| | Publications
24 results where keywords includes Security.
- @article{Margolin:2011,
Abstract = {Once electronic content has been released it is very difficult to prevent copies of the content from being widely distributed. Such distribution can cause economic harm to the content's copyright owner and others. Our protocol, SPIES, allows one party to sell a secret to second party and provides an economic incentive for two parties to limit sharing of a secret between themselves. We do not use watermarking or traditional DRM mechanisms. We focus on content which is to be shared between two parties only, which is valuable, and which only needs to be protected for a limited amount of time. Examples include passwords to a subscription service, pre-release of media for review, or content shared but bound by a non-disclosure agreement. With SPIES, any possesor of the content can receive a portion of the funds placed in escrow by the two legitimate possesors. We analyze this system and show that the best strategy of the content provider and content consumer to maximize their utility is to use SPIES and not share the content further. We deal successfully with a ``dummy registration'' attack in which multiple false identities are used in an attempt to get a higher payment. We also discuss how to determine the correct escrow amount. },
Author = {Margolin, N. Boris and Levine, Brian Neil and
James D. Miller and Wright, Matthew},
Doi_Url = {http://dx.doi.org/10.1016/j.elerap.2010.12.006},
Journal = {Electronic Commerce Research and Applications},
Keywords = {security; Sybil attack; Journal Paper},
Month = {September},
Number = {5},
Pages = {553-564},
Sponsors = {NSF-0133055 and NSF-0087482 and NSF-0080199},
Title = {{Economic Incentives for Protecting Digital Rights Online}},
Url = {http://forensics.umass.edu/pubs/margolin.ECRA.2011.pdf},
Volume = {10},
Year = {2011}}
[link][PDF]
- @inproceedings{Walls:2011a,
Audio_Url = {http://forensics.umass.edu/pubs/Walls.hotsec.2011.mp3},
Author = {
Robert J. Walls and
Brian Neil Levine and
Marc Liberatore and
Clay Shields},
Booktitle = {Proc.\ USENIX Workshop on Hot Topics in Security (HotSec)},
Keywords = {forensics; security},
Month = {August},
Slides_Url = {http://forensics.umass.edu/pubs/rjwalls.hotsec.2011.slides.pdf},
Sponsors = {CNS-1018615, CNS-0905349, DUE-0830876, 2008-CE-CXK005},
Title = {{Effective Digital Forensics Research is Investigator-Centric}},
Url = {http://forensics.umass.edu/pubs/Walls.hotsec.2011.pdf},
Video_Url = {http://forensics.umass.edu/pubs/Walls.hotsec.2011.mp4},
Year = {2011}}
[link][PDF]
- @phdthesis{Bissias:2010a,
Address = {Amherst, MA},
Author = {
George Bissias},
Keywords = {security; thesis; wireless; routing; DTN; DOME},
Month = {December},
School = {University of Massachusetts Amherst},
Title = {{Bounds on Service Quality for Networks Subject to Augmentation And Attack}},
Url = {http://forensics.umass.edu/pubs/bissias.thesis.pdf},
Year = {2010}}
[link][PDF]
- @inproceedings{Bissias:2010,
Author = {
George Bissias and
Brian Neil Levine and
Ramesh Sitaraman},
Booktitle = {Proc.\ ACM Conference on emerging Networking EXperiments and Technologies (CoNEXT)},
Keywords = {security; wireless; routing},
Month = {November},
Slides_Url = {http://forensics.umass.edu/pubs/bissias.conext.2010.slides.pdf},
Sponsor = {CNS-0519881 and CNS-0519894},
Title = {{Assessing the Vulnerability of Replicated Network Services}},
Url = {http://forensics.umass.edu/pubs/bissias.conext.2010.pdf},
Year = {2010}}
[link][PDF]
- @incollection{Levine:2009,
Author = {
Brian Neil Levine and
Gerome Miklau},
Booktitle = {{Encyclopedia of Database Systems}},
Editor = {M. Tamer A-Zsu and Ling Liu},
Keywords = {Auditing; forensics; database security;},
Month = {June},
Publisher = {Springer-Verlag},
Table_Of_Contents_Url = {http://refworks.springer.com/mrw/index.php?id=1212},
Title = {{Auditing and Forensic Analysis}},
