skip to main content
10.1145/1456403.1456416acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
research-article

Protecting privacy with protocol stack virtualization

Published: 27 October 2008 Publication History

Abstract

Previously proposed host-based privacy protection mechanisms use pseudorandom or disposable identifiers on some or all layers of the protocol stack. These approaches either require changes to all hosts participating in the communication or do not provide privacy for the whole protocol stack or the system. Building on previous work, we propose a relatively simple approach: protocol stack virtualization. The key idea is to provide isolation for traffic sent to the network. The granularity of the isolation can be, for example, flow or process based. With process based granularity, every application uses a distinct identifier space on all layers of the protocol stack. This approach does not need any infrastructure support from the network and requires only minor changes to the single host that implements the privacy protection mechanism. To show that no changes to typical applications are required, we implemented the protocol stack virtualization as a user space daemon and tested it with various legacy applications.

References

[1]
M. Abadi and C. Fournet. Private authentication. Theor. Comput. Sci., 322(3):427--476, Sept. 2004.
[2]
W. Aiello, S. M. Bellovin, M. Blaze, R. Canetti, J. Ioannidis, A. D. Keromytis, and O. Reingold. Just fast keying: Key agreement in a hostile internet. ACM Transactions on Information and System Security (TISSEC), 7, May 2004.
[3]
J. Arkko, P. Nikander, and M. N0slund. Enhancing Privacy with Shared Pseudo Random Sequences (preliminary version). In Security Protocols, 13rd International Workshop, Apr. 2005.
[4]
T. Aura, J. Lindqvist, M. Roe, and A. Mohammed. Chattering laptops. In 8th Privacy Enhancing Technologies Symposium (PETS), July 2008.
[5]
T. Aura, M. Roe, and S. J. Murdoch. Securing Network Location Awareness with Authenticated DHCP. In 3rd International Conference on Security and Privacy in Communication Networks (SecureComm), Sept. 2007.
[6]
T. Aura and A. Zugenmaier. Privacy, Control and Internet Mobility. In Security Protocols, 12th International Workshop, Apr. 2004.
[7]
P. Barham, B. Dragovic, K. Fraser, S. Hand, T. Harris, A. Ho, R. Neugebauer, I. Pratt, and A. Warfield. Xen and the Art of Virtualization. In SOSP, Oct. 2003.
[8]
D. L. Chaum. Untraceable electronic mail, return addresses, and digital pseudonyms. Commun. ACM, 24(2):84--90, Feb. 1981.
[9]
R. Dingledine and N. Mathewson. Anonymity Loves Company: Usability and the Network Effect. In Workshop on the Economics of Information Security, June 2006.
[10]
R. Dingledine, N. Mathewson, and P. Syverson. Tor: The Second-Generation Onion Router. In 13th USENIX Security Symposium, Aug. 2004.
[11]
N. Droux, S. Tripathi, and K. Belgaied. Crossbow: Network virtualization and resource control. http://www.usenix.org/events/usenix07/posters/droux.pdf.
[12]
J. Franklin, D. McCoy, P. Tabriz, V. Neagoe, J. V. Randwyk, and D. Sicker. Passive Data Link Layer 802.11 Wireless Device Driver Fingerprinting. In 15th USENIX Security Symposium, July/August 2006.
[13]
T. Garfinkel, B. Pfaff, J. Chow, M. Rosenblum, and D. Boneh. Terra: a virtual machine-based platform for trusted computing. In SOSP, Oct. 2003.
[14]
R. Gerdes, T. Daniels, M. Mina, and S. Russell. Device identification via analog signal fingerprinting: A matched filter approach. In Network and Distributed System Security Symposium (NDSS), Feb. 2006.
[15]
P. M. Gleitz and S. M. Bellovin. Transient addressing for related processes: improved firewalling by using IPV6 and multiple addresses per host. In 10th USENIX Security Symposium, Aug. 2001.
[16]
J. A. Goguen and J. Meseguer. Security policies and security models. In IEEE Symposium on Research in Security and Privacy, Apr. 1982.
[17]
D. M. Goldschlag, M. G. Reed, and P. F. Syverson. Hiding Routing Information. In Workshop on Information Hiding, May/June 1996.
[18]
M. Gruteser and D. Grunwald. Enhancing location privacy in wireless LAN through disposable interface identifiers: a quantitative analysis. Mob. Netw. Appl., 10(3):315--325, 2005.
[19]
S. Guha and P. Francis. Identity Trail: Covert Surveillance Using DNS. In Workshop on Privacy Enhancing Technologies (PET), June 2007.
[20]
M. Handley, V. Paxson, and C. Kreibich. Network intrusion detection: Evasion, traffic normalization, and end-to-end protocol semantics. In 10th USENIX Security Symposium, Aug. 2001.
[21]
S. Ioannidis, S. Sidiroglou, and A. D. Keromytis. Privacy as an Operating System Service. In 1st USENIX Workshop on Hot Topics in Security (HotSec), July 2006.
[22]
T. Jiang, H. J. Wang, and Y.-C. Hu. Location privacy in wireless networks. In MobiSys, June 2007.
[23]
S. Katti, J. Cohen, and D. Katabi. Information Slicing: Anonymity Using Unreliable Overlays. In NSDI, Apr. 2007.
[24]
T. Kohno, A. Broido, and K. Claffy. Remote physical device fingerprinting. IEEE Transactions on Dependable and Secure Computing, 2(2), April/June 2005.
[25]
J. Lindqvist and L. Takkinen. Privacy management for secure mobility. In Workshop on Privacy in the Electronic Society (WPES), Oct. 2006.
[26]
A. Menon, A. L. Cox, and W. Zwaenepoel. Optimizing network virtualization in Xen. In USENIX Annual Technical Conference, May/June 2006.
[27]
S. J. Murdoch. Hot or Not: Revealing Hidden Services by their Clock Skew. In CCS, October/November 2006.
[28]
A. C. Myers and B. Liskov. Protecting privacy using the decentralized label model. ACM Trans. Softw. Eng. Methodol., 9(4):410--442, 2000.
[29]
T. Narten, R. Draves, and S. Krishnan. RFC 4941: Privacy Extensions for Stateless Address Autoconfiguration in IPv6, Sept. 2007. Status: Draft Standard.
[30]
Nmap. http://www.insecure.org/nmap/.
[31]
J. Pang, B. Greenstein, R. Gummadi, S. Seshan, and D. Wetherall. 802.11 user fingerprinting. In MobiCom'07, Sept. 2007.
[32]
J. Peterson. RFC 3323: A Privacy Mechanism for the Session Initiation Protocol (SIP), Nov. 2002.
[33]
Planetlab. https://www.planet-lab.org/.
[34]
M. K. Reiter and A. D. Rubin. Crowds: Anonymity for Web Transactions. ACM Transactions on Information and System Security, 1(1):66--92, Nov. 1998.
[35]
J. Rosenberg, H. Schulzrinne, G. Camarillo, A. Johnston, J. Peterson, R. Sparks, M. Handley, and E. Schooler. RFC 3261: SIP: Session Initiation Protocol, June 2002.
[36]
U. Shankar and C. Karlof. Doppelganger: Better browser privacy without the bother. In CCS, October/November 2006.
[37]
P. Srisuresh and K. Egevang. RFC 3022: Traditional IP Network Address Translator (Traditional NAT), Jan. 2001. Status: Informational.
[38]
G. Su and J. Nieh. Mobile communication with virtual network address translation. CUCS--003--02, Columbia University Department of Computer Science, Feb. 2002.
[39]
S. Thomson, T. Narten, and T. Jinmei. RFC 4862: IPv6 Stateless Address Autoconfiguration, Sept. 2007. Status: Draft Standard.
[40]
VMware. http://www.vmware.com.
[41]
D. Watson, M. Smart, G. R. Malan, and F. Jahanian. Protocol scrubbing: Network security through transparent flow modification. IEEE/ACM Transactions on Networking, 12(2), Apr. 2004.
[42]
A. R. Yumerefendi, B. Mickle, and L. P. Cox. TightLip: Keeping Applications from Spilling the Beans. In NSDI, Apr. 2007.
[43]
K. Zetter. Rogue nodes turn tor anonymizer into eavesdropper's paradise. Wired, Sept. 2007.

