dude, where’s that ip? circumventing measurement-based geolocation
DESCRIPTION
Dude, where’s that IP? Circumventing measurement-based geolocation. Phillipa Gill * Yashar Ganjali *,Bernard Wong**, David Lie*** *Dept. of Computer Science, University of Toronto **Dept. of Computer Science, Cornell University - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Dude, where’s that IP? Circumventing measurement-based geolocation](https://reader035.vdocuments.site/reader035/viewer/2022062316/56816837550346895dddf79b/html5/thumbnails/1.jpg)
Dude, where’s that IP?Circumventing measurement-based geolocation
Phillipa Gill*Yashar Ganjali*,Bernard Wong**, David Lie***
*Dept. of Computer Science, University of Toronto**Dept. of Computer Science, Cornell University
***Dept. of Electrical and Computer Engineering, University of Toronto
![Page 2: Dude, where’s that IP? Circumventing measurement-based geolocation](https://reader035.vdocuments.site/reader035/viewer/2022062316/56816837550346895dddf79b/html5/thumbnails/2.jpg)
04/22/2023 P. Gill - University of Toronto 2
Motivation
• Applications benefit from geolocating clients:– Online advertising & search engines– Restricting access to online content • Multimedia
• Online gambling– Fraud prevention
• Looking forward:– Geolocation to locate VMs hosted by cloud provider– Location-based SLAs
![Page 3: Dude, where’s that IP? Circumventing measurement-based geolocation](https://reader035.vdocuments.site/reader035/viewer/2022062316/56816837550346895dddf79b/html5/thumbnails/3.jpg)
04/22/2023 P. Gill - University of Toronto 3
Motivation (con’t)
• Targets have incentive to lie
• Web clients:– Gain access to content– Commit fraud
• Cloud computing:– Need the ability to guarantee the result of geolocation
![Page 4: Dude, where’s that IP? Circumventing measurement-based geolocation](https://reader035.vdocuments.site/reader035/viewer/2022062316/56816837550346895dddf79b/html5/thumbnails/4.jpg)
04/22/2023 P. Gill - University of Toronto 4
Our contributions
• First to consider measurement-based geolocation of an adversary
• Two models of adversarial geolocation targets– Web client (end host)– Cloud provider (network)
• Evaluation of attacks on delay and topology-based geolocation.
![Page 5: Dude, where’s that IP? Circumventing measurement-based geolocation](https://reader035.vdocuments.site/reader035/viewer/2022062316/56816837550346895dddf79b/html5/thumbnails/5.jpg)
04/22/2023 P. Gill - University of Toronto 5
Road map
• Motivation & Contributions• Background• Adversary models • Evaluation• Conclusions• Future work
![Page 6: Dude, where’s that IP? Circumventing measurement-based geolocation](https://reader035.vdocuments.site/reader035/viewer/2022062316/56816837550346895dddf79b/html5/thumbnails/6.jpg)
04/22/2023 P. Gill - University of Toronto 6
Geolocation background
• Databases/passive approaches– whois services– Commercial databases • Quova, MaxMind, etc.
– Drawbacks: coarse-grained, slow to update• Measurement-based geolocation – Landmark machines with known locations– Active probing of the target– Constrain location of target
![Page 7: Dude, where’s that IP? Circumventing measurement-based geolocation](https://reader035.vdocuments.site/reader035/viewer/2022062316/56816837550346895dddf79b/html5/thumbnails/7.jpg)
04/22/2023 P. Gill - University of Toronto 7
Measurement-based geolocation
• Delay-based geolocation example– Constraint-based geolocation [Gueye et al. ToN ‘06]
Ping!Ping!Ping!
1. Ping other landmarks to calibrateDistance-delay function
![Page 8: Dude, where’s that IP? Circumventing measurement-based geolocation](https://reader035.vdocuments.site/reader035/viewer/2022062316/56816837550346895dddf79b/html5/thumbnails/8.jpg)
04/22/2023 P. Gill - University of Toronto 8
Measurement-based geolocation
Ping!
