Tobias Pulls
YOU?
Author Swipe
View article: Secure Deployment of eBPF Programs Made Manifest
Secure Deployment of eBPF Programs Made Manifest Open
eBPF allows for dynamic kernel customization at runtimewith low overhead and fine-grained control over system operations. In recent years, its usage has increased in domainswhere performance is critical, including network management, syste…
View article: Onion-Location Measurements and Fingerprinting
Onion-Location Measurements and Fingerprinting Open
Onion-Location makes it easy for websites offering onion service access to support automatic discovery in Tor Browser of the random-looking onion address associated with their domain. We provide the first measurement study of how many webs…
View article: The eBPF Runtime in the Linux Kernel
The eBPF Runtime in the Linux Kernel Open
Extended Berkeley Packet Filter (eBPF) is a runtime that enables users to load programs into the operating system (OS) kernel, like Linux or Windows, and execute them safely and efficiently at designated kernel hooks. Each program passes t…
View article: Maybenot: A Framework for Traffic Analysis Defenses
Maybenot: A Framework for Traffic Analysis Defenses Open
In light of the increasing ubiquity of end-to-end encryption and the use of technologies such as Tor and VPNs, analyzing communications metadata - -traffic analysis - -is a last resort for network adversaries. Traffic analysis attacks are …
View article: Comparing Security in eBPF and WebAssembly
Comparing Security in eBPF and WebAssembly Open
This paper examines the security of eBPF and WebAssembly (Wasm), two technologies that have gained widespread adoption in recent years, despite being designed for very different use cases and environments. While eBPF is a technology primar…
View article: Maybenot: A Framework for Traffic Analysis Defenses
Maybenot: A Framework for Traffic Analysis Defenses Open
End-to-end encryption is a powerful tool for protecting the privacy of Internet users. Together with the increasing use of technologies such as Tor, VPNs, and encrypted messaging, it is becoming increasingly difficult for network adversari…
View article: A Second Look at DNS QNAME Minimization
A Second Look at DNS QNAME Minimization Open
The Domain Name System (DNS) is a critical Internet infrastructure that translates human-readable domain names to IP addresses. It was originally designed over 35 years ago and multiple enhancements have since then been made, in particular…
View article: Splitting Hairs and Network Traces
Splitting Hairs and Network Traces Open
The widespread use of encryption and anonymization technologies - -e.g., HTTPS, VPNs, Tor, and iCloud Private Relay - -makes network attackers likely to resort to traffic analysis to learn of client activity. For web traffic, such analysis…
View article: Privacy-Preserving & Incrementally-Deployable Support for Certificate Transparency in Tor
Privacy-Preserving & Incrementally-Deployable Support for Certificate Transparency in Tor Open
The security of the web improved greatly throughout the last couple of years. A large majority of the web is now served encrypted as part of HTTPS, and web browsers accordingly moved from positive to negative security indicators that warn …
View article: Towards Effective and Efficient Padding Machines for Tor
Towards Effective and Efficient Padding Machines for Tor Open
Tor recently integrated a circuit padding framework for creating padding machines: defenses that work by defining state machines that inject dummy traffic to protect against traffic analysis attacks like Website Fingerprinting (WF) attacks…
View article: Website Fingerprinting with Website Oracles
Website Fingerprinting with Website Oracles Open
Website Fingerprinting (WF) attacks are a subset of traffic analysis attacks where a local passive attacker attempts to infer which websites a target victim is visiting over an encrypted tunnel, such as the anonymity network Tor. We introd…
View article: Aggregation-Based Gossip for Certificate Transparency
Aggregation-Based Gossip for Certificate Transparency Open
Certificate Transparency (CT) is a project that mandates public logging of TLS certificates issued by certificate authorities. While a CT log is designed to be trustless, it relies on the assumptio ...
View article: Aggregation-Based Certificate Transparency Gossip
Aggregation-Based Certificate Transparency Gossip Open
Certificate Transparency (CT) requires that every CA-issued TLS certificate must be publicly logged. While a CT log need not be trusted in theory, it relies on the assumption that every client observes and cryptographically verifies the sa…
View article: A MOOC on Privacy by Design and the GDPR
A MOOC on Privacy by Design and the GDPR Open
In this paper we describe how we designed a massive open online course (mooc) on Privacy by Design with a focus on how to achieve compliance with the eu gdpr principles and requirements in it engineering and management. This mooc aims at e…
View article: The Effect of DNS on Tor's Anonymity
The Effect of DNS on Tor's Anonymity Open
Previous attacks that link the sender and receiver of traffic in the Tor network ("correlation attacks") have generally relied on analyzing traffic from TCP connections. The TCP connections of a typical client application, however, are oft…
View article: Standardized Syslog Processing : Revisiting Secure Reliable Data Transfer and Message Compression
Standardized Syslog Processing : Revisiting Secure Reliable Data Transfer and Message Compression Open
Today's computer logs are like smoking guns and treasure maps in case of suspicious system activities: they document intrusions, and log crucial information such as failed system updates and crashed services. An adversary thus has a clear …
View article: Usable Transparency with the Data Track
Usable Transparency with the Data Track Open
We present a prototype of the user interface of a transparency tool that displays an overview of a user's data disclosures to different online service providers and allows them to access data collected about them stored at the services' si…
View article: Preserving Privacy in Transparency Logging
Preserving Privacy in Transparency Logging Open
The subject of this dissertation is the construction of privacy-enhancing technologies (PETs) for transparency logging, a technology at the intersection of privacy, transparency, and accountability. Transparency logging facilitates the tra…