Dr.-Ing. Max Maass

Security, Privacy, and Humans

Contact Information

Pankratiusstraße 2
64289 Darmstadt
mmaass@seemoo.tu-darmstadt.de
Homepage

Biography

Max Maass is a doctoral researcher at the Secure Mobile Networking Lab. His research interests include the detection of security and privacy issues, and how system operators can be motivated to remediate them.

Offered Theses Topics

Type

Year

No results match your search criteria.

2020 Completed

Applicability of IoT Security Frameworks as Guidelines for Penetration Testing

Supervisor: Jiska Classen Max Maass

2019 Completed

Communicating Privacy and Security issues

Supervisor: Max Maass

2019 Completed

Detecting Extension Abuse in the Wild

Supervisor: Max Maass

2019 Completed

PrivacyMail – Analyzing the Email Tracking Ecosystem

Supervisor: Max Maass

2019 Completed

PrivacyGraph – A Holistic View of the Online Tracking Ecosystem

Supervisor: Max Maass

2019 Completed

Applicability of Penetration Testing Guides for the Internet of Things

Supervisor: Max Maass

2019 Completed

Smart Home Security

Supervisor: Max Maass

2019 Completed

Analyzing Email Privacy

Supervisor: Max Maass

2019 Completed

Inferring Keystrokes from Myo Armband Electromyographic and Inertial Measurement Unit Data

Supervisor: Max Maass

Mobile devices, such as phones and wearables, include an increasing variety of more and more accurate sensors, only part of which the users can control to a certain extent to protect their privacy. In the meantime, mostly with respect to the accelerometer and gyroscope sensors of smartwatches, various keylogging side-channel attacks have been described in literature, demonstrating that sensitive information like passwords can be inferred from the data recorded by these sensors. In this thesis, we take a closer look at the Myo armband, a wearable device worn on the upper part of the forearm containing an accelerometer, a gyroscope, a magnetometer and eight electromyographic (EMG) sensors for measuring muscle activity. In particular, we investigate whether the EMG data supports the recognition of finger movements sufficiently to detect new keystrokes of the same person or of previously unseen typists. We create a dataset based on both keystroke and sensor data collected from 27 volunteers wearing two Myo armbands while typing on a physical keyboard. In order to detect keystrokes based on this data, we apply supervised learning approaches utilizing a random forest, a convolutional neural network (CNN) adaptation of WaveNet and a convolutional recurrent neural network (CRNN). We estimate the predictive performance, achieving a mean f1 score of 0.75 for the CRNN in the within-subject scope and an f1 score of about 0.61 for the between-subject scope, independent of the chosen model. These estimates are validated in a proof of concept, achieving a mean f1 score of 0.64 for the CRNN in the within-subject scope and a mean f1 score of 0.65 for the WaveNet adaptation on an unseen person in the between-subject scope.

2018 Completed

Performance Comparision of Packet Schemes for Mutually Hidden Messages

Supervisor: Max Maass

2018 Completed

Analyzing Vulnerability and Privacy Data from the PrivacyScore platform

Supervisor: Max Maass

Motivation Every day new cyber security vulnerabilities are discovered and reported, which indicate weak security standards adapted by websites. The main aim of a hacker is to steal sensitive information by exploiting these vulnerabilities. The information and data compromised can be very costly and damaging for an organization. Hence, due to ever evolving tactics of the hackers and the changing cyber threat landscape, it is very important for an organization to be aware of the security vulnerabilities. Until now, most of the work which is done allows to discover the vulnerabilities in web applications and anticipate the vulnerabilities exploits. Different techniques are used in this regard, including machine learning, evaluating inter-module relationships, and application of data analytics. All of these approaches have a common goal, which is to discover existing and new vulnerabilities and predict them for future. Some solutions consider evaluating the application code by performing static or dynamic analysis and finding vulnerabilities. However, a very critical question in this whole scenario arises, as to what we can do after a vulnerability is discovered? How to find similar vulnerabilities in the system and share this information with others for proactive resolution of the vulnerabilities? In this regard, data analysis of security vulnerabilities can provide a wealth of information. It can provide efficient vulnerability assessment by analyzing the existing vulnerability data

2018 Completed

Privacy als Wettbewerbsfaktor? Analyse der Reaktionen von Unternehmen auf Privacy-Score-Bewertungen

