Brian Neil Levine

• PhD
• University of Massachusetts Amherst

Darknets were created by computer scientists with the intention of increasing privacy and free speech. Unfortunately, even after decades of research, darknets are causing much more harm than good in practice. They have allowed perpetrators of many crimes, not just child sexual abuse, to organize like never before. And they have placed those who nee...

Access to mobile wireless networks has become critical for day-today life. However, it also inherently requires that a user's geographic location is continuously tracked by the service provider. It is challenging to maintain location privacy, especially from the provider itself. To do so, a user can switch through a series of identifiers, and even...

We provide detailed measurement of the illegal trade in child exploitation material (CEM, also known as child pornography) from mid-2011 through 2014 on five popular peer-to-peer (P2P) file sharing networks. We characterize several observations: counts of peers trafficking in CEM; the proportion of arrested traffickers that were identified during t...

We used data gathered via investigative "RoundUp" software to measure a year of online child pornography (CP) trafficking activity by U.S. computers on the Gnutella peer-to-peer network. The data include millions of observations of Internet Protocol addresses sharing known CP files, identified as such in previous law enforcement investigations. We...

A key component of security in decentralized blockchains is proof of opportunity cost among block producers. In the case of proof-of-work (PoW), currently used by the most prominent systems, the cost is due to spent computation. In this paper, we characterize the security investment of miners in terms of its cost in fiat money. This enables compari...

Wireless service providers track the time and location of all user connections. Location inference attacks have been effective in revealing the identity of anonymous users of wireless services. In this paper, we propose ZipPhone, a solution that leverages existing cellular infrastructure to improve user privacy. Spartacus allows a community of user...

Proof-of-work blockchains must implement a difficulty adjustment algorithm (DAA) in order to maintain a consistent inter-arrival time between blocks. Conventional DAAs are essentially feedback controllers, and as such, they are inherently reactive. This approach leaves them susceptible to manipulation and often causes them to either under- or over-...

We introduce Graphene, a method and protocol for interactive set reconciliation among peers in blockchains and related distributed systems. Through the novel combination of a Bloom filter and an Invertible Bloom Lookup Table (IBLT), Graphene uses a fraction of the network bandwidth used by deployed work for one- and two-way synchronization. We show...

Every day, exploitation crimes against children are captured as images or videos and shared on the Internet. In addition to the immediate harms, these crimes represent long-lasting, enormous privacy violations of the child victims. Such child exploitation materials (i.e., child pornography) is often posted to unmanaged forums, such as file-sharing...

All public blockchains are secured by a proof of opportunity cost among block producers. For example, the security offered by proof-of-work (PoW) systems, like Bitcoin, is due to spent computation; it is work precisely because it cannot be performed for free. In general, more resources provably lost in producing blocks yields more security for the...

Proof-of-work blockchains must implement a difficulty adjustment algorithm (DAA) in order to maintain a consistent inter-arrival time between blocks. Conventional DAAs are essentially feedback controllers, and as such, they are inherently reactive. This leaves them susceptible to manipulation and often causes them to either under- or over-correct....

Abrupt changes in the miner hash rate applied to a proof-of-work (PoW) blockchain can adversely affect user experience and security. Because different PoW blockchains often share hashing algorithms, miners face a complex choice in deciding how to allocate their hash power among chains. We present an economic model that leverages Modern Portfolio Th...

Users can attempt to thwart third-party services from discovering their location by disabling location services on their mobile device. In this paper, we show that web services can use throughput information to reveal the path taken by the phone and its owner among a set of possibilities. For example, a TCP-based music streaming service can compile...

Abrupt changes in the miner hash rate applied to a proof-of-work (PoW) blockchain can adversely affect user experience and security. Because different PoW blockchains often share hashing algorithms, miners face a complex choice in deciding how to allocate their hash power among chains. We present an economic model that leverages Modern Portfolio Th...

Mobile systems researchers struggle with conducting experiments with real users: either the scale of the study lacks sufficient scale and diversity, or a great effort must be used to recruit and manage subjects. In this paper, we describe MicroMobile, a system for deploying short data-gathering experiments to an extremely diverse set of users via m...

OneSwarm is a p2p system for anonymous file sharing. We quantify the system's vulnerability to three attacks that identify the sources of files. First, we detail and prove that a timing attack allows a single attacker to investigate all its neighbors for possession of specific files. We prove the attack is possible due to OneSwarm's design and is u...

