologies. It also identifies the requirements of a proper attribution system and proposes a distributed (yet cooperative) approach for performing attribution over the internet.
 
=Introduction=
Internet users prefer the partial anonymity while surfing the internet. Unfortunately, several internet users yet have bad intentions to exploit such anonymity in fulfilling different types of <i>electronic crimes</i> including: fraud, theft, forgery, impersonation, the distribution of malware (and hence, botnets), traffic tampering, DoS, bandwidth hogging, etc. Consequently, internet attribution is a highly sensitive field that constitutes a cornerstone position within internet security. Needless to say, current solutions don't guarantee efficient attribution nor are considered always applicable in most of the time, hence, current system suffers the lack of a relatively robust attribution mechanism. In the light of this context, we need better methodologies for reaching an acceptable success level for attributing actions to persons.
 
In principle, attribution can be defined as the mechanism of binding a system-defined act to an agent. An agent is typically an entity that has the ability to commit what constitutes an act. Within our focus, an agent could either be a person or a machine. It can also be defined as "determining the identity or location of an attacker or an attacker’s intermediary"<ref> [Institute for Defense Analyses, 2003</ref>
 
<Why the need of a proper attribution system>
 
This paper starts by discussing a basic set of requirements for achieving an acceptable level of attribution over the internet. In section 3, a survey on the currently implemented systems that achieve attribution are presented as well as their flaws and point of failures. In section 4, the reasons behind the difficulty of achieving a proper attribution system. And finally, a conclusion is presented in section 5.
 
=The attribution dilemma=
* While designing an attribution system one needs to consider balancing between attribution and privacy.
**Sometimes non-attribution is very crucial,to protect political dissidents and whistle-blowers
* When to decide to track a person and when not to (so as not to intrude privacy)?
* How to make sure attribution is properly achieved?
* Who should attribute who/what and why?
* How far can we trust IP-traceback, stepping stone authentications, link identifications and packet filtering in wedging packets to agents?
* How much can intermediate systems' cooperation contribute to achieving attribution?
* Should there be consequences upon attributing an action(s) to an agent? What are they? (punishment, rewarding, etc)
* How to deal with misleading data sources hiding behind botnets and concealing identities via stepping stones?
 
==Why is it difficult to achieve attribution?==
 
The main problem I see is that the way Internet is designed makes it possible and relatively easy to act without compromising identity. Moreover, most current solutions are  based on the same structure and work within the same scope, thus, can only reduce the number of potentially destructive acts or just deal with the consequences.  Of course, no system can prevent 100% of destructive attempts, but some potentially good attribution system should make such attempts highly undesirable and "costly" for an attacker.
 
*The issue of lack of attribution on the web mostly arises whenever security is compromised. When you're bombarded with spam, or when a system is under a DoS attack attribution becomes a more appealing notion. Getting a balance between security and privacy is tricky, because once attacks are tracked so will all other traffic.
*Depending on the type of sender and receiver, different attribution policy will be requested.
 
In the ideal world, every action on the internet could be bound to a machine and thus to a person. This is done by examining the source IP printed on each moving packet, locating the geographical location of this IP, consulting the ISP covering the location and identifying the person. If an act requires strict attribution (like checking and sending emails), authentication is used. <b>Here is what goes wrong</b>:
* IP addresses can be <b>spoofed</b> and hence, misleads the geographical location.
* For avoiding that problem, <b>IP traceback</b> can be performed BUT it requires global cooperation of intermediate systems... it is not there!
* IPs are <b>not permanently bound</b> to personnel, so figuring out the person from the IP is not concrete.
* Network users are <b>not aware of all packets sneaking</b> to their machines, which allows for malware distribution and hence, the creation of botnets... misleading attribution!
* <b>Firewalls</b> and packet filters can be used for avoiding that problem, but they are not 100% efficient.
* It is not applicable to <b>authenticate</b> every single action on the internet.
===Attacks to prevent correct attribution of actions===
* Stepping stone attack: a common way of attributing attacks to anonymity by using multiple public random agents (as stepping stones) to reach the victim in order to conceal the attacking source. <ref name="ref1">S. Staniford-Chen and L. T. Heberlein. Holding intruders accountable on the internet. In SP ’95: Proceedings of the 1995 IEEE Symposium on Security and Privacy, page 39, Washington, DC, USA, 1995. IEEE Computer Society.</ref>
* Forgery
** Identity theft (impersonation)
** Distribution of malware
 
