Attack on WiFi-based Location Services and SSL using Proxy Servers

Feng, Jun Liang

02 January 2014

Wireless LANs are very common in any household or business today. It allows access to their home or business network and the Internet without using wires. Their wireless nature allows mobility and convenience for the user and that opens up a lot of new possibilities in mobile devices such as smartphones and tablets. One application that makes use of wireless LANs is positioning, which can be used in areas where Global Positioning Systems may have trouble functioning or not at all. However, a drawback of using wireless communication is that it is susceptible to eavesdropping and jamming. Once the wireless signal is jammed, an attacker can set up fake access points on different channels or frequencies to impersonate a legitimate access point. In this thesis, this attack is performed specifically to trick WiFi-based location services. The attack is shown to work on Skyhook, Google, Apple and Microsoft location services, four of the major location service providers, and on dual-band hardware. Some countermeasures to such an attack are also presented. The web is an important part of many people???s lives nowadays. People expect that their privacy and confidentiality is preserved when they use the web. Previously, web traffic uses HTTP which meant traffic is all unencrypted and can be intercepted and read by attackers. This is clearly a security problem so many websites now default to using a more secure protocol, namely HTTPS which uses HTTP with SSL, and forces the user to HTTPS if they connect to the no SSL protocol. SSL works by exchanging keys between the client and server and the actual data is protected using the key and the cipher suite that is negotiated between the two. However, if a network uses a proxy server, it works slightly different. The SSL connection is broken up into two separate ones and that creates the potential for man-in-the-middle attacks that allow an attacker to intercept the data being transmitted. This thesis analyzes several scenarios in which an adversary can conduct such a man-in-the-middle attack, and potential detection and mitigation methods.

wifi

location service

ssl

proxy server

attack

Conquering the chimaera: an insight into the need to redefine the complex form of child abuse, Munchausen's Syndrome by Proxy

Rakay, Chrisitine Alese

January 2012

Thesis (M.S.)--Boston University / Munchausen Syndrome by Proxy (MSBP) is a term given to a situation which presents criteria for both Pediatric Condition Falsification (PCF) and factitious disorder by proxy (FDP). According to the Diagnostic and Statistical Manual of Mental Disorders-IV text revision (DSM-IV-TR), in child abuse cases where FDP is a result of PCF, then the nomenclature, MSBP, can be used interchangeably to describe such an event. Currently, in a situation that is diagnosed as Factitious Disorder by Proxy, the perpetrator of such an event is diagnosed as having Factitious Disorder Not Otherwise Specified (FD-NOS). An obvious issue stemming from this is the confusion over what should be diagnosed and remedied, i.e., the situation, the perpetrator, and/or the victim. Due to the convoluted and often controversial definition of such an event, as well as the criteria for diagnosis, it is proposed here that a new definition be adopted to explain this form of child abuse. With this novel definition, the symptoms of this psychological disorder of the perpetrator are observed in the victim. Under this new definition, the psychiatric term "Factitious Disorder by Proxy" would be used as a mental diagnosis of the caregiver, wherein the symptoms manifest in that of the victim. Additionally, an addendum to the type of symptoms exhibited in the child is proposed to include that of the exacerbation of symptoms in children with valid pre-existing conditions. An extensive literature review was performed to support the proposal for changing the criteria and diagnosis of FDP in the DSM. The implications of this change would greatly benefit not only the psychiatric, medical, and legal realm, but the forensic community as well.

Munchausen Syndrome by Proxy

Munchausen Syndrome

Proposta de algoritmo de cacheamento para proxies VoD e sua avaliação usando um novo conjunto de métricas / Proposal of caching algorithm for VoD proxy implementation and its evaluation including a new set of metrics for efficiency analysis

