Лекція на тему: Fingerprinting Techniques for Network Security

Шановні студенти, аспіранти та науково-педагогічні працівники КПІ ім. Ігоря Сікорського!

Запрошуємо Вас 13 квітня 2017 року о 14:30 на лекцію викладача Dr. Andriy Panchenko (http://lorre.uni.lu/~andriy/), Université du Luxembourg, Interdisciplinary Centre for Security, Reliability and Trust, який приїде в КПІ ім. Ігоря Сікорського в рамках програми академічної мобільності Еразмус+.

Лекція на тему: “Fingerprinting Techniques for Network Security”careerexpo


A severe security threat for the users of public Wi-Fi networks is the presence of rogue access points (APs). These masquerade as legitimate APs with the goal of intercepting, collecting, or changing even encrypted user traffic.  In this talk, we first present a method to efficiently mitigate this threat by passive remote physical device fingerprinting. The main feature of our approach is the clock skew — an unavoidable phenomenon that causes clocks to run with infinitesimally yet remotely observable different speeds.  Our method extracts this information from the beacon frames that are periodically sent by every AP to announce its presence.  It achieves high discriminability among devices by eliminating the fingerprinters’ influence and considering the clock skew’s dependency on temperature. We show how this approach — together with fingerprinting the behavioral characteristics of software tools that have been developed to mount the attack — can be used to mitigate this “evil twin” threat in practice.

Next, we switch the perspective to the attacker’s side and investigate the website fingerprinting attack.  Here, the eavesdropper aims to identify the content (e.g., a webpage accessed by a client) of encrypted and anonymized connections by simply observing patterns of data flows.
Based on a simple and comprehensible idea, our approach outperforms all state-of-the-art methods in terms of classification accuracy while being orders of magnitude faster.  With our analysis, we explore neglected aspects of the attack and investigate the realistic probability of success for the different strategies a real-world adversary may follow.

Finally, we address the problem of node lookups in untrustworthy environments and present ideas for the unbiased selection of nodes uniformly at random from the full set of all available peers, when each of the nodes has only limited knowledge about the network.

Місце проведення даного заходу: 12 корпус, 412 аудиторія

Обов’язкова попередня реєстрація – https://goo.gl/forms/ULDFi2erpbqFj5AH3

EU flag-Erasmus Funded by the Erasmus + programme of the European Union