The most important step in an empirical computer scientist's research is gathering sufficient real-world data to validate a system. Unfortunately, it is also one of the most time-consuming and expensive tasks: placing measurement tools in remote networks or end-clients requires one to marshal resources from different administrative domains, devices...

Ethereum contracts can be designed to function as fully decentralized applications called DAPPs that hold financial assets, and many have already been fielded. Unfortunately, DAPPs can be hacked, and the assets they control can be stolen. A recent attack on an Ethereum decentralized application called The DAO demonstrated that smart contract bugs a...

Blockchain systems are designed to produce blocks at a constant average rate. The most popular systems currently employ a Proof of Work (PoW) algorithm as a means of creating these blocks. Bitcoin produces, on average, one block every 10 minutes. An unfortunate limitation of all deployed PoW blockchain systems is that the time between blocks has hi...

We devise a novel method of interactive set reconciliation for efficient block distribution. Our approach, called Graphene, couples a Bloom filter with an IBLT. We evaluate performance analytically and show that Graphene blocks are always smaller. For example, while a 17.5 KB Xtreme Thinblock can be encoded in 10 KB with Compact Blocks, the same in...

We make several contributions that quantify the real-time hash rate and therefore the consensus of a blockchain. We show that by using only the hash value of blocks, we can estimate and measure the hash rate of all miners or individual miners, with quanti able accuracy. We apply our techniques to the Ethereum and Bitcoin blockchains; our solution a...

Images posted to file-sharing networks without a person's permission can remain available indefinitely. When the image is sexually explicit and involves a child, the scale of this privacy violation grows tremendously worse and can have repercussions for the victim's whole life. Providing investigators with tools that can identify the perpetrators o...

Ethereum contracts can be designed to function as fully decentralized applications called DAPPs. Many DAPPs have already been fielded, including an online marketplace, a role playing game, a prediction market, and an Internet service provider. Unfortunately, DAPPs can be hacked, and the assets they control can be stolen. A recent attack on an Ether...

The fundamental attack against blockchain systems is the double-spend attack. In this tutorial, we provide a very detailed explanation of just one section of Satoshi Nakamoto's original paper where the attack's probability of success is stated. We show the derivation of the mathematics relied upon by Nakamoto to create a model of the attack. We als...

We present and validate a novel mathematical model of the blockchain mining process and use it to conduct an economic evaluation of the double-spend attack, which is fundamental to all blockchain systems. Our analysis focuses on the value of transactions that can be secured under a conventional double-spend attack, both with and without a concurren...

When forensic triage techniques designed for feature phones are applied to smart phones, these recovery techniques return hundreds of thousands of results, only a few of which are relevant to the investigation. We propose the use of relevance feedback to address this problem: A small amount of investigator input can efficiently and accurately rank...

A fundamental limitation of Bitcoin and its variants is that the movement of coin between addresses can be observed by examining the public block chain. This record enables ad-versaries to link addresses to individuals, and to identify multiple addresses as belonging to a single participant. Users can try to hide this information by mixing, where a...

Measurements of the Internet for law enforcement purposes must be forensically valid. We examine the problems inherent in using various network- and application-level identifiers in the context of forensic measurement, as exemplified in the policing of peer-to-peer file sharing networks for sexually exploitative imagery of children. First, we prese...

Cellular network operators can track the location of cell phone users as they connect to different towers. Operators may not directly control the user's phone, but they do supply and control the SIM card that identifies the user. We seek to preserve a cellular phone user's location privacy from cellular network operators. We propose the ZipPhone pr...

Many third parties desire to discover and disclose your location with the help of your cell phone. Using an embedded GPS, phone software will commonly reveal coordinates to carriers, advertisers, and applications. Can a remote party determine locational information absent explicit GPS information? For example, given a known starting or ending point...

Working with law enforcement and criminologists, my research group has been developing strategies to fight online child sexual exploitation. Investigators in the US and other countries have been using our Internet-based tools daily, acquiring evidence that has resulted in many thousands of arrests for child pornography possession since 2009. Over 1...

Peer-to-peer networks are the most popular mechanism for the criminal acquisition and distribution of child pornography (CP). In this paper, we examine observations of peers sharing known CP on the eMule and Gnutella networks, which were collected by law enforcement using forensic tools that we developed. We characterize a year's worth of network a...