Neves, Bruno Silveira

January 2015

Atualmente, o serviço digital conhecido como Vídeo sob Demanda - Video on Demand (VoD) - está em ascensão e costuma requerer uma quantidade significativa de recursos físicos para a sua implementação. Para reduzir os custos de operacionalização desse serviço, uma das alternativas comumente usada é o emprego de proxies que cacheiam as partes mais importantes do acervo, com o objetivo de atender a demanda para esse conteúdo no lugar do servidor primário do sistema VoD. Nesse contexto, para melhorar a eficiência do proxy, propõe-se neste trabalho um novo algoritmo de cacheamento que explora o posicionamento dos clientes ativos para determinar a densidade de clientes dentro de uma janela de tempo existente em frente de cada trecho de vídeo. Ao cachear os trechos de vídeo com maior densidade em frente a eles, o algoritmo é capaz de alcançar um alto desempenho, em termos de taxa de acertos para as requisições recebidas pelo proxy, durante intervalos de alta carga de trabalho. Para avaliar esta abordagem, o novo algoritmo desenvolvido foi comparado com outros de natureza semelhante, fazendo uso tanto de métricas tradicionais, como a taxa de acertos, como também de métricas físicas, como, por exemplo, o uso de recursos de processamento. Os resultados mostram que o novo algoritmo explora melhor a banda de processamento disponível na arquitetura de base do proxy para obter uma taxa de acertos maior em comparação com os algoritmos usados na análise comparativa. Por fim, para dispor das ferramentas necessárias para construir essa análise, produziu-se uma outra contribuição importante nesse trabalho: a implementação de um simulador de proxies VoD que, até onde se sabe, é o primeiro a possibilitar a avaliação do hardware utilizado para implementar essa aplicação. / Today, Video on Demand (VoD) is a digital service on the rise that requires a lot of resources for its implementation. To reduce the costs of running this service, one of the commonly used alternatives is using proxies that cache the most important portions of the collection in order to meet the demand for this content in place of the primary server of the VoD system. In this context, to improve the efficiency of proxy, we proposed a novel caching algorithm that explores the positioning of the active clients to determine the density of clients inside a time window existing in front of each video chunk. By caching the video chunks with the greater density in front of them, the algorithm is able to achieve high performance, in terms of the hit ratio for the requests received by the proxy, during periods of high workload. To better evaluate our approach, we compare it with others of similar nature, using both traditional metrics like hit rate, as well as physical metrics, such as the use of processing resources. The results show that the new algorithm exploits the processing bandwidth available in the underlying architecture of the proxy for obtaining a larger hit rate in comparison to the other algorithms used in the comparative analysis. Finally, to dispose of the necessary tools to perform this analysis, we produced another important contribution in this work: the implementation of a VoD proxy simulator that, to the best of our knowledge, is the first one to enable the evaluation of the hardware used to implement this application.

Microeletrônica

Algorítmo

Video

Proxy

Caching algorithm

The Assessment of Malingering by Proxy in the Diagnosis of Attention-Deficit/Hyperactivity Disorder (ADHD) with the Conners 3

Larson, Samuel W.

01 August 2017

To date there has been limited empirical exploration of the utility of behavior report form’s embedded symptom validity scales. The purpose of this study was to address this by examining the Conners - Third Edition (Conners 3) Parent Report Form’s ability to detect purposeful exaggeration of symptoms of inattention, hyperactivity, and impulsivity in an effort to obtain a diagnosis of Attention-Deficit/Hyperactivity Disorder (ADHD). This was accomplished by using a malingering simulation experimental design whereby a group of parents, whose children did not have a diagnosis of ADHD, were entreated to simulate symptoms of ADHD on the Conners 3. Their simulated reports were then compared to the responses of parents whose children had a diagnosis of ADHD, as well as to the Conners 3’s normative sample. Results indicate that simulators, provided with information easily obtained from the internet and minimal coaching, were largely able to fabricate profiles indicative of ADHD. Furthermore, they were able to accomplish this ADHD without raising concern regarding the validity of the report based upon the Conners 3’s embedded symptom validity scales. While simulators did produce significantly more severe symptom elevations compared to the ADHD comparison group, their profiles were not so extreme as to aid in discriminating over-reporting. The ramification of these findings in the context of the need for stand-alone symptom validity testing is discussed.

ADHD

Conners 3

Malingering by Proxy

Long term hydrological change, the El Niño/Southern Oscillation and biomass burning in the tropics

Henke, Lilo Maria Keti

January 2016

Rapidly rising levels of atmospheric greenhouse gases including carbon dioxide and methane since the industrial revolution have drawn scientific attention to the importance of the global carbon cycle to the climate (Cubasch et al., 2013). Tropical peatlands, the majority of which are located in the Indonesian region, are a major source of uncertainty in the carbon cycle as the relationships between carbon accumulation and hydrological changes remain poorly understood (Hergoualc’h & Verchot, 2011, Page et al., 2011). An important driver of carbon emissions in tropical peatlands is fire, which in the Indonesian region is strongly influenced on interannual timescales by the El Niño/Southern Oscillation (ENSO). However, it is not clear how ENSO and fire have varied at decadal to centennial scales over the past two millennia. This thesis explores long term tropical hydrological variability and ENSO-like climate change from palaeorecords and their interactions with fire. Using a wide range of instrumental, proxy and model datasets and a novel reconstruction method, two separate reconstructions of long-term ENSO-like climate change are produced based on precipitation and temperature data. These show no evidence of a difference between the ENSO-like behaviour of precipitation and temperature. There is limited evidence for a difference in long-term ENSO-like state between the Medieval Climate Anomaly and the Little Ice Age. Reconstructions of hydrological variability and biomass burning in the Indonesian region suggest that precipitation and fire have been positively correlated over the past 2,000 years, which is contrary to the modern-day relationship on ENSO timescales. This throws up questions of long-term versus short-term interactions and feedbacks between fire, climate and vegetation. It is likely that anthropogenic activity in the Indonesian region has significantly altered the stability of the fire regime. Further research combining proxy data, climate and fire models, and using more robust statistical analysis is necessary to untangle the natural and anthropogenic driving factors at different time resolutions.

