Review of "Privacy-preserving network forensics" by Afanasyev M., Kohno T., Ma J., Murphy N., Savage S., Snoeren A., and Voelker G.

    Research output: Contribution to journalBook/Film/Article reviewAcademic

    Abstract

    The Internet offers users some anonymity; at the network level, an Internet protocol (IP) address is only loosely associated with a device, and is not associated with a person. This article proposes the use of group signatures to bind the identity of the device responsible for sending a packet with the contents of the packet. The group signature allows anyone to check that the signature is valid, but requires a number of cooperating group members to reveal the identity of the device from a signed packet. The authors suggest that manufacturers might include a unique device ID in their products, which could then be linked to the owner via purchase and maintenance records. The article discusses some of the privacy issues, but does not consider the possible actions of a motivated offender. For example, an offender could hijack a computer and easily send IP packets from a machine that he controls, but that he does not own. In addition, laptops are already among the most coveted items for thieves. A clean device ID would make a laptop an even more attractive target. Finally, the billions of PCs, PDAs, and smartphones in use without device IDs would be preferred tools for offenders. The clever technology proposed by Afanasyev et al. may help to trace back IP packets in some cases, but it is questionable whether the benefits outweigh the disadvantages.
    Original languageUndefined
    Pages (from-to)CR139251-CR139251
    Number of pages1
    JournalComputing reviews
    VolumeJuly 2011
    Issue numberCR139251
    Publication statusPublished - Jul 2011

    Keywords

    • EWI-20371
    • METIS-279161
    • SCS-Cybersecurity

    Cite this

    @article{53b132c3fe274a99bed8627d4d2f6f87,
    title = "Review of {"}Privacy-preserving network forensics{"} by Afanasyev M., Kohno T., Ma J., Murphy N., Savage S., Snoeren A., and Voelker G.",
    abstract = "The Internet offers users some anonymity; at the network level, an Internet protocol (IP) address is only loosely associated with a device, and is not associated with a person. This article proposes the use of group signatures to bind the identity of the device responsible for sending a packet with the contents of the packet. The group signature allows anyone to check that the signature is valid, but requires a number of cooperating group members to reveal the identity of the device from a signed packet. The authors suggest that manufacturers might include a unique device ID in their products, which could then be linked to the owner via purchase and maintenance records. The article discusses some of the privacy issues, but does not consider the possible actions of a motivated offender. For example, an offender could hijack a computer and easily send IP packets from a machine that he controls, but that he does not own. In addition, laptops are already among the most coveted items for thieves. A clean device ID would make a laptop an even more attractive target. Finally, the billions of PCs, PDAs, and smartphones in use without device IDs would be preferred tools for offenders. The clever technology proposed by Afanasyev et al. may help to trace back IP packets in some cases, but it is questionable whether the benefits outweigh the disadvantages.",
    keywords = "EWI-20371, METIS-279161, SCS-Cybersecurity",
    author = "Hartel, {Pieter H.}",
    year = "2011",
    month = "7",
    language = "Undefined",
    volume = "July 2011",
    pages = "CR139251--CR139251",
    journal = "Computing reviews",
    issn = "0010-4884",
    publisher = "Association for Computing Machinery (ACM)",
    number = "CR139251",

    }

    Review of "Privacy-preserving network forensics" by Afanasyev M., Kohno T., Ma J., Murphy N., Savage S., Snoeren A., and Voelker G. / Hartel, Pieter H.

    In: Computing reviews, Vol. July 2011, No. CR139251, 07.2011, p. CR139251-CR139251.

    Research output: Contribution to journalBook/Film/Article reviewAcademic

    TY - JOUR

    T1 - Review of "Privacy-preserving network forensics" by Afanasyev M., Kohno T., Ma J., Murphy N., Savage S., Snoeren A., and Voelker G.

    AU - Hartel, Pieter H.

    PY - 2011/7

    Y1 - 2011/7

    N2 - The Internet offers users some anonymity; at the network level, an Internet protocol (IP) address is only loosely associated with a device, and is not associated with a person. This article proposes the use of group signatures to bind the identity of the device responsible for sending a packet with the contents of the packet. The group signature allows anyone to check that the signature is valid, but requires a number of cooperating group members to reveal the identity of the device from a signed packet. The authors suggest that manufacturers might include a unique device ID in their products, which could then be linked to the owner via purchase and maintenance records. The article discusses some of the privacy issues, but does not consider the possible actions of a motivated offender. For example, an offender could hijack a computer and easily send IP packets from a machine that he controls, but that he does not own. In addition, laptops are already among the most coveted items for thieves. A clean device ID would make a laptop an even more attractive target. Finally, the billions of PCs, PDAs, and smartphones in use without device IDs would be preferred tools for offenders. The clever technology proposed by Afanasyev et al. may help to trace back IP packets in some cases, but it is questionable whether the benefits outweigh the disadvantages.

    AB - The Internet offers users some anonymity; at the network level, an Internet protocol (IP) address is only loosely associated with a device, and is not associated with a person. This article proposes the use of group signatures to bind the identity of the device responsible for sending a packet with the contents of the packet. The group signature allows anyone to check that the signature is valid, but requires a number of cooperating group members to reveal the identity of the device from a signed packet. The authors suggest that manufacturers might include a unique device ID in their products, which could then be linked to the owner via purchase and maintenance records. The article discusses some of the privacy issues, but does not consider the possible actions of a motivated offender. For example, an offender could hijack a computer and easily send IP packets from a machine that he controls, but that he does not own. In addition, laptops are already among the most coveted items for thieves. A clean device ID would make a laptop an even more attractive target. Finally, the billions of PCs, PDAs, and smartphones in use without device IDs would be preferred tools for offenders. The clever technology proposed by Afanasyev et al. may help to trace back IP packets in some cases, but it is questionable whether the benefits outweigh the disadvantages.

    KW - EWI-20371

    KW - METIS-279161

    KW - SCS-Cybersecurity

    M3 - Book/Film/Article review

    VL - July 2011

    SP - CR139251-CR139251

    JO - Computing reviews

    JF - Computing reviews

    SN - 0010-4884

    IS - CR139251

    ER -