Thousands of cases each year of child exploitation on P2P file sharing networks lead from an IP address to a home. A first step upon execution of a search warrant is to determine if the home's open Wi-Fi or the closed wired Ethernet was used for trafficking; in the latter case, a resident user is more likely to be the responsible party. We propose...

The price of Internet services is user information, and many pay it without hesitation. While myriad privacy tools exist that thwart the detailed compilation of information about user habits, these tools often assume that reduced functionality is always justified by increased privacy. In contrast, we propose the adoption of functional privacy as a...

In this paper we describe the evolution of DOME, a diverse outdoor testbed for mobile experimentation. In addition, while highlighting the challenges faced in construction of DOME, we describe a concrete set of scientific results derived from this experience in a retrospective study. First, we argue that a broad range of mobility experiments could...

We present the first in-depth analysis of the performance of attempting concurrent AP connections from highly mobile clients. Previous solutions for concurrent Wi-Fi are limited to stationary wireless clients and do not take into account a myriad of mobile factors. Through an analytical model, optimization framework, and numerous outdoor experiment...

The relatively low spreading losses in underwater acoustic channels allows increased interference from distant interferers, which reduces the effectiveness of collision-avoidance MAC protocols. These collisions in turn reduce spatial reuse and network goodput, and increase power consumption. A competing channel effect, however, is the frequency-dep...

We investigate attempting concurrent connections to multiple Wi-Fi access points (APs) from highly mobile clients. Previous multi-AP solutions are limited to stationary wireless clients and do not take into account a myriad of mobile factors. We show that connection duration, AP response times, channel scheduling, available and offered bandwidth, n...

OneSwarm is a system for anonymous p2p file sharing in use by thousands of peers. It aims to provide Onion Routing-like privacy and BitTorrent-like performance. We demonstrate several flaws in OneSwarm's design and implementation through three different attacks available to forensic investigators. First, we prove that the current design is vulnerab...

Once electronic content—such as a password to access a website’s resources—has been released, it is very difficult to prevent it from being shared. This disclosure often represents economic harm to the content’s owner and others. Most attempts to prevent unauthorized sharing of digital content have been based on technology or legal punishments, but...

We investigate attempting concurrent connections to multiple Wi-Fi access points (APs) from highly mobile clients. Previous multi-AP solutions are limited to stationary wireless clients and do not take into account a myriad of mobile factors. We show that connection duration, AP response times, channel scheduling, available and offered bandwidth, n...

Voice over IP (VoIP) is an important service on the Internet, and privacy for VoIP calls will be increasingly important for many people. Providing this privacy, however, is challenging, as anonymity services can be slow and unpredictable. In this paper, we propose a method for extending onion-routing style anonymity protocols for supporting anonymo...

We present DEC0DE, a system for recovering information from phones with unknown storage formats, a critical problem for forensic triage. Because phones have myr-iad custom hardware and software, we examine only the stored data. Via flexible descriptions of typical data struc-tures, and using a classic dynamic programming algo-rithm, we are able to...

Many technical mechanisms across computer security for attribution, identification, and classification are nei-ther sufficient nor necessary for forensically valid digital investigations; yet they are often claimed as useful or necessary. Similarly, when forensic research is evaluated using the viewpoints held by computer security venues, the chall...

The investigation of peer-to-peer (p2p) file sharing networks is now of critical interest to law enforcement. P2P networks are extensively used for sharing and distribution of contraband. We detail the functionality of two p2p protocols, Gnutella and BitTorrent, and describe the legal issues pertaining to investigating such networks. We present an...

Routing protocols for disruption-tolerant networks (DTNs) use a variety of mechanisms, including discovering the meeting probabilities among nodes, packet replication, and network coding. The primary focus of these mechanisms is to increase the likelihood of finding a path with limited information, and so these approaches have only an incidental ef...

Disruption-tolerant networks (DTNs) rely on intermittent contacts between mobile nodes to deliver packets using a store-carry-and-forward paradigm. We earlier proposed the use of throwbox nodes, which are stationary, battery-powered nodes with storage and processing, to enhance the capacity of DTNs. However, the use of throwboxes without efficient...

Measurements of the Internet for law enforcement purposes must be forensically valid. We examine the problems inherent in using various network- and application-level identifiers in the context of forensic measurement, as exemplified in the policing of peer-to-peer file sharing networks for sexually exploitative imagery of children (child pornograp...

