Title:
The Battle for Privacy
Abstract:
This talk is about attacking and defending IP privacy; or, in other
words, violating your boss’ privacy and protecting Wikileaks’ sources.
First, I discuss how to reverse engineer Skype to find out the IP
address of a targeted person. This could be exploited for many
malicious purposes such as finding out whether your boss is
downloading copyrighted-porn material. This privacy attack can be
scaled to track, for example, all users working for a large
corporation such the Universal music group. Furthermore, the attack
can be launched from the comfort of one’s home, without any legal
power, and without the targeted users knowing. (The story goes that
the first author of this research used this attack to track his
Ph.D. committee.)
Second, I present a system for efficiently defending against IP-based
privacy attacks, even when the attacker is a powerful government such
as the USA. I motivate our novel design by showing that onion routing,
the reference design for IP anonymity, has fundamental scaling issues
when defending against an attacker able to analyze packet logs. On
the other hand, I show that our design scales with the number of users
while being more efficient than existing solutions. By combining
anonymity and efficiency, we expect our system to appeal to regular
Internet users, such as visitors of the late MegaUpload, and
whistleblowers alike.
Bio:
Stevens Le Blond holds a M.Sc. from Vrije Universiteit, Amsterdam and
a Ph.D. from INRIA Sophia Antipolis. Stevens seeks to tackle
high-risk/high-impact research problems in the system and networking
areas. At the moment, he believes that many such problems lie in
online privacy. After enjoying sun bathing in Nice, Stevens is now
enjoying actual bathing in Germany where he’s a postdoc in Paul
Francis’ group at MPI-SWS.