2. Ping target
Ping!
Ping!
Ping!
• Delay-based geolocation example– Constraint-based geolocation [Gueye et al. ToN ‘06]
![Page 9: Dude, where’s that IP? Circumventing measurement-based geolocation](https://reader035.vdocuments.site/reader035/viewer/2022062316/56816837550346895dddf79b/html5/thumbnails/9.jpg)
04/22/2023 P. Gill - University of Toronto 9
Measurement-based geolocation
3. Map delay to distance from target4. Constrain target location
• Delay-based geolocation example– Constraint-based geolocation [Gueye et al. ToN ‘06]
![Page 10: Dude, where’s that IP? Circumventing measurement-based geolocation](https://reader035.vdocuments.site/reader035/viewer/2022062316/56816837550346895dddf79b/html5/thumbnails/10.jpg)
04/22/2023 P. Gill - University of Toronto 10
Types of measurement-based geolocation:
• Delay-based:– Constraint-based geolocation (CBG) [Gueye et al. ToN ‘06]
– Computes region where target may be located– Average accuracy: 78-182 km
• Topology-aware:– Octant [Wong et al. NSDI 2007]– Considers delay between hops on path – Geolocates nodes along the path– Median accuracy: 35-40 km
![Page 11: Dude, where’s that IP? Circumventing measurement-based geolocation](https://reader035.vdocuments.site/reader035/viewer/2022062316/56816837550346895dddf79b/html5/thumbnails/11.jpg)
04/22/2023 P. Gill - University of Toronto 11
Road map
• Motivation & Contributions• Background• Adversary models • Evaluation• Conclusions• Future work
![Page 12: Dude, where’s that IP? Circumventing measurement-based geolocation](https://reader035.vdocuments.site/reader035/viewer/2022062316/56816837550346895dddf79b/html5/thumbnails/12.jpg)
04/22/2023 P. Gill - University of Toronto 12
Simple adversary (e.g., Web client)
• Knows the geolocation algorithm• Able to delay their response to probes– i.e., increase observed delays
Landmark ii
iRTTtt 12
1t2t
![Page 13: Dude, where’s that IP? Circumventing measurement-based geolocation](https://reader035.vdocuments.site/reader035/viewer/2022062316/56816837550346895dddf79b/html5/thumbnails/13.jpg)
04/22/2023 13
Sophisticated adversary (e.g., Cloud provider)
• Controls the network the target is located in
• Network has multiple geographically distributed entry points
• Adversary constructs network paths to mislead topology-aware geolocation
tar
landmark
target
![Page 14: Dude, where’s that IP? Circumventing measurement-based geolocation](https://reader035.vdocuments.site/reader035/viewer/2022062316/56816837550346895dddf79b/html5/thumbnails/14.jpg)
04/22/2023 P. Gill - University of Toronto 14
Road map
• Motivation & Contributions• Background• Adversary models • Evaluation• Conclusions• Future work
![Page 15: Dude, where’s that IP? Circumventing measurement-based geolocation](https://reader035.vdocuments.site/reader035/viewer/2022062316/56816837550346895dddf79b/html5/thumbnails/15.jpg)
04/22/2023 P. Gill - University of Toronto 15
Evaluation
• Questions:– How accurately can an adversary mislead geolocation?– Can they be detected?
