The Polyjuice Potion -netflow correlation avoidance Workshop

From HOPE Wiki
Revision as of 16:26, 16 July 2022 by Maltman23 (talk | contribs)
Jump to: navigation, search

The Polyjuice Potion: a workshop on netflow correlation avoidance workshop

This workshop will be given:
   Day 1: Friday, 22-July-2022, 6:00pm - 7:00pm, Workshop C (D'Angelo 307)

NOTE: You do NOT need to register to take this workshop -- please show up early to ensure a seat at Workshop C (D'Angelo 307).


Abstract

This workshop covers modern netflow correlation and web traffic fingerprinting attacks and countermeasures in practice, with a focus on Tor, i2p, nym, and other publicly accessible anonymity tools. Most of the academic literature focuses on how to perform these types of attacks only in theory. In practice they are difficult to set up and require extensive collaboration between backbone-positioned adversaries. One would hope that these adversaries are careful, accountable, well-resourced, and not beholden to the interests of private corporations. I'll first describe the state of the art for these attacks, including: netflow correlation, web traffic fingerprinting, active traffic disruption, and throttling. I'll then detail an end-to-end pipeline for legally spinning up a C2 server with full non-attribution, enabled using publicly available infrastructure.


Presenter(s)

William Jones


Full Description

full description text goes here


Registration -- NOT required

You do not need to register in advance to take this workshop -- just show up early to ensure a seat.:


Required Software

any required software goes here


Links

any links go here