Supervisor: Max Maass

2018 Completed

Testing the Efficacy of Vulnerability Disclosure over different Channels

Supervisor: Max Maass

2018 Completed

Analysing and Evaluating Interface, Communication, and Web Security in Productive IoT Ecosystems

Supervisor: Jiska Classen Max Maass

2017 Completed

OAuth 2.0 for IoT: IPsec channel establishment and authorized resource access in the IoT

Supervisor: Max Maass

To secure the Internet of Things (IoT) while keeping its interoperability with today’s Internet is crucial to unleash the full potential of the IoT. Authentication and Authorization are fundamental guarantees to enable further security and operational challenges. To fulfill these guarantees in complex and diverse scenarios, we propose a solution based on the Authentication and Authorization for Constrained Environments (ACE) Framework, a token-based authorization, and authorization. Our solution, the IPsec profile for ACE, builds on the IPsec protocol suite and the Internet Engineering Task Force (IETF) IoT stack to provide network layer security and IPsec channel establishment based on token provisioning for constrained devices. The Direct Provisioning (DP) of Security Association (SA), symmetric-based authenticated establishment (Internet Key Exchange Protocol version 2 (IKEv2) in Pre-Shared Key (PSK) mode), and asymmetric key-based authenticated establishment (IKEv2 in Certificate-based Public Key (CPK) mode) are specified as ways to establish SAs, i.e., IPsec channels. We provide an implementation for Contiki, an Operating System (OS) for constrained devices such as the Zolertia Firefly. Furthermore, we evaluate our protocol design providing an lower bound for the performance of the profile. The evaluation includes network latency and processing time, energy consumption, memory footprint and packet sizes for the different SA establishment methods. The results provide a benchmark for the different protocol steps as well as aggregated measures for each of the evaluated setups. Our evaluation showed that the DP establishment has the smallest memory footprint and ACE packet size, and at the same time the highest performance. In the other hand, the authenticated establishment featuring IKEv2 in CPK mode, shows the largest memory footprint and packet size, together with the lowest performance of the three SA establishment methods. The trade-off regarding Random Access Memory (RAM) and Read-Only Memory (ROM) footprint, power consumption and network latency and processing time and security guarantees are also described.

2017 Completed

Design, Implementation and Evaluation of Realistic Scenarios and Movement Models for Natural Disasters Using Simulations for Delay Tolerant Networks

Supervisor: Milan Stute Max Maass

Description Seeing the continuous increase in natural disasters around the world, many people are contemplating how to contribute helping those in need. Among them are several computer scientists who fulfil their share by developing technology which enables fast and reliable communication in disaster areas. We were inspired by their work and thus wanted to further improve the state-of-the-art. DTN is a specific technology which can be used for the creation of alternative networks in disaster areas, where conventional ones are unavailable due to the inevitable destructions implied by the disaster. Given that such technology is usually evaluated within network simulators we exclusively focus on improving the state-of-the-art of movement models and scenarios utilized within such simulators. The very random driven, and thus not realistic, state-of-the-art is improved by our contribution in the form of a fully designed, implemented, and evaluated realistic natural disaster movement model with underlying scenarios. The results of our evaluation indicate that previously published results might be too optimistic. Thus, further approximations to reality are inevitable for more accurate simulation of DTN, in the goal to ultimately obtain better and more realistic results.

Publications

Type

Year

Show awards only

No results match your search criteria.

2021 Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies Article

My(o) Armband Leaks Passwords: An EMG and IMU Based Keylogging Side-Channel Attack

Matthias Gazzari Annemarie Mattmann Max Maass Matthias Hollick

BibTeX DOI: 10.1145/3494986

Abstract

Wearables that constantly collect various sensor data of their users increase the chances for inferences of unintentional and sensitive information such as passwords typed on a physical keyboard. We take a thorough look at the potential of using electromyographic (EMG) data, a sensor modality which is new to the market but has lately gained attention in the context of wearables for augmented reality (AR), for a keylogging side-channel attack. Our approach is based on neural networks for a between-subject attack in a realistic scenario using the Myo Armband to collect the sensor data. In our approach, the EMG data has proven to be the most prominent source of information compared to the accelerometer and gyroscope, increasing the keystroke detection performance. For our end-to-end approach on raw data, we report a mean balanced accuracy of about 76 % for the keystroke detection and a mean top-3 key accuracy of about 32 % on 52 classes for the key identification on passwords of varying strengths. We have created an extensive dataset including more than 310 000 keystrokes recorded from 37 volunteers, which is available as open access along with the source code used to create the given results.

