Abstract
The Internet measurement community is increasingly sensitive to the privacy implications of both active and passive measurement. Research into the drawbacks of network data anonymization has led the community to investigate data sharing techniques, as well as to focus on active measurements and active measurement datasets. A key metric in these datasets is round-trip-time (RTT) as measured e.g. by ping or traceroute. This paper examines the assumption that the analysis of Internet RTT data is safe for open research by posing the question: what potentually-private inferences can be made about a remote target given periodic latency measurements from known vantage points under one’s control? We explore the risks to end-user privacy both through a review of diverse literature touching on the subject as well as on the analysis of RTT data from fixed and mobile Internet measurement infrastruture. While we find that the common assumption of safety generally holds, we explore caveats and give recommendations for mitigation in those cases where it may not.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
e.g. the European General Data Protection Regulation (GDPR); see http://www.eugdpr.org.
- 2.
- 3.
- 4.
Here, the reasoning is that such pairs are either colocated in the same rack, or possible connected to the same local- or metropolitan-area network, and as such do not accurately reflect Internet RTT measurement.
- 5.
As retrieved from https://stat.ripe.net on 10 October 2017.
- 6.
MONROE nodes provide GPS metadata for mobile nodes for location ground truth. We split MONROE data from 1 September 2017 into 5 min bins (300 pings) and associated the geographic average GPS location with the minimum RTT in each bin to yield 3,863 samples from 45 nodes.
- 7.
References
Moore, D., Claffy, K.C: Summary of anonymization best practice techniques, December 2008. https://www.caida.org/projects/predict/anonymization/
Burkhart, M., Schatzmann, D., Trammell, B., Boschi, E., Plattner, B.: The role of network trace anonymization under attack. SIGCOMM Comput. Commun. Rev. 40(1), 5–11 (2010)
Coull, S., Wright, C., Monrose, F., Collins, M., Reiter, M.: Playing devil’s advocate: inferring sensitive information from anonymized network traces. In: Proceedings of the 14th Annual Network and Distributed Systems Security Symposium, San Diego, CA, USA (2007)
Barnes, R., Schneier, B., Jennings, C., Hardie, T., Trammell, B., Huitema, C., Borkmann, D.: Confidentiality in the face of pervasive surveillance: a threat model and problem statement. RFC 7624, RFC Editor, August 2015
Partridge, C., Allman, M.: Ethical considerations in network measurement papers. Commun. ACM 59(10), 58–64 (2016)
Strowes, S.D.: Passively measuring TCP round-trip times. Commun. ACM 56(10), 57–64 (2013)
Allman, M., Beverly, R., Trammell, B.: Principles for measurability in protocol design. SIGCOMM Comput. Commun. Rev. 47(2), 2–12 (2017)
Ding, H., Rabinovich, M.: TCP stretch acknowledgements and timestamps: findings and implications for passive RTT measurement. SIGCOMM Comput. Commun. Rev. 45(3), 20–27 (2015)
Cicalese, D., Joumblatt, D.Z., Rossi, D., Buob, M.O., Augé, J., Friedman, T.: Latency-based anycast geolocation: algorithms, software, and data sets. IEEE J. Sel. Areas Commun. 34(6), 1889–1903 (2016)
Grey, M., Schatz, D., Rossberg, M., Schaefer, G.: Towards distributed geolocation by employing a delay-based optimization scheme. In: 2014 IEEE Symposium on Computers and Communications (ISCC), pp. 1–7, June 2014
Hillmann, P., Stiemert, L., Rodosek, G.D., Rose, O.: Dragoon: advanced modelling of IP geolocation by use of latency measurements. In: 2015 10th International Conference for Internet Technology and Secured Transactions (ICITST), pp. 438–445, December 2015
Wang, Z., Mark, B.L.: Robust statistical geolocation of Internet hosts. In: 2015 IEEE Globecom Workshops (GC Wkshps), pp. 1–6, December 2015
Abdou, A., Matrawy, A., van Oorschot, P.C.: CPV: delay-based location verification for the internet. IEEE Trans. Dependable Secure Comput. 14(2), 130–144 (2017)
Katz-Bassett, E., John, J.P., Krishnamurthy, A., Wetherall, D., Anderson, T., Chawathe, Y.: Towards IP geolocation using delay and topology measurements. In: Proceedings of the 6th ACM SIGCOMM Conference on Internet Measurement, IMC 2006, pp. 71–84. ACM, New York (2006)
Gueye, B., Ziviani, A., Crovella, M., Fdida, S.: Constraint-based geolocation of internet hosts. IEEE/ACM Trans. Networking 14(6), 1219–1232 (2006)
Francis, P., Jamin, S., Jin, C., Jin, Y., Paxson, V., Raz, D., Shavitt, Y., Zhang, L.: IDMaps: a global Internet host distance estimation service. In: Proceedings of IEEE INFOCOM, pp. 210–217 (2000)
Padmanabhan, V.N., Subramanian, L.: An investigation of geographic mapping techniques for internet hosts. SIGCOMM Comput. Commun. Rev. 31(4), 173–185 (2001)
Laki, S., Mátray, P., Hága, P., Csabai, I., Vattay, G.: A model based approach for improving router geolocation. Comput. Netw. 54(9), 1490–1501 (2010)
Wong, B., Stoyanov, I., Sirer, E.G.: Geolocalization on the internet through constraint satisfaction. In: Proceedings of the 3rd Conference on USENIX Workshop on Real, Large Distributed Systems, WORLDS 2006, vol. 3, p. 1. USENIX Association, Berkeley,(2006)
