My research focuses on the security of computer networks. In particular, I work on solutions which leverage recent advances in network programmability to make networks able to detect and mitigate attacks and to provide more security and privacy. Part of my work is funded by armasuisse and the Zurich Information Security & Privacy Center (ZISC).
The website about our iTAP-project is online: https://itap.ethz.ch.
Check it out to learn how programmable switches can provide anonymous communication!
“iTAP: In-network Traffic Analysis Prevention using Software-Defined Networks”
accepted at ACM SOSR 2017
I'm humbled to receive an ETH Medal for my Master thesis “SDN-based Network Obfuscation”.
My talk at the Master ceremony is available here.
Advances in layer 2 networking technologies have fostered the deployment of large, geographically distributed LANs. Due to their large diameter, such LANs provide many vantage points for wiretapping. As an example, Google's internal network was reportedly tapped by governmental agencies, forcing the Web giant to encrypt its internal traffic. While using encryption certainly helps, eavesdroppers can still access traffic metadata which often reveals sensitive information, such as who communicates with whom and which are the critical hubs in the infrastructure.
This paper presents iTAP, a system for providing strong anonymity guarantees within a network. iTAP is network-based and can be partially deployed. Akin to onion routing, iTAP rewrites packet headers at the network edges by leveraging SDN devices. As large LANs can see millions of flows, the key challenge is to rewrite headers in a way that guarantees strong anonymity while, at the same time, scaling the control-plane (number of events) and the data-plane (number of flow rules). iTAP addresses these challenges by adopting a hybrid rewriting scheme. Specifically, iTAP scales by reusing rewriting rules across distinct flows and by distributing them on multiple switches. As reusing headers leaks information, iTAP monitors this leakage and adapts the rewriting rules before any eavesdropper could provably de-anonymize any host.
We implemented iTAP and evaluated it using real network traffic traces. We show that iTAP works in practice, on existing hardware, and that deploying few SDN switches is enough to protect a large share of the network traffic.