2021 ARES 2021: The 16th International Conference on Availability, Reliability and Security Conference

Best Practices for Notification Studies for Security and Privacy Issues on the Internet

Max Maass Henning Pridöhl Dominik Herrmann Matthias Hollick

BibTeX DOI: 10.1145/3465481.3470081

Abstract

Researchers help operators of vulnerable and non-compliant internet services by individually notifying them about security and privacy issues uncovered in their research. To improve efficiency and effectiveness of such efforts, dedicated notification studies are imperative. As of today, there is no comprehensive documentation of pitfalls and best practices for conducting such notification studies, which limits validity of results and impedes reproducibility. Drawing on our experience with such studies and guidance from related work, we present a set of guidelines and practical recommendations, including initial data collection, sending of notifications, interacting with the recipients, and publishing the results. We note that future studies can especially benefit from extensive planning and automation of crucial processes, i. e., activities that take place well before the first notifications are sent.

2021 ARES 2021: The 16th International Conference on Availability, Reliability and Security Conference

Snail Mail Beats Email Any Day: On Effective Operator Security Notifications in the Internet

Max Maass Marc-Pascal Clement Matthias Hollick

BibTeX DOI: 10.1145/3465481.3465743

Abstract

In the era of large-scale internet scanning, misconfigured websites are a frequent cause of data leaks and security incidents. Previous research has investigated sending automated email notifications to operators of insecure or compromised websites, but has often met with limited success due to challenges in address data quality, spam filtering, and operator distrust and disinterest. While several studies have investigated the design and phrasing of notification emails in a bid to increase their effectiveness, the use of other contact channels has remained almost completely unexplored due to the required effort and cost. In this paper, we investigate two methods to increase notification success: the use of letters as an alternative delivery medium, and the description of attack scenarios to incentivize remediation. We evaluate these factors as part of a notification campaign utilizing manually-collected address information from 1359 German website operators and focusing on unintentional information leaks from web servers. We find that manually collected addresses lead to large increases in delivery rates compared to previous work, and letters were markedly more effective than emails, increasing remediation rates by up to 25 percentage points. Counterintuitively, providing detailed descriptions of possible attacks can actually decrease remediation rates, highlighting the need for more research into how notifications are perceived by recipients.

2021 Technische Universität Darmstadt Darmstadt PhD thesis

Improving Online Privacy and Security Through Crowdsourced Transparency Platforms and Operator Notifications

Max Jakob Maass

PDF BibTeX DOI: 10.26083/tuprints-00019190

Abstract

Modern life relies on the internet for everything from communicating and shopping to banking and seeking medical advice. However, this growth of internet-based services also leads to a higher risk of security and privacy issues. Finding and remediating these issues is an important challenge which cannot be addressed through purely technical means, as legal, economic, and psychological factors can also play a role in how these issues are created and resolved. This dissertation approaches this challenge from two sides: we discuss how to collect data and detect issues in the web and email ecosystems, and how the operators of affected systems can be convinced to address them. Today, efforts to understand internet ecosystems frequently rely on automated large-scale scans. These can efficiently investigate large numbers of systems, but cannot access some ecosystems that require manual actions (e.g., signing up for a newsletter or account). To gather research data and gain access to new ecosystems, we propose and develop two public transparency platforms for use by internet users which collect information about security and privacy issues in the web and email ecosystems using a crowdsourcing approach. We consult with legal experts to ensure the adherence of our platforms to the relevant legislation. Over the 4 years of operation the platforms collected over 3 million scan results, which can serve as a basis for future research. Our platforms also revealed a number of privacy, security and compliance issues, which should be addressed by the operators of the affected systems. Past research has shown that notifying operators about issues and convincing them to make changes is a challenging problem and frequently results in unsatisfactory remediation rates. We thus investigate the factors influencing the success of large-scale notification campaigns. For this purpose, we conduct three notification studies that evaluate different methods to incentivize system operators to address the issues, like inducing a competitive pressure (leveraging our existing public platform), highlighting the security threat an issue poses, or informing the operators that their systems are not compliant with relevant legislation. We also evaluate the choice of the message medium and the sender as factors in the success of a notification campaign. We collaborate with researchers from economics, law, and psychology to gain additional insights into the behavior of organizations and individual operators. Finally, we derive organizational and methodological recommendations for future notification campaigns based on our experience.