551.6

Proposta de algoritmo de cacheamento para proxies VoD e sua avaliação usando um novo conjunto de métricas / Proposal of caching algorithm for VoD proxy implementation and its evaluation including a new set of metrics for efficiency analysis

Neves, Bruno Silveira

January 2015

Atualmente, o serviço digital conhecido como Vídeo sob Demanda - Video on Demand (VoD) - está em ascensão e costuma requerer uma quantidade significativa de recursos físicos para a sua implementação. Para reduzir os custos de operacionalização desse serviço, uma das alternativas comumente usada é o emprego de proxies que cacheiam as partes mais importantes do acervo, com o objetivo de atender a demanda para esse conteúdo no lugar do servidor primário do sistema VoD. Nesse contexto, para melhorar a eficiência do proxy, propõe-se neste trabalho um novo algoritmo de cacheamento que explora o posicionamento dos clientes ativos para determinar a densidade de clientes dentro de uma janela de tempo existente em frente de cada trecho de vídeo. Ao cachear os trechos de vídeo com maior densidade em frente a eles, o algoritmo é capaz de alcançar um alto desempenho, em termos de taxa de acertos para as requisições recebidas pelo proxy, durante intervalos de alta carga de trabalho. Para avaliar esta abordagem, o novo algoritmo desenvolvido foi comparado com outros de natureza semelhante, fazendo uso tanto de métricas tradicionais, como a taxa de acertos, como também de métricas físicas, como, por exemplo, o uso de recursos de processamento. Os resultados mostram que o novo algoritmo explora melhor a banda de processamento disponível na arquitetura de base do proxy para obter uma taxa de acertos maior em comparação com os algoritmos usados na análise comparativa. Por fim, para dispor das ferramentas necessárias para construir essa análise, produziu-se uma outra contribuição importante nesse trabalho: a implementação de um simulador de proxies VoD que, até onde se sabe, é o primeiro a possibilitar a avaliação do hardware utilizado para implementar essa aplicação. / Today, Video on Demand (VoD) is a digital service on the rise that requires a lot of resources for its implementation. To reduce the costs of running this service, one of the commonly used alternatives is using proxies that cache the most important portions of the collection in order to meet the demand for this content in place of the primary server of the VoD system. In this context, to improve the efficiency of proxy, we proposed a novel caching algorithm that explores the positioning of the active clients to determine the density of clients inside a time window existing in front of each video chunk. By caching the video chunks with the greater density in front of them, the algorithm is able to achieve high performance, in terms of the hit ratio for the requests received by the proxy, during periods of high workload. To better evaluate our approach, we compare it with others of similar nature, using both traditional metrics like hit rate, as well as physical metrics, such as the use of processing resources. The results show that the new algorithm exploits the processing bandwidth available in the underlying architecture of the proxy for obtaining a larger hit rate in comparison to the other algorithms used in the comparative analysis. Finally, to dispose of the necessary tools to perform this analysis, we produced another important contribution in this work: the implementation of a VoD proxy simulator that, to the best of our knowledge, is the first one to enable the evaluation of the hardware used to implement this application.

Microeletrônica

Algorítmo

Video

Proxy

Caching algorithm

Proposta de algoritmo de cacheamento para proxies VoD e sua avaliação usando um novo conjunto de métricas / Proposal of caching algorithm for VoD proxy implementation and its evaluation including a new set of metrics for efficiency analysis