==Why we need Attribution==
 
* For identifying purposes
** Web Banking
** eCommerce
** Web advertisements
 
* For better protection against cyber attacks:
** DoS and DDos
** Forgery and theft
** Sniffing private traffic
** Distributing illegal content/malware
** Sending spam
** Illegal/undesired intrusion
 
*For marketing purposes (privacy?)
** custom (client-based) content generation
 
==Examples of how attribution is done today==
* Cookies
* Authentication Systems
* IP Addressing
 
=Requirements for internet attribution system=
(Unstructured draft)
 
* Any potentially destructive act should be traceable to a person (and/or organization, group, etc)
* Traceability should not violate any current privacy-related laws and moral principles
* Attribution mapping should not be a bijection, in other words action should map to persons, but not vice versa
* Traceability information should be distributed
* It should be impossible to collect all traceability data in one place
* Personal data should be stored by trusted authorities (e.g. governments)
* Traceability information and personal data should be separated, a connection to be revealed only when needed
* Attribution system should be incrementally deployable
* Cost of setting up and maintaining the system for a particular body (person, organization, network) should be considerably less than average losses under current lack of attribution (e.g. DoS, identity theft, etc)
* Attribution system should be adoptable to different set of rules and principles (laws of countries, organizations' policies, etc), yet remain universal
 
=Related Work=
===Against attribution attacks===
2006: [http://ieeexplore.ieee.org.proxy.library.carleton.ca/stamp/stamp.jsp?tp=&arnumber=1649171 This] paper designed a scalable testbed for evaluating all existing stepping stone attack.<br/>
2007: [http://www.truststc.org/pubs/168/HeTong06ASC.pdf This] paper proposes a technique for robust detection of stepping stone attack.
 
===Attributing actions over the internet by attributing packets to agents===
2004: [http://ieeexplore.ieee.org.proxy.library.carleton.ca/stamp/stamp.jsp?tp=&arnumber=1437851 This] paper uses both <i>link identification</i> and <i>filtering</i> for achieving IP traceback WITHOUT the presence of high network cooperation.<br/>
 
===Attributing text/documents/articles/codes to authors (Authorship)===
2005: [http://ieeexplore.ieee.org.proxy.library.carleton.ca/stamp/stamp.jsp?tp=&arnumber=1556355 This] paper presents a neural network approach for source attribution of text.<br/>
2006: [http://ieeexplore.ieee.org.proxy.library.carleton.ca/stamp/stamp.jsp?tp=&arnumber=4028874 This] paper presents a process to determine the source of a previously unexamined piece of writing.<br/>
2007: [http://ieeexplore.ieee.org.proxy.library.carleton.ca/stamp/stamp.jsp?tp=&arnumber=4456854 This] paper uses feature extractions for document attribution.<br/>
2007: [http://ieeexplore.ieee.org.proxy.library.carleton.ca/stamp/stamp.jsp?tp=&arnumber=4293714 This] paper works to recognize the author of text documents without depending on the document's theme. It also visualizes this attribution using "blobby objects".<br/>
2009: [http://ieeexplore.ieee.org.proxy.library.carleton.ca/stamp/stamp.jsp?tp=&arnumber=5254209 This] paper attributes codes (s/w programs) to persons after learning the personal coding scheme through at least three samples of codes.<br/>
2011: [http://ieeexplore.ieee.org.proxy.library.carleton.ca/stamp/stamp.jsp?tp=&arnumber=5706693 This] paper attributes user-generated text on the web by using a two-stage supervised and non-supervised learning for achieving authorship attribution on web forum posts.
 
=References=
<references/>

Latest revision as of 19:56, 11 April 2011