Difference between revisions of "A link to the paper"
AbdelRahman (talk | contribs) |
AbdelRahman (talk | contribs) |
||
| Line 10: | Line 10: | ||
Internet users prefer the partial anonymity while surfing the internet. Unfortunately, several internet users yet have bad intentions to exploit such anonymity in fulfilling different types of <i>electronic crimes</i> including: fraud, theft, forgery, impersonation, the distribution of malware (and hence, botnets), traffic tampering, DoS, bandwidth hogging, etc. Consequently, internet attribution is a highly sensitive field that constitutes a cornerstone position within internet security. Needless to say, current solutions don't guarantee efficient attribution nor are considered always applicable in most of the time, hence, current system suffers the lack of a relatively robust attribution mechanism. In the light of this context, we need better methodologies for reaching an acceptable success level for attributing actions to persons. | Internet users prefer the partial anonymity while surfing the internet. Unfortunately, several internet users yet have bad intentions to exploit such anonymity in fulfilling different types of <i>electronic crimes</i> including: fraud, theft, forgery, impersonation, the distribution of malware (and hence, botnets), traffic tampering, DoS, bandwidth hogging, etc. Consequently, internet attribution is a highly sensitive field that constitutes a cornerstone position within internet security. Needless to say, current solutions don't guarantee efficient attribution nor are considered always applicable in most of the time, hence, current system suffers the lack of a relatively robust attribution mechanism. In the light of this context, we need better methodologies for reaching an acceptable success level for attributing actions to persons. | ||
In principle, attribution can be defined as the mechanism of binding a system-defined act to an agent. An agent is typically an entity that has the ability to commit what constitutes an act. Within our focus, an agent could either be a person or a machine. It can also be defined as "determining the identity or location of an attacker or an attacker’s intermediary"<ref> [Institute for Defense Analyses, 2003</ref> | In principle, attribution can be defined as the mechanism of binding a system-defined act to an agent. An agent is typically an entity that has the ability to commit what constitutes an act. Within our focus, an agent could either be a person or a machine. It can also be defined as "determining the identity or location of an attacker or an attacker’s intermediary"<ref> [Institute for Defense Analyses, 2003</ref>. In the current systems, this determination operation is considerably difficult for the following reasons: <why does an attribution problem exists> | ||
This paper focuses on <the focus> | |||
Research done <literature spanning> | |||
This paper starts by a quick discussion on the dilemma of attribution in section 2. Consequently, section 3 argues about the reasons behind the essentiality of implementing proper attribution systems. Section 4 presents a fundamental set of requirements for achieving an acceptable level of attribution over the internet. In section 5, a survey on the currently implemented systems that achieve attribution are presented as well as their flaws and point of failures. In section 6, the reasons behind the difficulty of achieving a proper attribution system. And finally, a conclusion is presented in section 7. | |||
=The attribution dilemma= | |||
* While designing an attribution system one needs to consider balancing between attribution and privacy. | |||
**Sometimes non-attribution is very crucial,to protect political dissidents and whistle-blowers | |||
* When to decide to track a person and when not to (so as not to intrude privacy)? | |||
* How to make sure attribution is properly achieved? | |||
* Who should attribute who/what and why? | |||
* How far can we trust IP-traceback, stepping stone authentications, link identifications and packet filtering in wedging packets to agents? | |||
* How much can intermediate systems' cooperation contribute to achieving attribution? | |||
* Should there be consequences upon attributing an action(s) to an agent? What are they? (punishment, rewarding, etc) | |||
* How to deal with misleading data sources hiding behind botnets and concealing identities via stepping stones? | |||
==Why we need Attribution== | ==Why we need Attribution== | ||
| Line 30: | Line 46: | ||
*For marketing purposes (privacy?) | *For marketing purposes (privacy?) | ||
** custom (client-based) content generation | ** custom (client-based) content generation | ||
=Requirements for internet attribution system= | =Requirements for internet attribution system= | ||
Revision as of 04:53, 27 March 2011
Title
Proposed titles:
- Requirements for Attribution on the Internet
- Internet Attribution: Between Privacy and Cruciality
Abstract
Present and past situations show a need for improved attribution systems, and arguably, scientific basis for a properly functioning attribution systems are not yet defined. Lots of research have been focusing on attributing documents to authors for the sake of securing authorship rights and rapid identification of plagiarism. Many of those were revolving around the notion of using machine learning for linking articles to humans. Others proposed text classification and feature selection as a mean of detecting the author of document. Unfortunately, not that much research is addressing the problem of lack of robust attribution system over the internet. Authentication, as a mean of attribution, has proved its efficiency but, needless to say, it is not applicable to authenticate every single packet hopping over the intermediate systems. This paper presents limits and advances in the attribution of actions to agents over the internet. It reviews current attribution technologies as well as the limits of those technologies. It also identifies the requirements of a proper attribution system and proposes a distributed (yet cooperative) approach for performing attribution over the internet.
Introduction
Internet users prefer the partial anonymity while surfing the internet. Unfortunately, several internet users yet have bad intentions to exploit such anonymity in fulfilling different types of electronic crimes including: fraud, theft, forgery, impersonation, the distribution of malware (and hence, botnets), traffic tampering, DoS, bandwidth hogging, etc. Consequently, internet attribution is a highly sensitive field that constitutes a cornerstone position within internet security. Needless to say, current solutions don't guarantee efficient attribution nor are considered always applicable in most of the time, hence, current system suffers the lack of a relatively robust attribution mechanism. In the light of this context, we need better methodologies for reaching an acceptable success level for attributing actions to persons.