Cited By

View all
  • (2021)Protocol stack virtualization support in IoTTransactions on Emerging Telecommunications Technologies10.1002/ett.4340Online publication date: 12-Aug-2021
  • (2020)Privacy Engineering Methodologies: A survey2020 International Conference on Innovation and Intelligence for Informatics, Computing and Technologies (3ICT)10.1109/3ICT51146.2020.9311949(1-6)Online publication date: 20-Dec-2020
  • (2020)Context-Aware IPv6 Address HoppingInformation and Communications Security10.1007/978-3-030-41579-2_31(539-554)Online publication date: 18-Feb-2020
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
WPES '08: Proceedings of the 7th ACM workshop on Privacy in the electronic society
October 2008
128 pages
ISBN:9781605582894
DOI:10.1145/1456403
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 27 October 2008

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. privacy
  2. protocol stack virtualization
  3. pseudonymity

Qualifiers

  • Research-article

Conference

CCS08
Sponsor:

Acceptance Rates

Overall Acceptance Rate 106 of 355 submissions, 30%

Upcoming Conference

CCS '25

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)1
  • Downloads (Last 6 weeks)0
Reflects downloads up to 28 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2021)Protocol stack virtualization support in IoTTransactions on Emerging Telecommunications Technologies10.1002/ett.4340Online publication date: 12-Aug-2021
  • (2020)Privacy Engineering Methodologies: A survey2020 International Conference on Innovation and Intelligence for Informatics, Computing and Technologies (3ICT)10.1109/3ICT51146.2020.9311949(1-6)Online publication date: 20-Dec-2020
  • (2020)Context-Aware IPv6 Address HoppingInformation and Communications Security10.1007/978-3-030-41579-2_31(539-554)Online publication date: 18-Feb-2020
  • (2018)Security and Privacy Analysis of National Science Foundation Future Internet ArchitecturesIEEE Communications Surveys & Tutorials10.1109/COMST.2018.279828020:2(1418-1442)Online publication date: Oct-2019
  • (2009)Physical Layer Attacks on Unlinkability in Wireless LANsProceedings of the 9th International Symposium on Privacy Enhancing Technologies10.1007/978-3-642-03168-7_7(108-127)Online publication date: 27-Jul-2009

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media