Year = {2009}}
[link]
- @inproceedings{fc2009detecting,
Address = {Rockley, Christ Church, Barbados},
Author = {Danner, Norman and Krizanc, Danny and Liberatore, Marc},
Booktitle = {Proceedings of Thirteenth International Conference on Financial Cryptography and Data Security},
Keywords = {security; anonymity;},
Month = {February},
Title = {{Detecting Denial of Service Attacks in Tor}},
Year = {2009}}
[link]
- @phdthesis{liberatore_thesis,
Author = {Liberatore, Marc},
Keywords = {security; Thesis; anonymity;},
Month = {February},
School = {University of Massachusetts Amherst},
Title = {{Low-Latency Anonymity System: Statistical Attacks and New Applications}},
Url = {http://forensics.umass.edu/pubs/liberatore.thesis.pdf},
Year = {2008}}
[link][PDF]
- @inproceedings{Burgess:2007,
Abstract = {Disruption-Tolerant Networks (DTNs) deliver data in network environments composed of intermittently connected nodes. Just as in traditional networks, malicious nodes within a DTN may attempt to delay or destroy data in transit to its destination. Such attacks include dropping data, flooding the network with extra messages, corrupting routing tables, and counterfeiting network acknowledgments. Many existing methods for securing routing protocols require authentication supported by mechanisms such as a public key infrastructure, which is difficult to deploy and operate in a DTN, where connectivity is sporadic. Furthermore, the complexity of such mechanisms may dissuade node participation so strongly that potential attacker impacts are dwarfed by the loss of contributing participants.
In this paper, we use connectivity traces from our UMass DieselNet project and the Haggle project to quantify routing attack effectiveness on a DTN that lacks security. We introduce plausible attackers and attack modalities and provide complexity results for the strongest of attackers. We show that the same routing with packet replication used to provide robustness in the face of unpredictable mobility allows the network to gracefully survive attacks. In the case of the most effective attack, acknowledgment counterfeiting, we show a straightforward defense that uses cryptographic hashes but not a central authority. We conclude that disruption-tolerant networks are extremely robust to attack; in our trace-driven evaluations, an attacker that has compromised 30% of all nodes reduces delivery rates from 70% to 55%, and to 20% with knowledge of future events. By comparison, contemporaneously connected networks are significantly more fragile. },
Address = {Montreal, Quebec, Canada},
Author = {Burgess, John and Bissias, George and Corner, Mark D. and Levine, Brian Neil},
Booktitle = {Proc. ACM International Symposium on Mobile Ad hoc Networking and Computing (MobiHoc)},
Keywords = {DTN; wireless; security; routing; DOME},
Month = {September},
Pages = {61--70},
Slides_Url = {http://forensics.umass.edu/pubs/mcorner/mobihoc07.ppt},
Sponsors = {CNS-0133055, CNS-0519881, and CNS 0447877},
Title = {{Surviving Attacks on Disruption-Tolerant Networks without Authentication}},
Traces_Url = {http://traces.cs.umass.edu},
Url = {http://forensics.umass.edu/pubs/burgess.mobihoc.2007.pdf},
Year = {2007}}
[link][PDF]
- @inproceedings{Stahlberg:2007,
Author = {Stahlberg, Patrick and Miklau, Gerome and Levine, Brian Neil},
Booktitle = {Proc. ACM Intl Conf. on Management of Data (SIGMOD)},
Keywords = {forensics; database security; Privacy},
Month = {June},
Pages = {91--102},
Title = {{Threats to Privacy in the Forensic Analysis of Database Systems}},
Url = {http://forensics.umass.edu/pubs/stahlberg07forensicDB.pdf},
Year = {2007}}
[link][PDF]
- @inproceedings{Bissias:2007,
Author = {
George Bissias and
Brian Neil Levine and
Arnold L. Rosenberg},
Booktitle = {Proc. ACM SIGMETRICS},
Keywords = {security; routing},
Month = {{June}},
Pages = {367---368},
Poster_Url = {http://forensics.umass.edu/pubs/bissias.sigmetrics.abstract.2007.pdf},