In principle, attribution can be defined as the mechanism of binding a system-defined act to an agent. An agent is typically an entity that has the ability to commit what constitutes an act. Within our focus, an agent could either be a person or a machine. It can also be defined as "determining the identity or location of an attacker or an attacker’s intermediary"<ref> [Institute for Defense Analyses, 2003</ref>. In the current systems, this determination operation is considerably difficult for the following reasons: <why does an attribution problem exists>
This paper focuses on <the focus>
Research done <literature spanning>
This paper starts by a quick discussion on the dilemma of attribution in section 2. Consequently, section 3 argues about the reasons behind the essentiality of implementing proper attribution systems. Section 4 presents a fundamental set of requirements for achieving an acceptable level of attribution over the internet. In section 5, a survey on the currently implemented systems that achieve attribution are presented as well as their flaws and point of failures. In section 6, the reasons behind the difficulty of achieving a proper attribution system. And finally, a conclusion is presented in section 7.
The attribution dilemma
- While designing an attribution system one needs to consider balancing between attribution and privacy.
- Sometimes non-attribution is very crucial,to protect political dissidents and whistle-blowers
- When to decide to track a person and when not to (so as not to intrude privacy)?
- How to make sure attribution is properly achieved?
- Who should attribute who/what and why?
- How far can we trust IP-traceback, stepping stone authentications, link identifications and packet filtering in wedging packets to agents?
- How much can intermediate systems' cooperation contribute to achieving attribution?
- Should there be consequences upon attributing an action(s) to an agent? What are they? (punishment, rewarding, etc)
- How to deal with misleading data sources hiding behind botnets and concealing identities via stepping stones?
Why we need Attribution
- For identifying purposes
- Web Banking
- eCommerce
- Web advertisements
- For better protection against cyber attacks:
- DoS and DDos
- Forgery and theft
- Sniffing private traffic
- Distributing illegal content/malware
- Sending spam
- Illegal/undesired intrusion
- For marketing purposes (privacy?)
- custom (client-based) content generation
Requirements for internet attribution system
(Unstructured draft)
- Any potentially destructive act should be traceable to a person (and/or organization, group, etc)
- Traceability should not violate any current privacy-related laws and moral principles
- Attribution mapping should not be a bijection, in other words action should map to persons, but not vice versa
- Traceability information should be distributed
- It should be impossible to collect all traceability data in one place
- Personal data should be stored by trusted authorities (e.g. governments)
- Traceability information and personal data should be separated, a connection to be revealed only when needed
- Attribution system should be incrementally deployable
- Cost of setting up and maintaining the system for a particular body (person, organization, network) should be considerably less than average losses under current lack of attribution (e.g. DoS, identity theft, etc)
- Attribution system should be adoptable to different set of rules and principles (laws of countries, organizations' policies, etc), yet remain universal
Examples of how attribution is done today
- Cookies
- Authentication Systems
- IP Addressing
Why is it difficult to achieve attribution?
The main problem I see is that the way Internet is designed makes it possible and relatively easy to act without compromising identity. Moreover, most current solutions are based on the same structure and work within the same scope, thus, can only reduce the number of potentially destructive acts or just deal with the consequences. Of course, no system can prevent 100% of destructive attempts, but some potentially good attribution system should make such attempts highly undesirable and "costly" for an attacker.
- The issue of lack of attribution on the web mostly arises whenever security is compromised. When you're bombarded with spam, or when a system is under a DoS attack attribution becomes a more appealing notion. Getting a balance between security and privacy is tricky, because once attacks are tracked so will all other traffic.
- Depending on the type of sender and receiver, different attribution policy will be requested.
In the ideal world, every action on the internet could be bound to a machine and thus to a person. This is done by examining the source IP printed on each moving packet, locating the geographical location of this IP, consulting the ISP covering the location and identifying the person. If an act requires strict attribution (like checking and sending emails), authentication is used. Here is what goes wrong:
- IP addresses can be spoofed and hence, misleads the geographical location.
- For avoiding that problem, IP traceback can be performed BUT it requires global cooperation of intermediate systems... it is not there!
- IPs are not permanently bound to personnel, so figuring out the person from the IP is not concrete.
- Network users are not aware of all packets sneaking to their machines, which allows for malware distribution and hence, the creation of botnets... misleading attribution!
- Firewalls and packet filters can be used for avoiding that problem, but they are not 100% efficient.
- It is not applicable to authenticate every single action on the internet.
Attacks to prevent correct attribution of actions
- Stepping stone attack: a common way of attributing attacks to anonymity by using multiple public random agents (as stepping stones) to reach the victim in order to conceal the attacking source. <ref name="ref1">S. Staniford-Chen and L. T. Heberlein. Holding intruders accountable on the internet. In SP ’95: Proceedings of the 1995 IEEE Symposium on Security and Privacy, page 39, Washington, DC, USA, 1995. IEEE Computer Society.</ref>
- Forgery
- Identity theft (impersonation)
- Distribution of malware
Conclusion
References
<references/>