TALKS

CPS and RDNS meetup: Rohit Kumar & Daniel Ângelo

Speakers: Rohit Kumar and Daniel Ângelo, LASIGE – DI/FCUL
When: January 13, 14h00
Where: https://videoconf-colibri.zoom.us/j/84425943613?pwd=Tk5VU3BXY25NVGNCN3ZDbE5jcEtqQT09

Abstracts:

Talk 1: “Architectural support and mechanisms for resilient and safe control in Cyber-Physical System”. The complex engineering research field of cyber-physical systems (CPS) is based on integrating computation, communication, and physical processes, providing design, modelling, and analysis techniques as a whole. In this talk, we will present an architectural model of CPS and discuss the requirements and challenges to make CPS safe.

Talk 2: “Privacy-preserving Deanonymization of Dark Web Tor Onion Services for Criminal Investigations”. Tor is one of the most popular anonymity networks in the world. Users of this platform range from dissidents to cybercriminals or even ordinary citizens concerned with their privacy. It is based on advanced security mechanisms to provide strong guarantees against traffic correlation attacks that can deanonymize its users and services. Torpedo is the first known traffic correlation attack on Tor that aims at deanonymizing OS sessions. In a federated way, servers belonging to ISPs around the globe can process deanonymization queries of specific IPs. With the abstraction of an interface, these queries can be submitted by an attacker to deanonymize OSes and clients. Initial results show that this attack is able to identify the IP addresses of OS sessions with high confidence (no false positives). However, the current version of Torpedo relies on a central authority to manage the system, which requires ISPs to share sensitive network traffic of their clients with a third party. Thus, this work seeks to complement the previously developed research with the introduction and study of multi-party computation (MPC) techniques, with the objective of developing and assessing a new attack vector on Tor that can work even if ISPs encrypt their network traffic before correlation. In more detail, we intend to leverage, test and assess some existing general-purpose and machine learning oriented MPC frameworks and build a privacy- preserving solution on top of Torpedo that satisfies its scalability and performance requirements.