Sponsors = {CNS-0133055, ANI-0325868},
Title = {{Bounding Damage From Link Destruction with Application to the Internet (extended abstract)}},
Url = {http://forensics.umass.edu/pubs/bissias.sigmetrics.abstract.2007.pdf},
Year = {2007}}
[link][PDF]
- @article{Baughman:2007,
Abstract = {We explore exploits possible for cheating in real-time, multiplayer games for both client-server and serverless architectures. We offer the first formalization of cheating in online games and propose an initial set of strong solutions. We propose a protocol that has provable anti-cheating guarantees, is provably safe and live, but suffers a performance penalty. We then develop an extended version of this protocol, called asynchronous synchronization, which avoids the penalty, is serverless, offers provable anti-cheating guarantees, is robust in the presence of packet loss, and provides for significantly increased communication performance. This technique is applicable to common game features as well as clustering and cell-based techniques for massively multiplayer games. Specifically, we provide a zero-knowledge proof protocol so that players are within a specific range of each other, and otherwise have no notion of their distance. Our performance claims are backed by analysis using a simulation based on real game traces.},
Author = {Baughman, Nathaniel E. and Liberatore, Marc and Levine, Brian Neil},
Journal = {IEEE/ACM Transactions on Networking},
Keywords = {security;gaming;peer-to-peer; Journal Paper},
Month = {February},
Number = {1},
Pages = {1--13},
Sponsors = {NSF-0133055},
Title = {{Cheat-Proof Playout for Centralized and Peer-to-Peer Gaming}},
Url = {http://forensics.umass.edu/pubs/baughman.ToN.pdf},
Volume = {15},
Year = {2007}}
[link][PDF]
- @inproceedings{Miklau:2007a,
Author = {Miklau, Gerome and Levine, Brian Neil and Stahlberg, Patrick},
Booktitle = {Biennial ACM/VLDB Conference on Innovative Data Systems Research (CIDR)},
Keywords = {database security; forensics},
Month = {January},
Pages = {387--396},
Presentation_Url = {http://forensics.umass.edu/pubs/slides/mikalu.cidr2007.pdf},
Title = {{Securing History: Privacy and Accountability in Database Systems}},
Url = {http://forensics.umass.edu/pubs/mikalu.cidr2007.pdf},
Year = {2007}}
[link][PDF]
- @techreport{Levine:2006,
Abstract = {Many security mechanisms are based on specific assumptions of identity and are vulnerable to attacks when these assumptions are violated. For example, impersonation is the well-known consequence when authenticating credentials are stolen by a third party. Another attack on identity occurs when credentials for one identity are purposely shared by multiple individuals, for example to avoid paying twice for a service. In this paper, we survey the impact of the Sybil attack, an attack against identity in which an individual entity masquerades as multiple simultaneous identities. The Sybil attack is a fundamental problem in many systems, and it has so far resisted a universally applicable solution.},
Address = {Amherst, MA},
Author = {Levine, Brian Neil and Shields, Clay and Margolin, N. Boris},
Institution = {University of Massachusetts Amherst},
Keywords = {Sybil attack; peer-to-peer;security; anonymity},
Month = {October},
Number = {2006-052},
Sponsors = {NSF-0133055},
Title = {{A Survey of Solutions to the Sybil Attack}},
Type = {Tech report},
Url = {http://forensics.umass.edu/pubs/levine.sybil.tr.2006.pdf},
Year = {2006}}
[link][PDF]
- @inproceedings{Liberatore:2006,
