Revisiting the Privacy Implications of Two-Way Internet Latency Data

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10771)

Abstract

The Internet measurement community is increasingly sensitive to the privacy implications of both active and passive measurement. Research into the drawbacks of network data anonymization has led the community to investigate data sharing techniques, as well as to focus on active measurements and active measurement datasets. A key metric in these datasets is round-trip-time (RTT) as measured e.g. by ping or traceroute. This paper examines the assumption that the analysis of Internet RTT data is safe for open research by posing the question: what potentually-private inferences can be made about a remote target given periodic latency measurements from known vantage points under one’s control? We explore the risks to end-user privacy both through a review of diverse literature touching on the subject as well as on the analysis of RTT data from fixed and mobile Internet measurement infrastruture. While we find that the common assumption of safety generally holds, we explore caveats and give recommendations for mitigation in those cases where it may not.

Notes

Acknowledgments

Many thanks to RIPE for making Atlas available to the research community, and to the MONROE project for access to the mobile dataset used in this work. Thanks to the anonymous reviewers and our shepherd, Ramakrishna Padmanabhan, for comments improving the organization and focus of this paper. Thanks also to the members of the IETF QUIC Working Group RTT Design Team for the discussions leading to this paper. This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No. 688421, and was supported by the Swiss State Secretariat for Education, Research and Innovation (SERI) under contract number 15.0268. The opinions expressed and arguments employed reflect only the authors’ views, and not those of the European Commission or the Swiss Government.

