Sorry, that's missing the ref [2] which was: [2] http://scholar.google.es/scholar?q=dns+re-identification+&btnG=&hl=es&as_sdt=0%2C5#
(And for fun - the DNS name in that URL gives away the location to which I'm currently travelling - did we capture that too?:-) S On 27/02/15 11:53, Stephen Farrell wrote: > > Hiya, > > On 27/02/15 11:27, Stephane Bortzmeyer wrote: >> I assume you know draft-iab-privsec-confidentiality-threat, currently >> under review. In its -03 version, there are a lot of mentions of >> "inference", inference being defined as "information extracted from >> analysis of [raw information]". Isn't it sufficient, for >> draft-ietf-dprive-problem-statement, to mention the importance of >> inference and to add a reference to >> draft-iab-privsec-confidentiality-threat? > > I'd argue that a specific mention here would be warranted, even > if that's partly redundant with the IAB document. > > But hey it's fair for you to ask for text too, so I had a quick > look and found [1] which seems fairly on the money. (Via [2] which > may have even better refs.) How's about adding something like: > > " > 2.6 Re-identification > > Re-identification of a user via DNS queries is also a potential > threat. If the adversary knows a user's identity and can watch > their DNS queries for a period, then that same adversary may be > able to re-identify the user solely based on their pattern of > DNS queries later on regardless of the location from which > the user makes those queries. For example, one study [1] found > that such re-identification is possible so that > > "73.1% of all day-to-day links were correctly established, i.e. > user u was either re-identified unambiguously (1) or the > classifier correctly reported that u was not present on day > t+1 any more (2)" > > While that study related to web browsing behaviour, equally > characteristic patterns may be produced even in machine-to-machine > communications or without a user taking specific actions, e.g. at > reboot time if a characteristic set of services are accessed by > the device. > > The IAB privacy and security programme also have a work in progress > [draft-iab-privsec-confidentiality-threat] that considers such > inference based attacks in a more general framework. > " > > S. > > [1] Herrmann, D., Gerber, C., Banse, C., & Federrath, H. (2012). > Analyzing characteristic host access patterns for re-identification of > web user sessions. In Information Security Technology for Applications > (pp. 136-154). Springer Berlin Heidelberg. > http://epub.uni-regensburg.de/21103/1/Paper_PUL_nordsec_published.pdf > > > > _______________________________________________ > dns-privacy mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dns-privacy > > _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