2020 International Journal of Disaster Risk Reduction Article

Empirical insights for designing Information and Communication Technology for International Disaster Response

Milan Stute Max Maass Tom Schons Marc-André Kaufhold Christian Reuter Matthias Hollick

BibTeX DOI: 10.1016/j.ijdrr.2020.101598

Abstract

Due to the increase in natural disasters in the past years, Disaster Response Organizations (DROs) are faced with the challenge of coping with more and larger operations. Currently appointed Information and Communications Technology (ICT) used for coordination and communication is sometimes outdated and does not scale, while novel technologies have the potential to greatly improve disaster response efficiency. To allow adoption of these novel technologies, ICT system designers have to take into account the particular needs of DROs and characteristics of International Disaster Response (IDR). This work attempts to bring the humanitarian and ICT communities closer together. In this work, we analyze IDR-related documents and conduct expert interviews. Using open coding, we extract empirical insights and translate the peculiarities of DRO coordination and operation into tangible ICT design requirements. This information is based on interviews with active IDR staff as well as DRO guidelines and reports. Ultimately, the goal of this paper is to serve as a reference for future ICT research endeavors to support and increase the efficiency of IDR operations.

2019 GetMobile: Mobile Computing and Communications Article

Zero-Interaction Security - Towards Sound Experimental Validation

Mikhail Fomichev Max Maass Matthias Hollick

PDF BibTeX DOI: 10.1145/3372300.3372304

Abstract

Reproducibility and realistic datasets are crucial for advancing research. Unfortunately, they are often neglected as valid scientific contributions in many young disciplines, with computer science being no exception. In this article, we show the challenges encountered when reproducing the work of others, collecting realistic data in the wild, and ensuring that our own work is reproducible in turn. The presented findings are based on our study investigating the limits of zero-interaction security (ZIS)- a novel concept, leveraging sensor data collected by Internet of Things (IoT) devices to pair or authenticate devices. In particular, we share our experiences in reproducing five state-of-the-art ZIS schemes, collecting a comprehensive dataset of sensor data from the real world, evaluating these schemes on the collected data, and releasing the data, code, and documentation to facilitate reproducibility of our results.

2019 Wirtschaftsinformatik 2019 Conference

On the Difficulties of Incentivizing Online Privacy through Transparency: A Qualitative Survey of the German Health Insurance Market

Max Maass Nicolas Walter Dominik Herrmann Matthias Hollick

BibTeX

Abstract

Today, online privacy is the domain of regulatory measures and privacy-enhancing technologies. Transparency in the form of external and public assessments has been proposed for improving privacy and security because it exposes otherwise hidden deficiencies. Previous work has studied privacy attitudes and behavior of consumers. However, little is known on how organizations react to measures that employ public "naming and shaming" as an incentive for improvement. We performed the first study on this aspect by conducting a qualitative survey with 152 German health insurers. We scanned their websites with PrivacyScore.org to generate a public ranking and confronted the insurers with the results. We obtained a response rate of 27%. Responses ranged from positive feedback to legal threats. Only 12% of the sites - mostly non-responders - improved during our study. Our results show that insurers struggle due to unawareness, reluctance, and incapability, and demonstrate the general difficulties of transparency-based approaches.

2019 7th Annual Privacy Forum (APF 2019) Conference

Towards Transparency in Email Tracking

Max Maass Stephan Schwär Matthias Hollick

BibTeX DOI: 10.1007/978-3-030-21752-5_2

Abstract

Tracking technologies have become ubiquitous, not only on websites but also in email messages. However, while protection and transparency tools exist for the web, no such tools exist for email messages, thus obscuring privacy violations. We introduce the PrivacyMail platform to assist with the automated analysis of email messages. The platform automatically analyzes commercial mailing lists, making it easier to detect different forms of tracking. Our platform introduces transparency about the practices of companies, and serves as a tool for regulators, data protection professionals and consumers alike. Our preliminary results show widespread email tracking, where opening an email can result in information being sent to up to 13 third parties, in some cases disclosing the users' email address in the process.