Client-server networks are pervasive, fundamental, and include such key networks as the Internet, power grids, and road networks. In a client-server network, clients obtain a service by connecting to one of a redundant set of servers. These networks are vulnerable to node and link failures, causing some clients to become disconnected from the serve...

We present Ares, a reverse engineering technique for assist-ing in the analysis of data recovered for the investigation of mobile and embedded systems. The focus of investigations into insider activity is most often on the data stored on the insider's computers and digital devices — call logs, email messaging, calendar entries, text messages, and b...

Client-server networks are pervasive, fundamental, and include key networks such as the Internet, power grids, and road networks. In a client-server network, clients obtain a service by connecting to one of a redundant set of servers. These networks are vulnerable to vertex and link failures as some clients may become disconnected from the servers...

Using analytic models and simulation results, we examine spatial reuse and the effectiveness of RTS/CTS MAC protocols in underwater acoustic networks. We are not looking at the question of network throughput, which is affected mostly by propagation delay, but rather the protocol's ability to prevent collisions. RTS/CTS-based collision-avoidance pro...

The current standard and open formats for forensic data describe whole disk and memory image properties, but do not describe the products of detailed investigations. We propose a simple canonical description of digital evidence provenance that explicitly states the set of tools and transformations that led from acquired raw data to the resulting pr...

A series of complex dependencies conspire to make it difficult to model mobile networks, including mobility, channel and ra-dio characteristics, and power consumption. To address these challenges, we have designed and built a testbed for large-scale mobile experimentation, called the Diverse Outdoor Mobile Environment. DOME consists of computer-equ...

Open Wi-Fi networks offer a chance to have ubiquitous, mo-bile connectivity by opportunistically leveraging previously deployed resources. Open Wi-Fi access points are densely deployed in many cities, offering high bandwidth at no cost to the mobile node. Unfortunately, Wi-Fi networks are rid-dled with coverage holes, resulting in poor network perf...

Stationary relay nodes have the potential to boost routing efficiency in mobile networks at little additional cost. Unlike mesh nodes, relay nodes can be placed non-contiguously and require no wired infrastructure. However, ensuring that relay placement results in maximum performance is a challenging problem with concrete results being few. We expl...

We ask if the ubiquity of WiFi can be leveraged to provide cheap connectivity from moving vehicles for common applications such as Web browsing and VoIP. Driven by this question, we conduct a study of connection quality available to vehicular WiFi clients based on measurements from testbeds in two different cities. We find that current WiFi handoff...

Sybil attacks have been shown to be unpreventable except under the protection of a vigilant central authority. We use an economic analysis to show quantitatively that some applications and protocols are more robust against the attack than others. In our approach, for each distributed application and an attacker objective, there is a critical value...

Using analysis, simulation, and experimentation, we examine the threat against anonymous communications posed by passive- logging attacks. In previous work, we analyzed the success of such attacks under various assumptions. Here, we evaluate the effects of these assumptions more closely. First, we analyze the Onion Routing- based model used in prio...

Mobile Internet users have several options today, including such high-bandwidth cellular data services as 3G, which is the choice for many. However, the ubiquity and low cost of WiFi suggests an attractive alternative, namely, opportunistic use of open WiFi access points (APs) or planned municipal mesh networks. Unfortunately, for vehicular users,...

Networks composed of mobile nodes inherently suffer from intermit- tent connections and high delays. Performance can be improved by adding supporting infrastructure, including base stations, meshes, and relays, but the cost-performance trade-offs of different designs is poorly understood. To examine these trade-offs, we have deployed a large-scale...

Many DTN routing protocols use a variety of mechanisms, including discovering the meeting probabilities among nodes, packet replication, and network coding. The primary focus of these mechanisms is to increase the likelihood of finding a path with limited information, so these approaches have only an incidental effect on such routing metrics as max...

We study traces taken from UMass DieselNet, a Disruption-Tolerant Network consisting of WiFi nodes attached to buses. As buses travel their routes, they encounter other buses and in some cases are able to establish pair-wise connections and transfer data between them. We analyze the bus-to-bus contact traces to characterize the contact processes be...

in terms of the number of pairs of communicating nodes? The answer to this question is a critical component of quantifying the damage to networks that results from attacks on inter-domain routing, intra-domain routing, mobile network routing, and sensor networks. In this short paper, we introduce a technique that provides a lower bound on a graph’s...