Dong, Z., Perera, R.D., Chandramouli, R., Subbalakshmi, K.: Network measurement based modeling and optimization for IP geolocation. Comput. Netw. 56(1), 85–98 (2012)
Ciavarrini, G., Luconi, V., Vecchio, A.: Smartphone-based geolocation of internet hosts. Comput. Netw. 116(Supplement C), 22–32 (2017)
Ng, T.S.E., Zhang, H.: Global network positioning: a new approach to network distance prediction. SIGCOMM Comput. Commun. Rev. 32(1), 73–73 (2002)
Dabek, F., Cox, R., Kaashoek, F., Morris, R.: Vivaldi: a decentralized network coordinate system. SIGCOMM Comput. Commun. Rev. 34(4), 15–26 (2004)
Chen, Y., Xiong, Y., Shi, X., Deng, B., Li, X.: Pharos: a decentralized and hierarchical network coordinate system for Internet distance prediction. In: IEEE GLOBECOM 2007 - IEEE Global Telecommunications Conference, pp. 421–426, November 2007
Lim, H., Hou, J.C., Choi, C.H.: Constructing internet coordinate system based on delay measurement. IEEE/ACM Trans. Networking 13(3), 513–525 (2005)
Ratnasamy, S., Handley, M., Karp, R., Shenker, S.: Topologically-aware overlay construction and server selection. In: Proceedings, Twenty-First Annual Joint Conference of the IEEE Computer and Communications Societies, vol. 3, pp. 1190–1199 (2002)
Ries, T., State, R., Engel, T.: Measuring anonymity using network coordinate systems. In: 2011 11th International Symposium on Communications Information Technologies (ISCIT), pp. 366–371, October 2011
Hopper, N., Vasserman, E.Y., Chan-Tin, E.: How much anonymity does network latency leak? ACM Trans. Inf. Syst. Secur. 13(2), 13:1–13:28 (2010)
Serjantov, A., Sewell, P.: Passive attack analysis for connection-based anonymity systems. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol. 2808, pp. 116–131. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-39650-5_7
Murdoch, S.J.: Hot or not: revealing hidden services by their clock skew. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS 2006, pp. 27–36. ACM, New York (2006)
Alay, O., Lutu, A., Garcia, R., Peon-Quiros, M., Mancuso, V., Hirsch, T., Dely, T., Werme, J., Evensen, K., Hansen, A., Alfredsson, S., Karlsson, J., Brunstrom, A., Khatouni, A.S., Mellia, M., Marsan, M.A., Monno, R., Lonsethagen, H.: Measuring and assessing mobile broadband networks with MONROE. In: 2016 IEEE 17th International Symposium on A World of Wireless, Mobile and Multimedia Networks (WoWMoM), pp. 1–3, June 2016
Gharaibeh, M., Shah, A., Huffaker, B., Zhang, H., Ensafi, R., Papadopoulos, C.: A look at router geolocation in public and commercial databases. In: Internet Measurement Conference (IMC), November 2017
Bajpai, V., Eravuchira, S.J., Schönwälder, J.: Dissecting last-mile latency characteristics. SIGCOMM Comput. Commun. Rev. 47(5), 25–34 (2017)
Ager, B., Chatzis, N., Feldmann, A., Sarrar, N., Uhlig, S., Willinger, W.: Anatomy of a large European IXP. In: Proceedings of the ACM SIGCOMM 2012 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication. SIGCOMM 2012, pp. 163–174. ACM, Helsinki (2012)
Kreibich, C., Weaver, N., Nechaev, B., Paxson, V.: Netalyzr: illuminating the edge network. In: Proceedings of the 10th ACM SIGCOMM Conference on Internet Measurement, IMC 2010, Melbourne, Australia, pp. 246–259 (2010)
Luckie, M., Dhamdhere, A., Clark, D., Huffaker, B., claffy, k.: Challenges in inferring Internet interdomain congestion. In: Proceedings of the 2014 Conference on Internet Measurement Conference, IMC 2014, Vancouver, BC, Canada, pp. 15–22 (2014)
Holterbach, T., Pelsser, C., Bush, R., Vanbever, L.: Quantifying interference between measurements on the RIPE Atlas platform. In: Proceedings of the 2015 Internet Measurement Conference, IMC 2015, Tokyo, Japan, pp. 437–443. ACM (2015)
Gettys, J., Nichols, K.: Bufferbloat: dark buffers in the internet. Queue 9(11), 40:40–40:54 (2011)
Lutu, A., Bagnulo, M., Dhamdhere, A., Claffy, K.C.: NAT revelio: detecting NAT444 in the ISP. In: Karagiannis, T., Dimitropoulos, X. (eds.) PAM 2016. LNCS, vol. 9631, pp. 149–161. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-30505-9_12
Acknowledgments
Many thanks to RIPE for making Atlas available to the research community, and to the MONROE project for access to the mobile dataset used in this work. Thanks to the anonymous reviewers and our shepherd, Ramakrishna Padmanabhan, for comments improving the organization and focus of this paper. Thanks also to the members of the IETF QUIC Working Group RTT Design Team for the discussions leading to this paper. This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No. 688421, and was supported by the Swiss State Secretariat for Education, Research and Innovation (SERI) under contract number 15.0268. The opinions expressed and arguments employed reflect only the authors’ views, and not those of the European Commission or the Swiss Government.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Trammell, B., Kühlewind, M. (2018). Revisiting the Privacy Implications of Two-Way Internet Latency Data. In: Beverly, R., Smaragdakis, G., Feldmann, A. (eds) Passive and Active Measurement. PAM 2018. Lecture Notes in Computer Science(), vol 10771. Springer, Cham. https://doi.org/10.1007/978-3-319-76481-8_6
Download citation
DOI: https://doi.org/10.1007/978-3-319-76481-8_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-76480-1
Online ISBN: 978-3-319-76481-8
eBook Packages: Computer ScienceComputer Science (R0)