Apply
My Apply
My Apply

Benjamin Mixon-Baca

Fellow

Information Controls Fellow

benbacapicture.jpeg

Ben Mixon-Baca is an ICFP fellow with the Censored Planet team at the University of Michigan, a PhD candidate at Arizona State University, and co-founder of BreakpointingBad.

Ben’s recent work focused on reverse engineering and tool development using Panda-re where he discovered a vulnerability in VPN software. The current project, “Automatically Identifying Applications with Poor Transport Security” is focused on identifying applications that use poor or no encryption in the transport layer.

While Transport Layer Security (TLS) 1.3 is now enabled by default in popular browsers and 81% of network traffic is encrypted according to Mozilla telemetry, this project focuses on the remaining 19% of unencrypted traffic and aims to identify applications with poor or no transport layer security via monitoring at an Internet gateway. Ben hypothesizes that transport layer security weaknesses are both common among, and dangerous to, at-risk users in particular. The project also aims to identify the distribution of applications with poor transport security to characterize geographic regions that are most affected by poor transport security. Performing this analysis presents novel ethical and technical challenges because while it may be easy to spot no encryption, it is not trivial to ethically analyze the unencrypted data which may contain sensitive information such as user names, passwords, social security numbers, etc.

Ben has looked into several techniques for addressing these challenges. One particularly interesting technique, called content sifting, was originally designed to identify worm traffic automatically. Content sifting works by extracting substrings common to many flows in the traffic. Because the identified substrings are common to a large number of unique IP addresses they are, by definition, not personally identifiable information. Because these substrings are not not unique, they cannot be linked to any one person or machine. This technique has the potential to address both technical issues of scalability and ethical issues of collecting and analyzing unencrypted traffic. Content sifting and related techniques have not been applied to privacy preserving network analytics or data leak detection and their performance in this context is an open question that needs to be answered before deploying these techniques at larger scales.

The project will address this question by building a tool in Zeek network monitoring system that can be easily deployed to an ISP or other large network vantage point. This tool will generate statistics about poor transport security, as well as information broken down across regions. Ben will explore content sifting and other related techniques to determine which among them most effectively identifies poor transport security. The end goal is a tool written in Zeek that can be easily deployed to an ISP or other large network vantage point. This tool will generate statistics about poor transport security, as well as information broken down across regions. Ben was previously carried out a seasonal fellowship with OTF in 2015.

Funding to date

2021 $70,000 12 months
Information Controls Fellowship

Total Funding: $70,000

benbacapicture.jpeg

Your cookie settings

This website deploys cookies for basic functionality and to keep it secure. These cookies are strictly necessary. Optional analysis cookies which provide us with statistical information about the use of the website may also be deployed, but only with your consent. Please review our Privacy & Data Policy for more information.