Abstract = {We examine the effectiveness of two traffic analysis techniques for identifying encrypted HTTP streams. The techniques are based upon classification algorithms, identifying encrypted traffic on the basis of similarities to features in a library of known profiles. We show that these profiles need not be collected immediately before the encrypted stream; these methods can be used to identify traffic observed both well before and well after the library is created. We give evidence that these techniques will exhibit the scalability necessary to be effective on the Internet. We examine several methods of actively countering the techniques, and we find that such countermeasures are effective, but at a significant increase in the size of the traffic stream. Our claims are substantiated by experiments and simulation on over 400,000 traffic streams we collected from 2,000 distinct web sites during a two month period.},
Author = {Liberatore, Marc and Levine, Brian Neil},
Booktitle = {Proc. ACM conference on Computer and Communications Security (CCS)},
Keywords = {security; privacy; anonymity; forensics},
Month = {October},
Pages = {255--263},
Slides_Url = {http://forensics.umass.edu/pubs/slides/liberatore.ccs2006.slides.pdf},
Sponsors = {NSF-0133055 and NSF-0325868},
Title = {{Inferring the Source of Encrypted HTTP Connections}},
Traces_Url = {http://traces.cs.umass.edu},
Url = {http://forensics.umass.edu/pubs/liberatore.ccs2006.pdf},
Year = {2006}}
[link][PDF]
- @inproceedings{Piro:2006,
Abstract = {Mobility is often a problem for providing security services in ad hoc networks. In this paper, we show that mobility can be used to enhance security. Specifically, we show that nodes that passively monitor traffic in the network can detect a Sybil attacker that uses a number of network identities simultaneously. We show through simulation that this detection can be done by a single node, or that multiple trusted nodes can join to improve the accuracy of detection. We then show that although the detection mechanism will falsely identify groups of nodes traveling together as a Sybil attacker, we can extend the protocol to monitor collisions at the MAC level to differentiate between a single attacker spoofing many addresses and a group of nodes traveling in close proximity.},
Author = {Piro, Chris and Shields, Clay and
Brian Neil Levine},
Booktitle = {Proc. IEEE/ACM International Conference on Security and Privacy in Communication Networks (SecureComm)},
Keywords = {security; Sybil attack; wireless},
Month = {August},
Pages = {1--11},
Sponsors = {NSF-0133055 and NSF-0534618 and NSF-0087639},
Title = {{Detecting the Sybil Attack in Ad hoc Networks}},
Url = {http://forensics.umass.edu/pubs/piro.securecomm2006.pdf},
Year = {2006}}
[link][PDF]
- @inproceedings{Yurkewych:2005,
Abstract = {We present a game-theoretic model of the interactions between server and clients in a constrained family of commercial P2P computations (where clients are financially compensated for work). We study the cost of implementing redundant task allocation (redundancy, for short) as a means of preventing cheating. Under the assumption that clients are motivated solely by the desire to maximize expected profit, we prove that, within this framework, redundancy is cost effective only when collusion among clients, including the Sybil attack, can be prevented. We show that in situations where this condition cannot be met, non-redundant task allocation is much less costly than redundancy.},
Author = {Yurkewych, Matthew and Levine, Brian Neil and Rosenberg, Arnold L.},
Booktitle = {Proc. ACM Conference on Computer and Communications Security (CCS)},
Keywords = {security; peer-to-peer; Sybil attack; Synthesis project},
Month = {November},
Pages = {280--288},
Sponsors = {NSF-0133055},
Title = {{On the Cost-Ineffectiveness of Redundancy in Commercial P2P Computing}},
Url = {http://forensics.umass.edu/pubs/yurkewych.ccs.2005.pdf},
Year = {2005}}
[link][PDF]
- @inproceedings{Bissias:2005,
