I am currently working as a Postdoctoral researcher at COSIC, KU Leuven, in Belgium, with Dr. Claudia Diaz. I completed my PhD from IIIT Delhi, India with the thesis titled 'Building Performant, Privacy-enhancing and Blocking-resistant Communication Systems'
My research interests broadly lie in Security, Privacy, Systems and Networks.
July 2020
November 2020
Committee Members:
External: Prof. Angelos Keromytis (Georgia Tech, USA)
Internal: Dr. Arun Balaji Buduru (IIIT Delhi, India),
Dr. Vinayak Naik (BITS Pilani, Goa campus,India)
February 2021
Will be working with Prof. Claudia Diaz, who heads the Privacy Technologies team at COSIC.
February 2021
August 2021
Committee Members:
Externals: Dr. Amir Houmansadr (UMass, USA),
Dr. Michalis Polychronakis (Stony Brook, USA),
Prof. Kent Seamons (BYU, USA)
__________________________________
Received the doctoral dissertation award (similar to summa cum laude)
April 2022
August 2022
Decoy Routing, the use of routers (rather than end hosts) as proxies, shows great promise as an anti-censorship mechanism. To use a Decoy Router, the user sends specially crafted packets, apparently to an uncensored website. En route, the packets encounter the Decoy Router (beyond the network boundaries of the censor), which identifies them (using a covert cryptographic handshake), decrypts their content, and proxies them to their true destination. However, Decoy Routing requires routers able to perform complicated operations (detecting secret handshakes, decrypting packets, etc). This requirement is a major challenge: commercial routers are limited in flexibility, and existing Decoy Router implementations (on commodity servers) are unsuitable for carrier-grade deployments.
In this project we aim to build a practical Decoy Routing prototype, SiegeBreaker. SiegeBreaker is built on an SDN architecture, and divides the responsibilities for Decoy Routing among three entities – the SDN switch that simply forwards packets, the SDN controller that identifies the secret handshake, and a hidden proxy server to which the switch eventually forwards the clients’ request (at the controller’s behest), which then communicates to the censored site. In other words, neither does the switch/router perform any additional computations like identification of covert handshake packets, and nor does the proxy server deal with the cross-traffic (flows that do not require Decoy Routing).
Recent anti-censorhip systems have relied on a common blocking resistance strategy i.e., incurring collateral damage to the censoring regimes, if they attempt to restrict such systems. However, despite being promising, systems built on such strategies pose additional challenges, viz., deployment limitations, cost overheads, poor QoS etc. These challenges prevent their wide scale adoption.
Thus, we propose a new anti-censorship system, Camoufler, that overcomes aforementioned challenges, while still maintaining similar blocking resistance. Camoufler leverages Instant Messaging (IM) platforms to tunnel client's censored content. This content (encapsulated inside IM traffic) is transported to the Camoufler server (hosted in a free country), which proxies it to the censored website. However, the eavesdropping censor would still observe regular IM traffic being exchanged between the IM peers. Thus, utilizing IM channels as-is for transporting traffic provides unobservability, while also ensuring good QoS, due to its inherent properties such as low-latency message transports. Moreover, it does not pose new deployment challenges. Performance evaluation of Camoufler, implemented on five popular IM apps indicate that it provides sufficient QoS for web browsing. E.g., the median time to render the homepages of Alexa top-1k sites was recorded to be about 3.6s, when using Camoufler implemented over Signal IM application.
Anonymous VoIP calls over the Internet holds great significance for privacy-conscious users, whistle-blowers and political activists alike. Prior research deems popular anonymization systems like Tor unsuitable for providing the requisite performance guarantees that real-time applications like VoIP need. Their claims are backed by studies that may no longer be valid due to constant advancements in Tor. Moreover, we believe that these studies lacked the requisite diversity and comprehensiveness. Thus, conclusions from these studies, led them to propose novel and tailored solutions. However, no such system is available for immediate use. Additionally, operating such new systems would incur significant costs for recruiting users and volunteered relays, to provide the necessary anonymity guarantees.
It thus becomes an imperative that the exact performance of VoIP over Tor be quantified and analyzed, so that the potential performance bottlenecks can be amended. We thus conducted an extensive empirical study across various in-lab and real world scenarios to shed light on VoIP performance over Tor.
In this work we present a detailed study of the Internet censorship in India. We consolidated a list of potentially blocked websites from various public sources to assess censorship mechanisms used by nine major ISPs.
To begin with, we demonstrate that existing censorship detection tools such as OONI are inaccurate. We thus developed various techniques and heuristics to correctly assess censorship and study the underlying mechanism involved in these ISPs. At every step we corroborated our finding manually to test the efficacy of our approach, a step largely ignored by others. We fortify our findings by adjudging the coverage and consistency of censorship infrastructure, broadly in terms of average number of network paths and requested domains the infrastructure surveils.
Our results indicate a clear disparity among the ISPs, on how they install censorship infrastructure. For instance, in Idea network we observed the censorious middleboxes on over 90% of our tested intra-AS paths whereas for Vodafone, it is as low as 2.5%. We conclude our research by devising our own anti-censorship strategies, that does not depend on third party tools (like proxies, Tor and VPNs etc.). We managed to anti-censor all blocked websites in all ISPs under test.
National governments know the Internet as both a
blessing and a headache. On the one hand, it unlocks great
economic and strategic opportunity. On the other hand, government,
military, or emergency-services become vulnerable to
scans (Shodan), attacks (DDoS from botnets like Mirai), etc.,
when made accessible on the Internet.
How hard is it for a national government to effectively secure
its entire cyberspace? We approach this problem from the view
that a coordinated defense involves monitors and access control (firewalls etc.) to inspect traffic entering or leaving the country,
as well as internal traffic. In several case studies, we consistently
find a natural Line of Defense — a small number of Autonomous
Systems (ASes) that intercept most (> 95%) network paths in
the country. We conclude that in many countries, the structure
of the Internet actually makes it practical to build a nation-scale
cordon, to detect and filter cyber attacks.
No special actions required, all sites you make with Mobirise are mobile-friendly. You don't have to create a special mobile version of your site, it will adapt automagically.
No special actions required, all sites you make with Mobirise are mobile-friendly. You don't have to create a special mobile version of your site, it will adapt automagically.
Cut down the development time with drag-and-drop website builder. Drop the blocks into the page, edit content inline and publish - no technical skills required.
Cut down the development time with drag-and-drop website builder. Drop the blocks into the page, edit content inline and publish - no technical skills required.
Choose from the large selection pre-made blocks - full-screen intro, bootstrap carousel, slider, responsive image gallery with, parallax scrolling, sticky header and more.
Choose from the large selection pre-made blocks - full-screen intro, bootstrap carousel, slider, responsive image gallery with, parallax scrolling, sticky header and more.
Created with Mobirise website template