2019 Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies (IMWUT) Article

Perils of Zero-Interaction Security in the Internet of Things

Mikhail Fomichev Max Maass Lars Almon Alejandro Molina Matthias Hollick

BibTeX DOI: 10.1145/3314397

Abstract

The Internet of Things (IoT) demands authentication systems which can provide both security and usability. Recent research utilizes the rich sensing capabilities of smart devices to build security schemes operating without human interaction, such as zero-interaction pairing (ZIP) and zero-interaction authentication (ZIA). Prior work proposed a number of ZIP and ZIA schemes and reported promising results. However, those schemes were often evaluated under conditions which do not reflect realistic IoT scenarios. In addition, drawing any comparison among the existing schemes is impossible due to the lack of a common public dataset and unavailability of scheme implementations. In this paper, we address these challenges by conducting the first large-scale comparative study of ZIP and ZIA schemes, carried out under realistic conditions. We collect and release the most comprehensive dataset in the domain to date, containing over 4250 hours of audio recordings and 1 billion sensor readings from three different scenarios, and evaluate five state-of-the-art schemes based on these data. Our study reveals that the effectiveness of the existing proposals is highly dependent on the scenario they are used in. In particular, we show that these schemes are subject to error rates between 0.6% and 52.8%.

2018 6th IEEE Conference on Communications and Network Security (CNS 2018) Conference

ACE of Spades in the IoT Security Game: A Flexible IPsec Security Profile for Access Control

Santiago Aragon Marco Tiloca Max Maass Matthias Hollick Shahid Raza

BibTeX DOI: 10.1109/CNS.2018.8433209

Abstract

The Authentication and Authorization for Constrained Environments (ACE) framework provides fine-grained access control in the Internet of Things, where devices are resource-constrained and with limited connectivity. The ACE framework defines separate profiles to specify how exactly entities interact and what security and communication protocols to use. This paper presents the novel ACE IPsec profile, which specifies how a client establishes a secure IPsec channel with a resource server, contextually using the ACE framework to enforce authorized access to remote resources. The profile makes it possible to establish IPsec Security Associations, either through their direct provisioning or through the standard IKEv2 protocol. We provide the first Open Source implementation of the ACE IPsec profile for the Contiki OS and test it on the resource-constrained Zolertia Firefly platform. Our experimental performance evaluation confirms that the IPsec profile and its operating modes are affordable and deployable also on constrained IoT platforms.

2017 MetaRheinMainChaosDays - Bundesdatenschau (MRMCD 2017) Conference

Web-Privacy: Lustwandeln im Trackergarten

Max Maass

PDF BibTeX

2017 Jahrestagung der Gesellschaft für Informatik (INFORMATIK 2017) Conference

PrivacyScore: Analyse von Webseiten auf Sicherheits- und Privatheitsprobleme - Konzept und rechtliche Zulässigkeit

Max Maass Anne Laubach Dominik Herrmann

BibTeX DOI: 10.18420/in2017_107

Abstract

PrivacyScore ist ein öffentliches Web-Portal, mit dem automatisiert überprüft werden kann, ob Webseiten gängige Mechanismen zum Schutz von Sicherheit und Privatheit korrekt implementieren. Im Gegensatz zu existierenden Diensten ermöglicht PrivacyScore, mehrere Webseiten in Benchmarks miteinander zu vergleichen, die Ergebnisse differenziert und im Zeitverlauf zu analysieren sowie nutzerdefinierte Kriterien für die Auswertung zu definieren. PrivacyScore verbessert dadurch nicht nur die Transparenz für Endanwender, sondern erleichtert auch die Arbeit der Datenschutz-Aufsichtsbehörden. In diesem Beitrag stellen wir das Konzept des Dienstes vor und wir erörtern, unter welchen Umständen das automatische Scannen und öffentliche „Anprangern“ von Schwächen aus rechtlicher Sicht zulässig ist.

2017 5th Annual Privacy Forum (APF 2017) Conference

PrivacyScore: Improving Privacy and Security via Crowd-Sourced Benchmarks of Websites

Max Maass Pascal Wichmann Henning Pridöhl Dominik Herrmann

BibTeX DOI: 10.1007/978-3-319-67280-9_10

Abstract

Website owners make conscious and unconscious decisions that affect their users, potentially exposing them to privacy and security risks in the process. In this paper we introduce PrivacyScore, an automated website scanning portal that allows anyone to benchmark security and privacy features of multiple websites. In contrast to existing projects, the checks implemented in PrivacyScore cover a wider range of potential privacy and security issues. Furthermore, users can control the ranking and analysis methodology. Therefore, PrivacyScore can also be used by data protection authorities to perform regularly scheduled compliance checks. In the long term we hope that the transparency resulting from the published benchmarks creates an incentive for website owners to improve their sites. We plan to announce the public availability of a first version of PrivacyScore at the Annual Privacy Forum in June 2017

