Jekyll2024-02-14T13:59:38+00:00https://adunna.me//Arun DunnaOfficial website for Arun DunnaAnalyzing China’s Blocking of Unpublished Tor Bridges2018-06-01T17:42:32+00:002018-06-01T17:42:32+00:00https://adunna.me/foci-2018-tor<p>Note that our packet captures are not included for privacy reasons. However, direct exports of filters applied to these captures are supplied in CSVs.</p>
<hr />
<p>The complete list of files is contained in <a href="https://adunna.me/projects/dist/foci-2018-tor/">this directory</a>, or available in a <a href="https://adunna.me/projects/dist/foci-2018-tor/files.zip">compressed ZIP file.</a></p>
<p>We include descriptions of each file:</p>
<hr />
<p><code class="highlighter-rouge">files.zip</code> Contains all included directories and files, compressed for download.</p>
<h2 id="code">Code</h2>
<p><code class="highlighter-rouge">Code/ping.py</code> This code creates processes to ping each IP found in the CSV containing public relay IPs. It prints each result. You can export this to a file through a pipe.</p>
<p><code class="highlighter-rouge">Code/plots.r</code> Plotting code used to create all <a href="https://adunna.me/projects/dist/foci-2018-tor/Plots/">plots</a> shown in our paper, as well as some unused ones.</p>
<h2 id="data">Data</h2>
<p><code class="highlighter-rouge">Data/analysis-only-SYN.csv</code> Formatted export of packet capture. It contains TCP packets, filtered to remove packets sent from our Chinese client to the relay. It also removes noise, or any other packets not sent from China to the US. So, it only contains SYN packets sent from Chinese scanners.</p>
<p><code class="highlighter-rouge">Data/analysis-with-streams.csv</code> Similar to the previous one, except that packets are not limited to those with the SYN flag, and the TCP stream index is included in the data for each packet.</p>
<p><code class="highlighter-rouge">Data/userstats-bridge-combined-cn-2012-01-01-2018-05-28.csv</code> Contains the number of Chinese Tor bridge users per protocol (default, meek, and obfs4) for each day from 01/01/2012 to 05/28/2018.</p>
<p><code class="highlighter-rouge">Data/userstats-relay-country-2011-01-01-cn-2018-05-29-off.csv</code> Contains the total number of Chinese Tor relay users per day from 01/01/2011 to 05/29/2018.</p>
<p><code class="highlighter-rouge">Data/PingResults.txt</code> Contains results from <code class="highlighter-rouge">Code/ping.py</code>, showing whether each pinged relay IP was up or down.</p>
<h2 id="plots">Plots</h2>
<p>All plots are generated using the exported capture results. You can therefore assume “packets” to mean packets contained in those results.</p>
<p><code class="highlighter-rouge">Plots/cdf_ttl.pdf</code> CDF of TTLs for packets.</p>
<p><code class="highlighter-rouge">Plots/china_tor_users.pdf</code> Double line plot showing the number of Tor users over time per meek and obfs4, through daily peaks.</p>
<p><code class="highlighter-rouge">Plots/ipid_ttl_time.pdf</code> A scatter plot with two axes for showing each packet’s IPID and TTL. This was to determine any IPID patterns.</p>
<p><code class="highlighter-rouge">Plots/probe_map.pdf</code> A map of China using <em>rworldmap</em>, meant to display the wide variety in geo-locations of scanner IPs.</p>
<p><code class="highlighter-rouge">Plots/scans_per_ip.pdf</code> Bar plot using <em>geom_histogram</em> with the stream-limited dataset described in <code class="highlighter-rouge">Code/plots.r</code>, to show the number of scans from each IP.</p>
<p><code class="highlighter-rouge">Plots/syn_count_dist.pdf</code> Density plot for the number of SYN packets seen from each IP.</p>
<p><code class="highlighter-rouge">Plots/syn_times.pdf</code> An experimental plot for showing which times SYN packets were received / not received. Each vertical blue line represents a received packet.</p>
<p><code class="highlighter-rouge">Plots/syn_times_2.pdf</code> A more readable version of the previous plot for showing times that SYN packets were received. This shows the number of packets received each hour through a line plot.</p>
<p><code class="highlighter-rouge">Plots/ttl_by_mss.pdf</code> TTLs for packets, categorized by MSS value in a bar plot.</p>
<h2 id="resources">Resources</h2>
<p><code class="highlighter-rouge">Resources/GeoLite2-City.mmdb</code> MaxMind GeoLite2 City database for geolocation.</p>
<p><code class="highlighter-rouge">Resources/PUBLIC_RELAYS_STRIPPED-04-23-2018.csv</code> A list of all Tor relay IPs on 04/23/2018, obtained through scraping the public Tor consensus.</p>
<p><code class="highlighter-rouge">Resources/tcis_run</code> A compiled binary of <a href="https://github.com/NullHypothesis/tcis">tcis</a>.</p>adunnaNote that our packet captures are not included for privacy reasons. However, direct exports of filters applied to these captures are supplied in CSVs.sCTF - A cybersecurity competition promoting CS education2016-12-11T00:00:00+00:002016-12-11T00:00:00+00:00https://adunna.me/sctf-project<p><a href="https://sctf.io/" target="_blank">Main Website</a><br />
<a href="https://www.facebook.com/sCTFio/" target="_blank">Facebook</a><br />
<a href="https://twitter.com/sCTFio" target="_blank">Twitter</a></p>
<hr />
<p>sCTF is an international jeopardy-style CTF run by students, for students with the goal of inspiring stronger computer science education. It started in late 2014, with the first competition being hosted in January of 2015. Since then, we have been expanding both our team and our competitor base to become the largest CTF world-wide with an emphasis on K-12 students. We design and implement problems for competitors to solve in the categories of algorithms, cryptography, digital forensics, binary exploitation, reverse engineering, web exploitation, reconnaissance, and programming languages.</p>
<p>Computer science education continues to be a rapidly changing area, with schools rushing to adopt harder and more standardized curricula. We’ve seen firsthand how much impact these competitions have on students and their motivation to succeed in computer science. Our staff members have been invited to speak at local schools, and both K-12 schools and universities have had students solve our problems to advance their education. sCTF encourages students to get interested in computer science, and to do it in a fun and competitive environment. It allows both a low barrier of entry into cybersecurity and a difficult problem set for experienced competitors. We love working to inspire the next generation of computer scientists and encouraging them to take creative approaches and find unorthodox solutions.</p>adunnaMain Website
Facebook
TwitterSTASiS - A situational analysis system2016-10-13T00:00:00+00:002016-10-13T00:00:00+00:00https://adunna.me/stasis-project<p><a href="https://github.com/adunna/STASiS" target="_blank">Github Repository</a></p>
<hr />
<p>Noticing dangerous situations and reacting to them can often lead to a difference between life and death. Often times, noticing these critical situations is hard for people since it might require looking at lots tiny details and putting them together. Our solution to this: computers!</p>
<p>With the increase in computational power in the last 5 years, computers have gotten exponentially faster, analyzing and moving heaps of data. With tools like Clarifai, TensorFlow and Caffe now open to the masses, it has become easier to combine these systems to build tools that are capable of collecting large amounts of data and processing them into usable data.</p>
<p>Our inspiration for this situational analysis system came from real-life projects such as DeepMind, as well as fictional icons such as Person of Interest. While in some fictitious shows the system is used as a tool for monitoring people, we want our tool to be used for potentially dangerous situations which could save lives without being intrusive and respecting privacy.</p>adunnaGithub Repository