What can you learn from an IP?

Simran Patil; Nikita Borisov

doi:10.1145/3340301.3341133

What can you learn from an IP?

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

The Internet was not designed with security in mind. A number of recent protocols such as Encrypted DNS, HTTPS, etc. target encrypting critical parts of the web architecture, which can otherwise be exploited by eavesdroppers to infer users' data. But encryption may not necessarily guarantee privacy, especially when it comes to metadata. Emerging standards can protect the contents of both DNS queries and the TLS SNI extensions; however, it might still be possible to determine which websites users are visiting by simply looking at the destination IP addresses on the traffic originating from users' devices. We perform a measurement study to determine the anonymity provided by IP addresses resulting from the multiple sub-queries that are made as a consequence of accessing a particular web page. We show that, in most cases, an adversary can use the IP addresses during a page load as a form of a fingerprint to infer the original site identity.

Original language	English (US)
Title of host publication	ANRW 2019 - Proceedings of the 2019 Applied Networking Research Workshop
Publisher	Association for Computing Machinery
Pages	45-51
Number of pages	7
ISBN (Electronic)	9781450368483
DOIs	https://doi.org/10.1145/3340301.3341133
State	Published - Jul 22 2019
Event	2019 Applied Networking Research Workshop, ANRW 2019 - Montreal, Canada Duration: Jul 22 2019 → …

Publication series

Name	ANRW 2019 - Proceedings of the 2019 Applied Networking Research Workshop

Conference

Conference	2019 Applied Networking Research Workshop, ANRW 2019
Country/Territory	Canada
City	Montreal
Period	7/22/19 → …

ASJC Scopus subject areas

Computer Networks and Communications
Information Systems

Online availability

10.1145/3340301.3341133

Library availability

Discover UIUC Full Text

Cite this

Patil, S & Borisov, N 2019, What can you learn from an IP? in ANRW 2019 - Proceedings of the 2019 Applied Networking Research Workshop. ANRW 2019 - Proceedings of the 2019 Applied Networking Research Workshop, Association for Computing Machinery, pp. 45-51, 2019 Applied Networking Research Workshop, ANRW 2019, Montreal, Canada, 7/22/19. https://doi.org/10.1145/3340301.3341133

@inproceedings{da1f7d9b332a459f8e3af10b551f27fb,

title = "What can you learn from an IP?",

abstract = "The Internet was not designed with security in mind. A number of recent protocols such as Encrypted DNS, HTTPS, etc. target encrypting critical parts of the web architecture, which can otherwise be exploited by eavesdroppers to infer users' data. But encryption may not necessarily guarantee privacy, especially when it comes to metadata. Emerging standards can protect the contents of both DNS queries and the TLS SNI extensions; however, it might still be possible to determine which websites users are visiting by simply looking at the destination IP addresses on the traffic originating from users' devices. We perform a measurement study to determine the anonymity provided by IP addresses resulting from the multiple sub-queries that are made as a consequence of accessing a particular web page. We show that, in most cases, an adversary can use the IP addresses during a page load as a form of a fingerprint to infer the original site identity.",

author = "Simran Patil and Nikita Borisov",

note = "Publisher Copyright: {\textcopyright} 2019 ACM.; 2019 Applied Networking Research Workshop, ANRW 2019 ; Conference date: 22-07-2019",

year = "2019",

month = jul,

day = "22",

doi = "10.1145/3340301.3341133",

language = "English (US)",

series = "ANRW 2019 - Proceedings of the 2019 Applied Networking Research Workshop",

publisher = "Association for Computing Machinery",

pages = "45--51",

booktitle = "ANRW 2019 - Proceedings of the 2019 Applied Networking Research Workshop",