Call for Master's Students 2020/21
MSc Proposal 2020-21 / CA3
Title
Traceless Execution Support for Censorship-Resistant Tools
Advisor
Nuno Santos
Objectives
Many states all over the world implement censorship mechanisms that prevent free access to information through the outright impairment or blockage of Internet communications. In our research team, we have built a tool, named Protozoa, which allows Internet users located in censored regions to piggyback on WebRTC-enabled streaming applications, such as Whereby.com, in order to establish covert tunnels that can circumvent said mechanisms. In addition to our system, there are currently a number of other tools for enabling censorship-resistant and anonymization Internet communications. Although the existing tools have different functionalities and properties, they all share a common drawback: the fact that they require the execution of software that leaves traces on the user's computer. If a user is forced to let a state-mandated agent physically inspect his device, these traces may reveal attempts to access prohibited content, and the user be severely penalized by the state. This limitation is a major deterring factor for the widespread adoption of privacy-enabling tools (PETs), including ours.
The goal of this thesis is to design and implement Calypso, a framework for the development and deployment of PETs that can be used for short term usage sessions -- private sessions -- while minimizing the digital traces of execution left on the users' devices. Specifically, the idea is to develop an "anti-forensic shell", i.e., a packaging and an execution runtime where the PET's software is enclosed. This shell will ensure that all operations that require the interaction with the operating system (e.g., accessing the file system or the network) will be treated in such a way as to prevent permanent changes in the system that could be detected by the usage of state-of-the-art forensic tools after the termination of a private session. To achieve this end, this work will be done in two stages: i) study the digital traces left by representative PET software (e.g., TOR), and ii) develop a framework for mitigating these traces. One particular hypothesis that will be explored in ii) will be to leverage the browser as a platform for the deployment of the PET tool, and the usage of WebAssembly for encapsulating the PET software and execution environment. We expect this work to make original scientific contributions. The resulting system will be released as an open source project. If you like forensics and distributed security systems, this is the right topic for you.
Requirements (e.g., grades, concluded courses)
This topic is already reserved for a concrete student.
Location
IST-Alameda (INESC-ID)
Observations
For more information about this project, please visit: https://www.gsd.inesc-id.pt/~nsantos/msc-topics/msc-topics-CA.html. This work will be performed in collaboration with Diogo Barradas, a PhD student with expertise in traffic analysis, censorship resistance systems, and machine learning.