Abstract = {Encrypting traffic does not prevent an attacker from performing some types of traffic analysis. We present a straightforward traffic analysis attack against encrypted HTTP streams that is surprisingly effective in identifying the source of the traffic. An attacker starts by creating a profile of the statistical characteristics of web requests from interesting sites, including distributions of packet sizes and inter-arrival times. Later, candidate encrypted streams are compared against these profiles. In our evaluations using real traffic, we find that many web sites are sub ject to this attack. With a training period of 24 hours and a 1 hour delay afterwards, the attack achieves only 23% accuracy. However, an attacker can easily pre-determine which of trained sites are easily identifiable. Accordingly, against 25 such sites, the attack achieves 40% accuracy; with three guesses, the attack achieves 100% accuracy for our data. Longer delays after training decrease accuracy, but not substantially. We also propose some countermeasures and improvements to our current method. Previous work analyzed SSL traffic to a proxy, taking advantage of a known flaw in SSL that reveals the length of each web object. In contrast, we exploit the statistical characteristics of web streams that are encrypted as a single flow, which is the case with WEP/WPA, IPsec, and SSH tunnels.},
Author = {Bissias, George and Liberatore, Marc and Jensen, David and Levine, Brian Neil},
Booktitle = {Proc. Privacy Enhancing Technologies Workshop (PET)},
Keywords = {security; anonymity; privacy},
Month = {May},
Pages = {1--11},
Sponsors = {NSF-0133055 and NSF-0325868 and NSF-0080199},
Title = {{Privacy Vulnerabilities in Encrypted HTTP Streams}},
Traces_Url = {http://traces.cs.umass.edu},
Url = {http://forensics.umass.edu/pubs/bissias.liberatore.pet.2005.pdf},
Year = {2005}}
[link][PDF]
- @article{Sanzgiri:2005,
Abstract = {Initial work in ad hoc routing has considered only the problem of providing efficient mechanisms for finding paths in very dynamic networks, without considering security. Because of this, there are a number of attacks that can be used to manipulate the routing in an ad hoc network. In this paper, we describe these threats, specifically showing their effects on AODV and DSR. Our protocol, named Authenticated Routing for Ad hoc Networks (ARAN), uses public-key cryptographic mechanisms to defeat all identified attacks. We detail how ARAN can secure routing in environments where nodes are authorized to participate but untrusted to cooperate, as well as environments where participants do not need to be authorized to participate. Through both simulation and experimentation with our publicly-available implementation, we characterize and evaluate ARAN and show that it is able to effectively and efficiently discover secure routes within an ad hoc network.},
Author = {Sanzgiri, Kimaya and Dahill, Bridget and LaFlamme, Daniel and Levine, Brian Neil and Shields, Clay and Belding-Royer, Elizabeth},
Journal = {IEEE/ACM Journal of Selected Areas in Communications: Special issue on Wireless Ad hoc Networks (JSAC)},
Keywords = {wireless; security; routing; Journal Paper},
Month = {March},
Number = {3},
Pages = {598--610},
Sponsors = {NSF-522564 and NSF-0080199 and 2000-DT-CX-K001},
Title = {{Authenticated Routing for Ad hoc Networks}},
Url = {http://forensics.umass.edu/pubs/aran_jsac05.pdf},
Volume = {23},
Year = {2005}}
[link][PDF]
- @phdthesis{Wright:2005,
Address = {Amherst, MA},
Author = {
Matthew Wright},
Keywords = {anonymity, Thesis, Security, privacy},
Month = {January},
School = {University of Massachusetts Amherst},
Title = {{Passive Logging Attacks Against Anonymous Communications Systems}},
Url = {http://forensics.umass.edu/pubs/wright.thesis.pdf},
Year = {2005}}
[link][PDF]
- @inproceedings{Margolin:2004,
