Published: August 1, 2018
Author(s)
Peter Mell (NIST), Assane Gueye (University of Maryland), Chris Schanzle (NIST)
Conference
Name: 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications (TrustCom)
Dates: 08/01/2018 - 08/03/2018
Location: New York, New York, United States
Citation: 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE), pp. 1619-1623
Data sent over the Internet can be monitored and manipulated by intermediate entities in the data path from the source to the destination. For unencrypted communications (and some encrypted communications with known weaknesses), eavesdropping and man-in-the-middle attacks are possible. For encrypted communication, the identifcation of the communicating endpoints is still revealed. In addition, encrypted communications may be stored until such time as newly discovered weaknesses in the encryption algorithm or advances in computer hardware render them readable by attackers.
In this work, we use public data to evaluate both advertised and observed routes through the Internet and measure the extent to which communications between pairs of countries are exposed to other countries. We use both physical router geolocation as well as the country of registration of the companies owning each router. We fnd a high level of information exposure; even physically adjacent countries use routes that involve many other countries. We also found that countries that are well ‘connected’ tend to be more exposed. Our analysis indicates that there exists a tradeoff between robustness and information exposure in the current Internet.
Data sent over the Internet can be monitored and manipulated by intermediate entities in the data path from the source to the destination. For unencrypted communications (and some encrypted communications with known weaknesses), eavesdropping and man-in-the-middle attacks are possible. For encrypted...
See full abstract
Data sent over the Internet can be monitored and manipulated by intermediate entities in the data path from the source to the destination. For unencrypted communications (and some encrypted communications with known weaknesses), eavesdropping and man-in-the-middle attacks are possible. For encrypted communication, the identifcation of the communicating endpoints is still revealed. In addition, encrypted communications may be stored until such time as newly discovered weaknesses in the encryption algorithm or advances in computer hardware render them readable by attackers.
In this work, we use public data to evaluate both advertised and observed routes through the Internet and measure the extent to which communications between pairs of countries are exposed to other countries. We use both physical router geolocation as well as the country of registration of the companies owning each router. We fnd a high level of information exposure; even physically adjacent countries use routes that involve many other countries. We also found that countries that are well ‘connected’ tend to be more exposed. Our analysis indicates that there exists a tradeoff between robustness and information exposure in the current Internet.
Hide full abstract
Keywords
measurement; privacy; internet
Control Families
None selected