Bluebear: Exploring Privacy Threats in the Internet

Overview

The Internet has never been designed with privacy in mind. For instance, the Internet is based on the IP protocol that exposes the IP address of a user to any other users it is communicating with. However, we believe that current users of the Internet do not realize how much they compromise their privacy by using the Internet. Indeed, the common wisdom is that there are so many users in the Internet that it is not feasible for an attacker, apart may be for national agencies, to globally compromise the privacy of a large fraction of users. Therefore, finding a specific user is like looking for a needle in a haystack.
The goal of the bluebear project is to raise attention on privacy issues when using the Internet. In particular, we want to show that without any dedicated infrastructure, it is possible to globally compromise the privacy of Internet users.

Contributions

It is possible to monitor all BitTorrent downloads and all BitTorrent content providers.
BitTorrent is arguably the most efficient peer-to-peer protocol for content replication. However, BitTorrent has not been designed with privacy in mind and its popularity could threaten the privacy of millions of users. Surprisingly, privacy threats due to BitTorrent have been overlooked because BitTorrent popularity gives its users the illusion that finding them is like looking for a needle in a haystack. The goal of this project is to explore the severity of the privacy threats faced by BitTorrent users.

We argue that it is possible to continuously monitor from a single machine most BitTorrent users and to identify the content providers (also called initial seeds) [LLL_LEET10, LLL_TR10]. This is a major privacy threat as it is possible for anybody in the Internet to reconstruct all the download and upload history of most BitTorrent users.

Using an anonymizing network does not help
To circumvent the kind of monitoring with described for BitTorrent, BitTorrent users are increasingly using anonymizing networks such as Tor to hide their IP address from the tracker and, possibly, from other peers. However, we showed that it is possible to retrieve the IP address for more than 70% of BitTorrent users on top of Tor [LML_LEET11]. Moreover, once the IP address of a peer is retrieved, it is possible to link to the IP address other applications used by this peer on top of Tor.

It is possible to map your social identity to your network activity.
The fact that it is hard for a person to map an IP address to an identity mitigates the impact of the privacy attacks we described. However, we show that we can exploit a peer-to-peer VoIP system to associate a social identity (name, email address, etc.) to an IP address [LZL_IMC11]. This means that anybody can now find this mapping that was only known by ISPs or big companies (like Google and Facebook), but never communicated unless in case of a legal action. The privacy threat is thus very high because this mapping enables blackmail, social attacks, targeted phishing attacks, etc.

As a proof of concept, we show that it is possible to track VoIP users mobility and BitTorrent downloads [LZL_IMC11].

Papers

[LZL_IMC11]: Stevens Le Blond, Chao Zhang, Arnaud Legout, Keith Ross, and Walid Dabbous. I Know Where You are and What You are Sharing: Exploiting P2P Communications to Invade Users' Privacy. In Proc. of ACM SIGCOMM/USENIX IMC'11, Nov. 2--3, 2011, Berlin, Germany. [.ps, .pdf, .tex].
[The New York Times, Bits , Bruce Schneier Blog, PR Newswire, TorrentFreak, The Register, Polytechnic Institute of New York University Press Release, Network World, TechSpot, Internet Safety Project, Zataz, Wired News, ComputerWorld UK, PCWorld, Slashdot, Clubic, PC Inpact, Actualités Inria, Fast Company]

[LML_LEET11]: Stevens Le Blond, Pere Manils, Abdelberi Chaabane, Mohamed Ali Kaafar, Claude Castelluccia, Arnaud Legout, Walid Dabbous. One Bad Apple Spoils the Bunch: Exploiting P2P Applications to Trace and Profile Tor Users. In Proc. of LEET'11, March 29, 2011, Boston, MA, USA. [.ps, .pdf, .tex].
Former versions of this work were presented at HotPets'2010 (July 2010), appeared as an NDSI'10 poster (April 2010) and a technical report (April 2010).
[Tor Project , Slashdot, The Register, Slyck, Le Monde, Schneier blog, Slashdot , threatpost.com , nouvelles de technologie, NewScientist, TMCnet.com, Wikipedia]

[LLL_LEET10]: Stevens Le Blond, Arnaud Legout, Fabrice Lefessant, Walid Dabbous, Mohamed Ali Kaafar. Spying the World from your Laptop - Identifying and Profiling Content Providers and Big Downloaders in BitTorrent. In Proc. of LEET'10, April 27, 2010, San Jose, CA, USA. [.ps, .pdf, .tex]. An extended version of this work is available in [LLL_TR10].
[Slashdot, TorrentFreak, The Register, Slyck, Le Monde]

[LLL_TR10]: Stevens Le Blond, Arnaud Legout, Fabrice Lefessant, Walid Dabbous. Angling for Big Fish in BitTorrent. Technical Report (inria-00451282, version 1 - 28 Jan 2010), INRIA, Sophia Antipolis, January 2010. [.ps, .pdf, .tex].

Members

Arnaud Legout (INRIA, F)
Stevens Le Blond (MPI, Germany)
Chao Zhang (NYU-Poly, USA)
Keith Ross (NYU-Poly, USA)
Walid Dabbous (INRIA, F)
Fabrice Le Fessant (INRIA, F)
Pere Manils (INRIA, F)
Abdelberi Chaabane (INRIA, F)
Mohamed Ali Kaafar (INRIA, F)
Claude Castelluccia (INRIA, F)

If you have any comments or questions you can send me an email at: arnaud.legout@inria.fr

Back to my Home Page