References

  1. 1.
    Moore, D., Claffy, K.C: Summary of anonymization best practice techniques, December 2008. https://www.caida.org/projects/predict/anonymization/
  2. 2.
    Burkhart, M., Schatzmann, D., Trammell, B., Boschi, E., Plattner, B.: The role of network trace anonymization under attack. SIGCOMM Comput. Commun. Rev. 40(1), 5–11 (2010)CrossRefGoogle Scholar
  3. 3.
    Coull, S., Wright, C., Monrose, F., Collins, M., Reiter, M.: Playing devil’s advocate: inferring sensitive information from anonymized network traces. In: Proceedings of the 14th Annual Network and Distributed Systems Security Symposium, San Diego, CA, USA (2007)Google Scholar
  4. 4.
    Barnes, R., Schneier, B., Jennings, C., Hardie, T., Trammell, B., Huitema, C., Borkmann, D.: Confidentiality in the face of pervasive surveillance: a threat model and problem statement. RFC 7624, RFC Editor, August 2015Google Scholar
  5. 5.
    Partridge, C., Allman, M.: Ethical considerations in network measurement papers. Commun. ACM 59(10), 58–64 (2016)CrossRefGoogle Scholar
  6. 6.
    Strowes, S.D.: Passively measuring TCP round-trip times. Commun. ACM 56(10), 57–64 (2013)CrossRefGoogle Scholar
  7. 7.
    Allman, M., Beverly, R., Trammell, B.: Principles for measurability in protocol design. SIGCOMM Comput. Commun. Rev. 47(2), 2–12 (2017)CrossRefGoogle Scholar
  8. 8.
    Ding, H., Rabinovich, M.: TCP stretch acknowledgements and timestamps: findings and implications for passive RTT measurement. SIGCOMM Comput. Commun. Rev. 45(3), 20–27 (2015)CrossRefGoogle Scholar
  9. 9.
    Cicalese, D., Joumblatt, D.Z., Rossi, D., Buob, M.O., Augé, J., Friedman, T.: Latency-based anycast geolocation: algorithms, software, and data sets. IEEE J. Sel. Areas Commun. 34(6), 1889–1903 (2016)CrossRefGoogle Scholar
  10. 10.
    Grey, M., Schatz, D., Rossberg, M., Schaefer, G.: Towards distributed geolocation by employing a delay-based optimization scheme. In: 2014 IEEE Symposium on Computers and Communications (ISCC), pp. 1–7, June 2014Google Scholar
  11. 11.
    Hillmann, P., Stiemert, L., Rodosek, G.D., Rose, O.: Dragoon: advanced modelling of IP geolocation by use of latency measurements. In: 2015 10th International Conference for Internet Technology and Secured Transactions (ICITST), pp. 438–445, December 2015Google Scholar
  12. 12.
    Wang, Z., Mark, B.L.: Robust statistical geolocation of Internet hosts. In: 2015 IEEE Globecom Workshops (GC Wkshps), pp. 1–6, December 2015Google Scholar
  13. 13.
    Abdou, A., Matrawy, A., van Oorschot, P.C.: CPV: delay-based location verification for the internet. IEEE Trans. Dependable Secure Comput. 14(2), 130–144 (2017)CrossRefGoogle Scholar
  14. 14.
    Katz-Bassett, E., John, J.P., Krishnamurthy, A., Wetherall, D., Anderson, T., Chawathe, Y.: Towards IP geolocation using delay and topology measurements. In: Proceedings of the 6th ACM SIGCOMM Conference on Internet Measurement, IMC 2006, pp. 71–84. ACM, New York (2006)Google Scholar
  15. 15.
    Gueye, B., Ziviani, A., Crovella, M., Fdida, S.: Constraint-based geolocation of internet hosts. IEEE/ACM Trans. Networking 14(6), 1219–1232 (2006)CrossRefGoogle Scholar
  16. 16.
    Francis, P., Jamin, S., Jin, C., Jin, Y., Paxson, V., Raz, D., Shavitt, Y., Zhang, L.: IDMaps: a global Internet host distance estimation service. In: Proceedings of IEEE INFOCOM, pp. 210–217 (2000)Google Scholar
  17. 17.
    Padmanabhan, V.N., Subramanian, L.: An investigation of geographic mapping techniques for internet hosts. SIGCOMM Comput. Commun. Rev. 31(4), 173–185 (2001)CrossRefGoogle Scholar
  18. 18.
    Laki, S., Mátray, P., Hága, P., Csabai, I., Vattay, G.: A model based approach for improving router geolocation. Comput. Netw. 54(9), 1490–1501 (2010)CrossRefMATHGoogle Scholar
  19. 19.
    Wong, B., Stoyanov, I., Sirer, E.G.: Geolocalization on the internet through constraint satisfaction. In: Proceedings of the 3rd Conference on USENIX Workshop on Real, Large Distributed Systems, WORLDS 2006, vol. 3, p. 1. USENIX Association, Berkeley,(2006)Google Scholar
  20. 20.
    Dong, Z., Perera, R.D., Chandramouli, R., Subbalakshmi, K.: Network measurement based modeling and optimization for IP geolocation. Comput. Netw. 56(1), 85–98 (2012)CrossRefGoogle Scholar
  21. 21.
    Ciavarrini, G., Luconi, V., Vecchio, A.: Smartphone-based geolocation of internet hosts. Comput. Netw. 116(Supplement C), 22–32 (2017)CrossRefGoogle Scholar
  22. 22.
