References of "Panchenko, Andriy 50002806"
     in
Bookmark and Share    
Full Text
Peer Reviewed
See detailAnalysis of Fingerprinting Techniques for Tor Hidden Services
Panchenko, Andriy UL; Mitseva, Asya UL; Henze, Martin et al

in Proceedings of the 24th ACM Computer and Communications Security (ACM CCS) 16th Workshop on Privacy in the Electronic Society (ACM WPES 2017) (2017, October 31)

Detailed reference viewed: 24 (2 UL)
Full Text
Peer Reviewed
See detailPOSTER: Fingerprinting Tor Hidden Services
Mitseva, Asya UL; Panchenko, Andriy UL; Lanze, Fabian et al

Poster (2016, October)

Detailed reference viewed: 157 (25 UL)
Full Text
Peer Reviewed
See detailWebsite Fingerprinting at Internet Scale
Panchenko, Andriy UL; Lanze, Fabian UL; Zinnen, Andreas et al

in Proceedings of the 23rd Internet Society (ISOC) Network and Distributed System Security Symposium (NDSS 2016) (2016, February)

Detailed reference viewed: 224 (24 UL)
Full Text
Peer Reviewed
See detailOn the Impact of Cross-Layer Information Leakage on Anonymity in Crowds
Panchenko, Andriy UL

in Proceedings of the 11th ACM International Symposium on QoS and Security for Wireless and Mobile Networks (ACM Q2SWinet 2015) (2015, November)

Detailed reference viewed: 83 (11 UL)
Full Text
Peer Reviewed
See detailA study on ethical aspects and legal issues in e-learning
Östlund, Stefanie UL; Panchenko, Andriy UL; Engel, Thomas UL

in Proceedings of the 8th International Conference on E-Learning (e-Learning'15) (2015, September)

Detailed reference viewed: 123 (18 UL)
Full Text
Peer Reviewed
See detailA Formalization of Fingerprinting Techniques
Lanze, Fabian UL; Panchenko, Andriy UL; Engel, Thomas UL

in Proceedings of the IEEE International Symposium on Recent Advances of Trust, Security and Privacy in Computing and Communications (IEEE RATSP 2015), held in conjunction with IEEE TrustCom 2015 (2015, August)

Detailed reference viewed: 110 (12 UL)
Full Text
Peer Reviewed
See detailHacker’s Toolbox: Detecting Software-Based 802.11 Evil Twin Access Points
Lanze, Fabian UL; Panchenko, Andriy UL; Ponce-Alcaide, Ignacio et al

in Proceedings of the 12th Annual IEEE Consumer Communications & Networking Conference (CCNC 2015) (2015)

The usage of public Wi-Fi hotspots has become a common routine in our everyday life. They are ubiquitous and offer fast and budget-friendly connectivity for various client devices. However, they are ... [more ▼]

The usage of public Wi-Fi hotspots has become a common routine in our everyday life. They are ubiquitous and offer fast and budget-friendly connectivity for various client devices. However, they are exposed to a severe security threat: since 802.11 identifiers (SSID, BSSID) can be easily faked, an attacker can setup an evil twin, i.e., an access point (AP) that users are unable to distinguish from a legitimate one. Once a user connects to the evil twin, he inadvertently creates a playground for various attacks such as collection of sensitive data (e.g., credit card information, passwords) or man-in-the-middle attacks even on encrypted traffic. It is particularly alarming that this security flaw has led to the development of several tools that are freely available, easy to use and allow mounting the attack from commodity client devices such as laptops, smartphones or tablets without attracting attention. In this paper we provide a detailed overview of tools that have been developed (or can be misused) to set up evil twin APs. We inspect them thoroughly in order to identify characteristics that allow them to be distinguished from legitimate hardware-based access points. Our analysis has discovered three methods for detecting software-based APs. These exploit accuracy flaws due to emulation of hardware behavior or peculiarities of the client Wi-Fi hardware they operate on. Our evaluation with 60 hardware APs and a variety of tools on different platforms reveals enormous potential for reliable detection. Furthermore, our methods can be performed on typical client hardware within a short period of time without even connecting to a potentially untrustworthy access point. [less ▲]

Detailed reference viewed: 133 (3 UL)
Full Text
Peer Reviewed
See detailUndesired Relatives: Protection Mechanisms Against The Evil Twin Attack in IEEE 802.11
Lanze, Fabian UL; Panchenko, Andriy UL; Ponce-Alcaide, Ignacio et al

in Proceedings of the 10th ACM International Symposium on QoS and Security for Wireless and Mobile Networks (2014, September)

Commonly used identifiers for IEEE 802.11 access points (APs), such as network name (SSID), MAC (BSSID), or IP address can be trivially spoofed. Impersonating existing APs with faked ones to attract their ... [more ▼]

Commonly used identifiers for IEEE 802.11 access points (APs), such as network name (SSID), MAC (BSSID), or IP address can be trivially spoofed. Impersonating existing APs with faked ones to attract their traffic is referred to in the literature as the evil twin attack. It allows an attacker with little effort and expenditure to fake a genuine AP and intercept, collect, or alter (potentially even encrypted) data. Due to its severity, the topic has gained remarkable research interest in the past decade. In this paper, we introduce a differentiated attacker model to express the attack in all its facets. We propose a taxonomy for classifying and struc- turing countermeasures and apply it to existing approaches. We are the first to conduct a comprehensive survey in this domain to reveal the potential and the limits of state-of- the-art solutions. Our study discloses an important attack scenario which has not been addressed so far, i.e., the usage of specialized software to mount the attack. We propose and experimentally validate a novel method to detect evil twin APs operated by software within a few seconds. [less ▲]

