1 / 11

Performing unreliable check using unreliable ID

Performing unreliable check using unreliable ID. By: Shiva Srivastava Sankalp Kohli. A temporary solution!! No name of the email provider? What about multi home users. Source spoof network attacks. No proper handling of NAT / proxy No reason for using values while identifying proxies.

sherri
Télécharger la présentation

Performing unreliable check using unreliable ID

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Performing unreliable check using unreliable ID By: Shiva Srivastava SankalpKohli

  2. A temporary solution!! No name of the email provider? What about multi home users. Source spoof network attacks. No proper handling of NAT / proxy No reason for using values while identifying proxies

  3. What is the source of software update data • What about proxy having single hardware id. • Why they checked the remaining 4% manually. • Not sufficient proof.

  4. Are they really bots? • Only 1-2 IP per user. • Single email per user per month!! • Bots send 20 email per month! • If you move around, you are a bot. • Not able to find, then you are a bot. • Email Signup burst because of an advertisement. • Bots use US country code? Random numbers!

  5. What is the source of initial malicious host? • Not capable of the online detection and blocking of responsible activities. • Better solution is crypto-graphical approaches (i.e., AIP, CGA) • What about admins who don’t have any application servers. • Is user IDs the best way to track host-IP binding? • Even if you get host-IP binding then also how can we stop attacks?

  6. First overview Why short term planning. Internet is a dynamic place, this would be outdated in a min.

  7. Design Flaws • They track the user based on email IDs, • I can just use multiple email and get past their traking or just shield myself with NAT. • “Our goal is to generate the host tracking using logs with unreliable ID” • So they are tracking with something that is not even necessarily there.

  8. Design Flaws II • Again they are using email login as an input event. • I am logged in almost all the time at two locations! • They pair up user based on login patter, but this could be totally random too, as incase of neighbors with same schedule.

  9. Result Flaw. • ‘In practice concurrent bindings are a small portion of all the conflicts, and not many groups are affected in this step’ • But again this is for their system, not really true for real world scenario.

  10. Validation flaw • Their accuracy would fall down in case of multiple email. • And basically the malicious users cannot be tracked, so they only track the good guys. • Also they nitpicks the user so that their system can work. Good job. • Oh yeah we are better than naïve approach, yay!

  11. Application flaw • They cannot track NAT users, so how is this good.? • Too many flase positive 20,000. • They want to mess with the end user…. Coz that’s a good idea.

More Related