    Ng, T.S.E., Zhang, H.: Global network positioning: a new approach to network distance prediction. SIGCOMM Comput. Commun. Rev. 32(1), 73–73 (2002)CrossRefGoogle Scholar
  23. 23.
    Dabek, F., Cox, R., Kaashoek, F., Morris, R.: Vivaldi: a decentralized network coordinate system. SIGCOMM Comput. Commun. Rev. 34(4), 15–26 (2004)CrossRefGoogle Scholar
  24. 24.
    Chen, Y., Xiong, Y., Shi, X., Deng, B., Li, X.: Pharos: a decentralized and hierarchical network coordinate system for Internet distance prediction. In: IEEE GLOBECOM 2007 - IEEE Global Telecommunications Conference, pp. 421–426, November 2007Google Scholar
  25. 25.
    Lim, H., Hou, J.C., Choi, C.H.: Constructing internet coordinate system based on delay measurement. IEEE/ACM Trans. Networking 13(3), 513–525 (2005)CrossRefGoogle Scholar
  26. 26.
    Ratnasamy, S., Handley, M., Karp, R., Shenker, S.: Topologically-aware overlay construction and server selection. In: Proceedings, Twenty-First Annual Joint Conference of the IEEE Computer and Communications Societies, vol. 3, pp. 1190–1199 (2002)Google Scholar
  27. 27.
    Ries, T., State, R., Engel, T.: Measuring anonymity using network coordinate systems. In: 2011 11th International Symposium on Communications Information Technologies (ISCIT), pp. 366–371, October 2011Google Scholar
  28. 28.
    Hopper, N., Vasserman, E.Y., Chan-Tin, E.: How much anonymity does network latency leak? ACM Trans. Inf. Syst. Secur. 13(2), 13:1–13:28 (2010)CrossRefGoogle Scholar
  29. 29.
    Serjantov, A., Sewell, P.: Passive attack analysis for connection-based anonymity systems. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol. 2808, pp. 116–131. Springer, Heidelberg (2003).  https://doi.org/10.1007/978-3-540-39650-5_7 CrossRefGoogle Scholar
  30. 30.
    Murdoch, S.J.: Hot or not: revealing hidden services by their clock skew. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS 2006, pp. 27–36. ACM, New York (2006)Google Scholar
  31. 31.
    Alay, O., Lutu, A., Garcia, R., Peon-Quiros, M., Mancuso, V., Hirsch, T., Dely, T., Werme, J., Evensen, K., Hansen, A., Alfredsson, S., Karlsson, J., Brunstrom, A., Khatouni, A.S., Mellia, M., Marsan, M.A., Monno, R., Lonsethagen, H.: Measuring and assessing mobile broadband networks with MONROE. In: 2016 IEEE 17th International Symposium on A World of Wireless, Mobile and Multimedia Networks (WoWMoM), pp. 1–3, June 2016Google Scholar
  32. 32.
    Gharaibeh, M., Shah, A., Huffaker, B., Zhang, H., Ensafi, R., Papadopoulos, C.: A look at router geolocation in public and commercial databases. In: Internet Measurement Conference (IMC), November 2017Google Scholar
  33. 33.
    Bajpai, V., Eravuchira, S.J., Schönwälder, J.: Dissecting last-mile latency characteristics. SIGCOMM Comput. Commun. Rev. 47(5), 25–34 (2017)CrossRefGoogle Scholar
  34. 34.
    Ager, B., Chatzis, N., Feldmann, A., Sarrar, N., Uhlig, S., Willinger, W.: Anatomy of a large European IXP. In: Proceedings of the ACM SIGCOMM 2012 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication. SIGCOMM 2012, pp. 163–174. ACM, Helsinki (2012)Google Scholar
  35. 35.
    Kreibich, C., Weaver, N., Nechaev, B., Paxson, V.: Netalyzr: illuminating the edge network. In: Proceedings of the 10th ACM SIGCOMM Conference on Internet Measurement, IMC 2010, Melbourne, Australia, pp. 246–259 (2010)Google Scholar
  36. 36.
    Luckie, M., Dhamdhere, A., Clark, D., Huffaker, B., claffy, k.: Challenges in inferring Internet interdomain congestion. In: Proceedings of the 2014 Conference on Internet Measurement Conference, IMC 2014, Vancouver, BC, Canada, pp. 15–22 (2014)Google Scholar
  37. 37.
    Holterbach, T., Pelsser, C., Bush, R., Vanbever, L.: Quantifying interference between measurements on the RIPE Atlas platform. In: Proceedings of the 2015 Internet Measurement Conference, IMC 2015, Tokyo, Japan, pp. 437–443. ACM (2015)Google Scholar
  38. 38.
    Gettys, J., Nichols, K.: Bufferbloat: dark buffers in the internet. Queue 9(11), 40:40–40:54 (2011)CrossRefGoogle Scholar
  39. 39.
    Lutu, A., Bagnulo, M., Dhamdhere, A., Claffy, K.C.: NAT revelio: detecting NAT444 in the ISP. In: Karagiannis, T., Dimitropoulos, X. (eds.) PAM 2016. LNCS, vol. 9631, pp. 149–161. Springer, Cham (2016).  https://doi.org/10.1007/978-3-319-30505-9_12 CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG, part of Springer Nature 2018

Authors and Affiliations

  1. 1.Networked Systems GroupETH ZurichZurichSwitzerland

Personalised recommendations