Abstract = {Once electronic content has been released it is very difficult to prevent copies of the content from being widely distributed. Such distribution can cause economic harm to the content's copyright owner and others. Our protocol, SPIES, allows one party to sell a secret to second party and provides an economic incentive for two parties to limit sharing of a secret between themselves. We do not use watermarking or traditional DRM mechanisms. We focus on content which is to be shared between two parties only, which is valuable, and which only needs to be protected for a limited amount of time. Examples include passwords to a subscription service, pre-release of media for review, or content shared but bound by a non-disclosure agreement. With SPIES, any possesor of the content can receive a portion of the funds placed in escrow by the two legitimate possesors. We analyze this system and show that the best strategy of the content provider and content consumer to maximize their utility is to use SPIES and not share the content further. We deal successfully with a ``dummy registration'' attack in which multiple false identities are used in an attempt to get a higher payment. We also discuss how to determine the correct escrow amount. },
Author = {Margolin, N. Boris and Wright, Matthew and Levine, Brian Neil},
Booktitle = {Proc.~ACM Digital Rights Management Workshop (DRM)},
Keywords = {security; Sybil attack},
Month = {October},
Pages = {22--30},
Presentation_Url = {http://forensics.umass.edu/pubs/slides/margolin.drm_2004.pdf},
Sponsors = {NSF-0133055 and NSF-0087482 and NSF-0080199},
Title = {{Analysis of an Incentives-based Protection System}},
Url = {http://forensics.umass.edu/pubs/margolin.drm2004.pdf},
Year = {2004}}
[link][PDF]
- @inproceedings{Margolin:2004b,
Abstract = {Once electronic content has been released, it is very difficult to prevent perfect copies of the content from being widely distributed, which can cause economic harm to the content's owner and others. We focus on content which is to be shared to a limited extent, which is valuable, and which only needs to be protected for a limited amount of time, such as trade secrets. For such content we provide an economic incentive to limit sharing, without using DRM or watermarking. In our protocol, a quantity of money is placed in escrow, and anyone can get a portion of it by providing proof of knowledge of the content. Since payments become smaller as more individuals give proof, it is in the interest of those with access to the content to prevent further sharing. },
Author = {Margolin, N. Boris and Wright, Matthew and Levine, Brian Neil},
Booktitle = {Proc.~ Workshop on the Economics of Peer-to-Peer Systems (p2pEcon)},
Keywords = {security; Sybil attack},
Month = {June},
Sponsors = {NSF-0087482 and NSF-0133055 and NSF-0080119},
Title = {{SPIES: Secrets Protection Incentives-based Escrow System}},
Url = {http://forensics.umass.edu/pubs/margolin.p2pecon2004.pdf},
Year = {2004}}
[link][PDF]
- @techreport{LaFlamme:2004,
Address = {Dept. of Computer Science},
Author = {LaFlamme, Daniel and Levine, Brian Neil},
Institution = {University of Massachusetts Amherst},
Keywords = {security; Tech report},
Month = {March},
Number = {04-11},
Tech_Report_Url = {http://forensics.umass.edu/pubs/laflamme.tr-04-11.pdf},
Title = {{Surviving Attacks on DNS using Ubiquitous Replication}},
Year = {2004}}
[link]
- @inproceedings{Sanzgiri:2002,
Author = {Sanzgiri, Kimaya and Dahill, Bridget and Levine, Brian Neil and Shields, Clay and Belding-Royer, Elizabeth},
Booktitle = {Proc. of IEEE International Conference on Network Protocols (ICNP)},
Keywords = {security; wireless; routing},
Month = {November},
Pages = {78--89},
Title = {{A Secure Routing Protocol for Ad hoc Networks}},
Url = {http://forensics.umass.edu/pubs/aran.icnp02.pdf},
Year = {2002}}
[link][PDF]
- @inproceedings{Baughman:2001,
Author = {Baughman, Nathaniel E. and Levine, Brian Neil},
Booktitle = {Proc. IEEE Infocom},
Keywords = {peer-to-peer; gaming;security},
Month = {April},
Pages = {104--113},
Title = {{Cheat-Proof Playout for Centralized and Distributed Online Games}},
Url = {http://forensics.umass.edu/pubs/baughman.infocom01.pdf},
Year = {2001}}
[link][PDF]
| | |