Neves, Bruno Silveira

January 2015

Atualmente, o serviço digital conhecido como Vídeo sob Demanda - Video on Demand (VoD) - está em ascensão e costuma requerer uma quantidade significativa de recursos físicos para a sua implementação. Para reduzir os custos de operacionalização desse serviço, uma das alternativas comumente usada é o emprego de proxies que cacheiam as partes mais importantes do acervo, com o objetivo de atender a demanda para esse conteúdo no lugar do servidor primário do sistema VoD. Nesse contexto, para melhorar a eficiência do proxy, propõe-se neste trabalho um novo algoritmo de cacheamento que explora o posicionamento dos clientes ativos para determinar a densidade de clientes dentro de uma janela de tempo existente em frente de cada trecho de vídeo. Ao cachear os trechos de vídeo com maior densidade em frente a eles, o algoritmo é capaz de alcançar um alto desempenho, em termos de taxa de acertos para as requisições recebidas pelo proxy, durante intervalos de alta carga de trabalho. Para avaliar esta abordagem, o novo algoritmo desenvolvido foi comparado com outros de natureza semelhante, fazendo uso tanto de métricas tradicionais, como a taxa de acertos, como também de métricas físicas, como, por exemplo, o uso de recursos de processamento. Os resultados mostram que o novo algoritmo explora melhor a banda de processamento disponível na arquitetura de base do proxy para obter uma taxa de acertos maior em comparação com os algoritmos usados na análise comparativa. Por fim, para dispor das ferramentas necessárias para construir essa análise, produziu-se uma outra contribuição importante nesse trabalho: a implementação de um simulador de proxies VoD que, até onde se sabe, é o primeiro a possibilitar a avaliação do hardware utilizado para implementar essa aplicação. / Today, Video on Demand (VoD) is a digital service on the rise that requires a lot of resources for its implementation. To reduce the costs of running this service, one of the commonly used alternatives is using proxies that cache the most important portions of the collection in order to meet the demand for this content in place of the primary server of the VoD system. In this context, to improve the efficiency of proxy, we proposed a novel caching algorithm that explores the positioning of the active clients to determine the density of clients inside a time window existing in front of each video chunk. By caching the video chunks with the greater density in front of them, the algorithm is able to achieve high performance, in terms of the hit ratio for the requests received by the proxy, during periods of high workload. To better evaluate our approach, we compare it with others of similar nature, using both traditional metrics like hit rate, as well as physical metrics, such as the use of processing resources. The results show that the new algorithm exploits the processing bandwidth available in the underlying architecture of the proxy for obtaining a larger hit rate in comparison to the other algorithms used in the comparative analysis. Finally, to dispose of the necessary tools to perform this analysis, we produced another important contribution in this work: the implementation of a VoD proxy simulator that, to the best of our knowledge, is the first one to enable the evaluation of the hardware used to implement this application.

Microeletrônica

Algorítmo

Video

Proxy

Caching algorithm

Konfigurationsverktyg för SIA / Configurtion Tool for SIA

Nilsson, Michael

January 2016

Denna rapport redogör för utvecklingen av en applikation som används för att konfigurera integrationer som används av av Sigma Integration Architecture (SIA). Applikationen är riktad till Sigma-personal som inte är vana vid denna integrationsarkitektur, då den tillhandlahåller användaren med en rad olika hjälp-element för att underlätta konfigurationensprocessen och sänka tröskeln för att kunna skapa och redigera integrationer. Genom att använda Javas reflection API i kombination med dynamic proxies, kan applikationen utföra validering och simulering av integrationer innan de används i produktion. Vi innefattar även cache-metod för att snappa upp processen, och påvisar även testverifikation av cache-processen. Applikationen är utvecklad som två separata delar, bestående av en back end skriven i Java, och en webbaserad front end skapad med AngularJS. / This report describes the development of an application used to configure integrations used by Sigma Integration Architecture (SIA). The application is aimed towards Sigma personnel unfamiliar with the integration architecture, as it provides the user with various help elements in an effort to ease the configuration process and lower the entry barrier for creating and editing integrations. Using Java's reflection API in combination with dynamic proxies, the application is able to perform validation and simulation of integration pipelines before they are used for production. We also include a cache mechanism to speed up the process, and provide experimental verification of caching performance. The application is developed as two separate parts, consisting of a back end written in Java, and a web-based front end created with AngularJS.

sia

integration

simulation

java’s reflection api

proxy

dynamic proxy

server/client

javafx

sia

integration

simulering

javas reflection api

proxy

dynamisk proxy

server/klinet

javafx

Computer Sciences

Datavetenskap (datalogi)

Extrakce dešifrovaného provozu z SSL spojení / Extraction of Decrypted Data from SSL Connection

