• Publications
  • Influence
Effective Attacks and Provable Defenses for Website Fingerprinting
TLDR
This paper shows how simulatable, deterministic defenses can be provably private, and shows that bandwidth overhead optimality can be achieved for these defenses by using a supersequence over anonymity sets of packet sequences.
Touching from a distance: website fingerprinting attacks and defenses
We present a novel web page fingerprinting attack that is able to defeat several recently proposed defenses against traffic analysis attacks, including the application-level defenses HTTPOS and
A Systematic Approach to Developing and Evaluating Website Fingerprinting Defenses
TLDR
Tamaraw is presented, a new defense that achieves a better security/bandwidth trade-off than any previously proposed defense and provides an "existence proof" for efficient, secure defenses.
Homomorphic Signature Schemes
Privacy homomorphisms, encryption schemes that are also homomorphisms relative to some binary operation, have been studied for some time, but one may also consider the analogous problem of
CS-BuFLO: A Congestion Sensitive Website Fingerprinting Defense
TLDR
The complete specifications of the CS-BuFlo scheme, which is based on the BuFlo defense proposed by Dyer, et al., are laid out and a thorough evaluation of the scheme is performed using empirical data (rather than data from simulations).
Don't Thrash: How to Cache Your Hash on Flash
TLDR
Two data structures are given, the buffered quotient filter and the cascade filter, which serve as SSD-optimized alternatives to the Bloom filter and significantly outperform recently-proposed SSD- Optimized Bloom filter variants.
A General-Purpose Counting Filter: Making Every Bit Count
TLDR
A new general-purpose AMQ, the counting quotient filter (CQF), which is small and fast, has good locality of reference, scales out of RAM to SSD, and supports deletions, counting, resizing, merging, and highly concurrent access.
RICH: Automatically Protecting Against Integer-Based Vulnerabilities
TLDR
RICH (Run-time Integer CHecking), a tool for efficiently detecting integer-based attacks against C programs at run time, is presented and it is shown that safe and unsafe integer operations in C can be captured by well-known sub-typing theory.
Mantis: A Fast, Small, and Exact Large-Scale Sequence-Search Index
TLDR
Mantis is a space-efficient data structure that can be used to index thousands of rawread experiments and facilitate large-scale sequence searches on those experiments, enabling rapid index builds and queries, small indexes, and exact results, i.e., no false positives or negatives.
BetrFS: A Right-Optimized Write-Optimized File System
TLDR
The Be-tree File System, or BetrFS, (pronounced "better eff ess") is the first in-kernel file system to use a write-optimized index, and requires additional data-structure tuning to match current general-purpose file systems on some operations such as deleting, directory renames, and large sequential writes.
...
...