Auflistung nach Autor:in "Marx, Matthias"
1 - 2 von 2
Treffer pro Seite
Sortieroptionen
- KonferenzbeitragAbusers don’t get Privacy. Sensitively Logging and Blocking Tor Abuse(SICHERHEIT 2020, 2020) Marx, MatthiasTor has a significant problem with malicious traffic routed through Tor exit nodes. They create a credible reason for websites to discriminate against Tor users. The abuse also creates a strong disincentive to run exit nodes since the exit node operators have to deal with abuse messages and possible law enforcement interactions. We want to detect and mitigate the attacks that happen through Tor exit nodes without undermining Tor users’ anonymity and privacy. We use a modified version of the Tor exit node to enable NIDS (Network Intrusion Detection) monitoring and termination of malicious activity on a per-circuit level. We use the Zeek IDS (formerly Bro) to detect attacks using robust mechanisms that have very low false positive rates. Initial results indicate that, using our approach, the number of abuse cases can be reduced.
- KonferenzbeitragHashing of personally identifiable information is not sufficient(SICHERHEIT 2018, 2018) Marx, Matthias; Zimmer, Ephraim; Mueller, Tobias; Blochberger, Maximilian; Federrath, HannesIt is common practice of web tracking services to hash personally identifiable information (PII), e. g., e-mail or IP addresses, in order to avoid linkability between collected data sets of web tracking services and the corresponding users while still preserving the ability to update and merge data sets associated to the very same user over time. Consequently, these services argue to be complying with existing privacy laws as the data sets allegedly have been pseudonymised. In this paper, we show that the finite pre-image space of PII is bounded in such a way, that an attack on these hashes is significantly eased both theoretically as well as in practice. As a result, the inference from PII hashes to the corresponding PII is intrinsically faster than by performing a naive brute-force attack. We support this statement by an empirical study of breaking PII hashes in order to show that hashing of PII is not a sufficient pseudonymisation technique.