Notes on Theoretical Limitations and Practical Vulnerabilities of Internet Surveillance Capture

Loading...
Thumbnail Image
Penn collection
Technical Reports (CIS)
Degree type
Discipline
Subject
Funder
Grant number
License
Copyright date
Distributor
Related resources
Author
Cronin, Eric C.
Contributor
Abstract

Surveillance of Internet communications is increasingly common. As a greater and greater percentage of communication occurs over the Internet, the desire by law enforcement, intelligence agencies, criminals, and others to access these communications grows. In recent years, motivated by updated legislation, we have seen the first large-scale systems for intercepting Internet communications deployed, and there is increasing pressure for more such systems to be developed and put to use. Such systems raise a number of obvious questions for the security research community. Unfortunately, nearly all the systems that have been developed are closed and proprietary, and their inner workings closely guarded for commercial and “security” reasons. Very little research exists in the open academic literature exploring the technical aspects of Internet surveillance, and (to our knowledge) none which focuses on security or reliability. In this work we examine one specific problem, that of performing reliable capture of Internet communications. This work has three main contributions which address some, but by no means all, of the open questions relating to reliable capture in Internet surveillance. First, we provide a survey of the current state of practice for Internet capture in the public literature. Second, we examine a number of ways in which existing capture solutions fall short of perfect capture, and the consequences, namely theoretical vulnerabilities as well as practical attacks on the accuracy and completeness of information analyzed. Finally, we construct a set of improved capture tools which provide stronger, more reliable results when used in conjunction with existing tools. This document represents a dissertation in progress.

Advisor
Date Range for Data Collection (Start Date)
Date Range for Data Collection (End Date)
Digital Object Identifier
Series name and number
Publication date
2010-09-10
Volume number
Issue number
Publisher
Publisher DOI
Journal Issue
Comments
University of Pennsylvania Department of Computer and Information Science Technical Report No. MS-CIS-10-29.
Recommended citation
Collection