Pastuszek, Jakub

January 2019

Cílem této práce je vyvinout aplikaci schopnou dešifrovat zabezpečená spojení a přeposlat dešifrovaná data na jinou stanici v síti pro další analýzu.  Daná aplikace vybízí k nelegálním účelům, avšak zamýšleným použitím výsledného produktu jsou legální odposlechy. Pro tuto práci byla z množiny nástrojů vybrána aplikace SSLsplit díky jejím vlastnostem a výkonnosti. Toto rozhodnutí bylo na základě srovnávacích testů a porovnání vlastností. Pomocí vlastního certifikátu SSLsplit podepisuje certifikáty cílových serverů, které jsou vytvářené za běhu. Spuštěná aplikace běží v režimu transparentní proxy přímo na centrálním prvku dané sítě (routeru). SSLsplit provádí man-in-the-middle útok mezi klientem a serverem bez toho, aby to některá ze stran zaznamenala. Dále umožnuje dešifrovaný obsah odeslat na předem daný uzel v síti pro jeho další zpracování. Pro možnost snažší konfigurace SSLsplitu byla implementována integrace do netc rozhraní. Aplikace byla otestována za účelem zjištění jejich výkonnostních limitů. Výkonnostní testy výsledného řešení ukazují značný pokles počtu transakcí za sekundu (TPS) při použití SSLsplit v porovnání s pouhým přeposíláním provozu. Funkce zrcadlení významně neovlivňuje počet TPS ani neomezuje samotný SSLsplit. Výsledky ukazují, že SSLsplit je schopen reálného provozu s určitým omezením.

Evaluating a publish/subscribe proxy for HTTP

Zhang, Yuanhui

January 2013

With the increasingly high speed of the Internet and its wide spread usage, the current Internet architecture exhibits some problems. The publish/subscribe paradigm has been developed to support one of the most common patterns of communication. It makes “information” the center of communication and removes the “location-identity split” (i.e., that objects are at specific locations to which you must communicate with to access the object). In this thesis project a publish/subscribe network is built and then used in the design, implementation, and evaluation of a publish/subscribe proxy for today’s HTTP based communication. By using this proxy users are able to use their existing web browser to send both HTTP requests and Publish/Subscribe Internet Routing Paradigm (PSIRP) requests. A publish/subscribe overlay is responsible for maintaining PSIRP contents. The proxy enables web browser clients to benefit from the publish/subscribe network, without requiring them to change their behavior or even be aware of the fact that the content that they want to access is being provided via the publish/subscribe overlay. The use of the overlay enables a user’s request to be satisfied by any copy of the content, potentially decreasing latency, reducing backbone network traffic, and reducing the load on the original content server. One of the aims of this thesis is to make more PSIRP content available, this is done by introducing a proxy who handles both HTTP and PSIRP requests, but having received content as a result of an HTTP response it publishes this data as PSIRP accessible content. The purpose is to foster the introduction and spread of content based access. / Med allt högre Internetshastighet och dess utbredda användning, uppvisar den aktuella Internet-arkitekturen vissa problem. Publicera / prenumerera paradigm har utvecklats för att stödja en av de vanligaste mönstren för kommunikation. Det gör att "information" blir centrum av kommunikation och tar bort "plats-identitet split" (dvs att objekten är på specifika platser som du måste kommunicera med för att komma åt objektet). i detta examensarbete byggs ett publicera / prenumerera nätverk och sedan används i utformningen, genomförandet, och utvärdering av en publicera / prenumerera proxy för dagens HTTP-baserad kommunikation. Genom att använda denna proxy kan användare kan använda sin befintliga webbläsare för att skicka både HTTP-förfrågningar och publicera / Prenumerera Internet Routing Paradigm (PSIRP) begäran. En publicera / prenumerera överlagring är ansvarig för att upprätthålla innehåll av PSIRP. Fullmakten gör det möjligt för klienter av webbläsare att dra nytta av publicera / prenumerera nätverket, utan att kräva dem att ändra sitt beteende eller ens vara medvetna om det faktum att det innehållet som de vill komma åt tillhandahålls via publicera / prenumerera överlägg. Användningen av överlägget kan en användare begäran som skall uppfyllas av en kopia av innehållet, eventuellt minskande latens, vilket minskar trafiken stamnät, och minska belastningen på det ursprungliga innehållet servern. Ett av syftena med denna uppsats är att göra mer PSIRP innehåll tillgängligt och detta görs genom att införa en proxy som hanterar både HTTP och PSIRP förfrågningar, men har fått innehåll som en följd av en HTTP-svar offentliggörs denna data som PSIRP tillgängligt innehåll. Syftet är att främja införandet och innehållbaserade åtkomsten.

Publish/Subscribe

HTTP proxy

Blackadder

PURSUIT

Pub/sub proxy

network metrics

Publicera / Prenumerera

HTTP-proxy

Blackadder

PURSUIT

Pub / sub proxy

nätverk statistik

Communication Systems

Kommunikationssystem