2017 20th ACM International Conference on Modeling, Analysis and Simulation of Wireless and Mobile Systems Conference

Reverse Engineering Human Mobility in Large-scale Natural Disasters

Milan Stute Max Maass Tom Schons Matthias Hollick

BibTeX DOI: 10.1145/3127540.3127542

Abstract

Delay/Disruption-Tolerant Networks (DTNs) have been around for more than a decade and have especially been proposed to be used in scenarios where communication infrastructure is unavailable. In such scenarios, DTNs can offer a best-effort communication service by exploiting user mobility. Natural disasters are an important application scenario for DTNs when the cellular network is destroyed by natural forces. To assess the performance of such networks before deployment, we require appropriate knowledge of human mobility. In this paper, we address this problem by designing, implementing, and evaluating a novel mobility model for large-scale natural disasters. Due to the lack of GPS traces, we reverse-engineer human mobility of past natural disasters (focusing on 2010 Haiti earthquake and 2013 Typhoon Haiyan) by leveraging knowledge of 126 experts from 71 Disaster Response Organizations (DROs). By means of simulation-based experiments, we compare and contrast our mobility model to other well-known models, and evaluate their impact on DTN performance. Finally, we make our source code available to the public.

2016 Technische Universität Darmstadt Darmstadt Master's thesis

A System for Privacy-Preserving Mobile Health and Fitness Data Sharing: Design, Implementation and Evaluation

Max Maass

PDF BibTeX

Abstract

The growing spread of smartphones and other mobile devices has given rise to a number of health and fitness applications. Users can track their calorie intake, get reminders to take their medication, and track their fitness workouts. Many of these services have social components, allowing users to find like-minded peers, compete with their friends, or participate in open challenges. However, the prevalent service model forces users to disclose all of their data to the service provider. This may include sensitive information, like their current position or medical conditions. In this thesis, we will design, implement and evaluate a privacy-preserving fitness data sharing system. The system provides privacy not only towards other users, but also against the service provider, does not require any Trusted Third Parties (TTPs), and is backed by strong cryptography. Additionally, it hides the communication metadata (i.e. who is sharing data with whom). We evaluate the security of the system with empirical and formal methods, including formal proofs for parts of the system. We also investigate the performance with empirical data and a simulation of a large-scale deployment. Our results show that the system can provide strong privacy guarantees. However, it incurs a significant networking overhead for large deployments.

2015 ACM WiSec'15 Conference

NFCGate - An NFC Relay Application for Android

Max Jakob Maaß Uwe Müller Tom Schons Daniel Wegemer Matthias Schulz

BibTeX DOI: 10.1145/2766498.2774984

Abstract

Near Field Communication (NFC) is a technology widely used for security-critical applications like access control or payment systems. Many of these systems rely on the security assumption that the card has to be in close proximity to communicate with the reader. We developed NFCGate, an Android application capable of relaying NFC communication between card and reader using two rooted but otherwise unmodified Android phones. This enables us to increase the distance between card and reader, eavesdrop on, and even modify the exchanged data. The application should work for any system built on top of ISO 14443-3 that is not hardened against relay attacks, and was successfully tested with a popular contactless card payment system and an electronic passport document.

2014 29th IFIP TC 11 International Conference, SEC 2014 Conference

Evaluating the Security of a DNS Query Obfuscation Scheme for Private Web Surfing

Dominik Herrmann Max Maass Hannes Federrath

BibTeX DOI: 10.1007/978-3-642-55415-5_17

Abstract

The Domain Name System (DNS) does not provide query privacy. Query obfuscation schemes have been proposed to overcome this limitation, but, so far, they have not been evaluated in a realistic setting. In this paper we evaluate the security of a random set range query scheme in a real-world web surfing scenario. We demonstrate that the scheme does not sufficiently obfuscate characteristic query patterns, which can be used by an adversary to determine the visited websites. We also illustrate how to thwart the attack and discuss practical challenges. Our results suggest that previously published evaluations of range queries may give a false sense of the attainable security, because they do not account for any interdependencies between queries.