Detailed reference viewed: 137 (7 UL)
Full Text
Peer Reviewed
See detailLetting the Puss in Boots Sweat: Detecting Fake Access Points using Dependency of Clock Skews on Temperature
Lanze, Fabian UL; Panchenko, Andriy UL; Braatz, Benjamin UL et al

in Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security (ASIACCS 2014) (2014)

Detailed reference viewed: 129 (14 UL)
Full Text
Peer Reviewed
See detailIntroducing SOR: SSH-based Onion Routing
Egners, Andre; Gatzen, Dominic; Panchenko, Andriy UL et al

in 26th IEEE International Conference on Advanced Information Networking and Applications (2012)

Detailed reference viewed: 50 (1 UL)
Full Text
Peer Reviewed
See detailClock Skew Based Remote Device Fingerprinting Demystified
Lanze, Fabian UL; Panchenko, Andriy UL; Braatz, Benjamin UL et al

in Proceedings of the 55th International IEEE Global Communications Conference (IEEE GLOBECOM 2012) (2012)

Detailed reference viewed: 90 (11 UL)
Full Text
Peer Reviewed
See detailImproving Performance and Anonymity in the Tor Network
Panchenko, Andriy UL; Lanze, Fabian UL; Engel, Thomas UL

in Abstract book of 31st IEEE International Performance Computing and Communications Conference (IEEE IPCCC 2012) (2012)

Detailed reference viewed: 81 (12 UL)
Full Text
Peer Reviewed
See detailWebsite Fingerprinting in Onion Routing Based Anonymization Networks
Panchenko, Andriy UL; Niessen, Lukas; Zinnen, Andreas UL et al

in 18th ACM Computer and Communications Security (ACM CCS) Workshop on Privacy in the Electronic Society (WPES) (2011)

Detailed reference viewed: 61 (0 UL)
Full Text
Peer Reviewed
See detailAnonymous Communication in the Digital World
Panchenko, Andriy UL

in Abstract book of 17th Conference on Communication in Distributed Systems (KiVS'11), Kiel, Germany (2011)

Detailed reference viewed: 43 (2 UL)
Full Text
Peer Reviewed
See detailPrivacy in Communications on the Internet
Panchenko, Andriy UL

in Praxis der Informationsverarbeitung und Kommunikation [=PIK] (2011), 34(2),

Detailed reference viewed: 104 (8 UL)
Peer Reviewed
See detailPrivacy Enhancing Techniques
Panchenko, Andriy UL

in Camenisch, Jan; Leeners, Ronald; Sommer, Dieter (Eds.) PRIME -- Privacy and Identity Management for Europe (2011)

Detailed reference viewed: 44 (0 UL)
Full Text
Peer Reviewed
See detailLightweight Hidden Services
Panchenko, Andriy UL; Spaniol, Otto; Egners, Andre et al

in 10th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom 2011) (2011)

Hidden services (HS) are mechanisms designed to provide network services while preserving anonymity for the identity of the server. Besides protecting the identity of the server, hidden services help to ... [more ▼]

Hidden services (HS) are mechanisms designed to provide network services while preserving anonymity for the identity of the server. Besides protecting the identity of the server, hidden services help to resist censorship, are resistant against distributed DoS attacks, and allow server functionality even if the service provider does not own a public IP address. Currently, only the Tor network offers this feature in full functionality. However, the HS concept in Tor is complex and provides poor performance. According to recent studies, average contact time for a hidden service is 24s which is far beyond what an average user is willing to wait. In this paper we introduce a novel approach for hidden services that achieves similar functionality as HS in Tor but does so in a simple and lightweight way with the goal to improve performance and usability. Additionally, contrary to Tor, in our approach clients are not required to install any specific software for accessing hidden services. This increases usability of our approach. Simplicity makes our approach easier to understand for normal users, eases protocol reviews, and increases chances of having several implementations of the protocol available. Moreover, simpler solutions are easier to analyze and they are naturally less prone to implementation failures rather than complex protocols. In this paper, we describe our approach and provide performance as well as anonymity analysis of resulting properties of the protocol. [less ▲]

Detailed reference viewed: 45 (0 UL)
Full Text
Peer Reviewed
See detailComparison of Low-Latency Anonymous Communication Systems - Practical Usage and Performance
Ries, Thorsten UL; Panchenko, Andriy UL; State, Radu UL et al

in Ninth Australasian Information Security Conference (2011)

The most popular system for providing practical low-latency anonymity on the Internet is Tor. However, many other tools besides Tor exist as both free and commercial solutions. In this paper, we consider ... [more ▼]

The most popular system for providing practical low-latency anonymity on the Internet is Tor. However, many other tools besides Tor exist as both free and commercial solutions. In this paper, we consider five most popular low-latency anonymisation services that represent the current state of the art: single-hop proxies (Perfect Privacy and free proxies) and Onion Routing based solutions (Tor, I2P, and Jon-Donym). We assess their usability and rank them in regard to their anonymity. We also assess their efficiency and reliability. To this end, we define a set of metrics and present extensive measurements based on round-trip time, inter-packet delay variation and throughput. Apart from the technical realization, economic aspects are also crucial for anonymous communication systems. In order to attract more users, which is mandatory in order to improve anonymity per se, systems need to exhibit a certain payoff. We therefore define an economic model that takes all relevant aspects into consideration. In this paper, we describe the results obtained, lessons learned, and provide guidance for selecting the most appropriate system with respect to a set of requirements. [less ▲]

Detailed reference viewed: 252 (3 UL)