• Methodology:– Collected traceroutes between 50 PlanetLab nodes.– Each node takes turn as target – Each target moved to a set of forged locations
![Page 16: Dude, where’s that IP? Circumventing measurement-based geolocation](https://reader035.vdocuments.site/reader035/viewer/2022062316/56816837550346895dddf79b/html5/thumbnails/16.jpg)
04/22/2023 P. Gill - University of Toronto 16
L3
L2
L11g
2g
Delay-adding attack
• Increase delay by time to travel difference of g1 and g2
• Challenge: how to map distance to delay
• Attack v1: speed of light• Attack v2: knowledge of the
“best-line” function Forgedlocation
![Page 17: Dude, where’s that IP? Circumventing measurement-based geolocation](https://reader035.vdocuments.site/reader035/viewer/2022062316/56816837550346895dddf79b/html5/thumbnails/17.jpg)
04/22/2023 P. Gill - University of Toronto 17
Hop-adding attackMultiple network entry points
In-degree 3 for each node
Fake node next to each forged location
![Page 18: Dude, where’s that IP? Circumventing measurement-based geolocation](https://reader035.vdocuments.site/reader035/viewer/2022062316/56816837550346895dddf79b/html5/thumbnails/18.jpg)
04/22/2023 P. Gill - University of Toronto 18
Accuracy for the adversary
Best-case delay adding attack
Hop adding attack
Even in best-case delay-adding attack is less precise than hop-adding
![Page 19: Dude, where’s that IP? Circumventing measurement-based geolocation](https://reader035.vdocuments.site/reader035/viewer/2022062316/56816837550346895dddf79b/html5/thumbnails/19.jpg)
04/22/2023 P. Gill - University of Toronto 19
Detectability: Delay-adding
Area of intersection increases as delay is added
Abnormally large region sizes can reveal results that have been tampered with
![Page 20: Dude, where’s that IP? Circumventing measurement-based geolocation](https://reader035.vdocuments.site/reader035/viewer/2022062316/56816837550346895dddf79b/html5/thumbnails/20.jpg)
04/22/2023 P. Gill - University of Toronto 20
Detectability: Hop-adding
Hop adding is able to mislead the algorithm without increasing region size!
![Page 21: Dude, where’s that IP? Circumventing measurement-based geolocation](https://reader035.vdocuments.site/reader035/viewer/2022062316/56816837550346895dddf79b/html5/thumbnails/21.jpg)
04/22/2023 P. Gill - University of Toronto 21
Road map
• Motivation• Background• Adversary models • Evaluation• Conclusions• Future work
![Page 22: Dude, where’s that IP? Circumventing measurement-based geolocation](https://reader035.vdocuments.site/reader035/viewer/2022062316/56816837550346895dddf79b/html5/thumbnails/22.jpg)
04/22/2023 P. Gill - University of Toronto 22
Conclusions
• Current geolocation approaches are susceptible to malicious targets– Databases misled by proxies– Measurement-based geolocation by attacks on
delay and topology measurements• Topology-aware geolocation techniques are
more susceptible to the sophisticated adversary• Delay-adding attacks limited by accuracy and
detectability
![Page 23: Dude, where’s that IP? Circumventing measurement-based geolocation](https://reader035.vdocuments.site/reader035/viewer/2022062316/56816837550346895dddf79b/html5/thumbnails/23.jpg)
04/22/2023 P. Gill - University of Toronto 23
Future work
• Develop a framework for secure geolocation• Leverage the existence of desired location:– Require the adversary to prove they are in the
correct location• Goals:– Provable security: Upper bound on what an
adversary can get away with.– Practical framework: Should be tolerant of
variations in network delay
![Page 24: Dude, where’s that IP? Circumventing measurement-based geolocation](https://reader035.vdocuments.site/reader035/viewer/2022062316/56816837550346895dddf79b/html5/thumbnails/24.jpg)
04/22/2023 P. Gill - University of Toronto 24
Questions?
Another reason not to trust databases!
Contact: [email protected]
![Page 25: Dude, where’s that IP? Circumventing measurement-based geolocation](https://reader035.vdocuments.site/reader035/viewer/2022062316/56816837550346895dddf79b/html5/thumbnails/25.jpg)
04/22/2023 P. Gill - University of Toronto 25
![Page 26: Dude, where’s that IP? Circumventing measurement-based geolocation](https://reader035.vdocuments.site/reader035/viewer/2022062316/56816837550346895dddf79b/html5/thumbnails/26.jpg)
04/22/2023 P. Gill - University of Toronto 26