Disruption Tolerant Networks rely on intermittent contacts between mobile nodes to deliver packets using store-carry-and-forward paradigm. The key to improving performance in DTNs is to engineer a greater number of transfer opportunities. We earlier proposed the use of throwbox nodes, which are stationary, battery powered nodes with storage and pro...

We explore exploits possible for cheating in real-time, multiplayer games for both client-server and serverless architectures. We offer the first formalization of cheating in online games and propose an initial set of strong solutions. We propose a protocol that has provable anti-cheating guarantees, is provably safe and live, but suffers a perform...

We propose an economic approach to Sybil attack detection. In our Informant protocol, a detective offers a reward for Sybils to reveal themselves. The detective accepts from one identity a security deposit and the name of target peer; the deposit and a reward are given to the target. We prove the optimal strategy for the informant is to play the ga...

Opportunistic connections to the Internet from open wireless access points is now commonly possible in urban areas. Vehic- ular networks can opportunistically connect to the Internet for several seconds via open access points. In this paper, we adapt the interactive process of web search and retrieval to vehicular networks with intermittent Interne...

In this paper, we study traces taken from UMass DieselNet, a sparse mobile wireless DTN network consisting of WiFi nodes attached to buses. As buses travel their routes, they encounter other buses and in some cases are able to establish pair-wise connections and transfer data between them. We analyze these traces to characterize inter-contact behav...

Databases that preserve a historical record of activities and data o! er the important benefit of system accountability: past events can be analyzed to detect breaches and maintain data quality. But the retention of history can also pose a threat to privacy. System designers need to carefully balance the need for privacy and accountability by contr...

The use of any modern computer system leaves unintended traces of expired data and remnants of users' past activities. In this paper, we investigate the unintended persistence of data stored in database systems. This data can be recovered by forensic analysis, and it poses a threat to privacy. First, we show how data remnants are preserved in data-...

Disruption-Tolerant Networks (DTNs) deliver data in network environments composed of intermittently connected nodes. Just as in traditional networks, malicious nodes within a DTN may attempt to delay or destroy data in transit to its destination. Such attacks include dropping data, flooding the network with extra messages, corrupting routing tables...

Underwater sensor networks are attracting increasing in-terest from researchers in terrestrial radio-based sensor net-works. There are important physical, technological, and eco-nomic di erences between terrestrial and underwater sensor networks. Previous surveys have provided thorough back-ground material in underwater communications, and an in-tr...

Disruption Tolerant Networks (DTNs) are designed to overcome limitations in connectivity due to conditions such as mobility, poor infrastructure, and short range radios. DTNs rely on the inherent mobility in the network to deliver packets around frequent and extended network partitions using a store-carry-and-forward paradigm. However, missed conta...

Mobility is often a problem for providing security services in ad hoc networks. In this paper, we show that mobility can be used to enhance security. Specifically, we show that nodes that passively monitor traffic in the network can detect a Sybil attacker that uses a number of network identities simultaneously. We show through simulation that this...

Mobile robots have successfully solved many real world problems. In the following we present the use of mobile robots to address the novel and challenging problem of providing disruption tolerant network service. In disruption tolerant networks, all messages are transported by the physical motion of participants in the network. When these movements...

Disruption-tolerant networks (DTNs) attempt to route network messages via intermittently connected nodes. Routing in such environments is difficult because peers have little information about the state of the partitioned network and transfer opportunities between peers are of limited duration. In this paper, we propose MaxProp, a protocol for effec...

Devices in disruption tolerant networks (DTNs) must be able to communicate robustly in the face of short and infrequent connection opportunities. Unfortunately, one of the most inexpensive, energy-efficient and widely deployed peer-to-peer capable radios, Bluetooth, is not well-suited for use in a DTN. Bluetooth's half-duplex process of neighbor di...

We examine the effectiveness of two traffic analysis techniques for identifying encrypted HTTP streams. The techniques are based upon classification algorithms, identifying encrypted traffic on the basis of similarities to features in a library of known profiles. We show that these profiles need not be collected immediately before the encrypted str...

Delay tolerant networks (DTNs) are a class of emerging networks that are subject to frequent and long-duration partitions. Due to intermittent connectivity, DTNs might be significantly limited in supporting application needs, for example, leading to low throughput or high delay. To address this problem, we propose the use of throw-boxes to improve...

Many security mechanisms are based on specific assumptions of identity and are vulnerable to attacks when these assumptions are violated. For example, impersonation is the well-known consequence when authenticating credentials are stolen by a third party. Another attack on identity occurs when credentials for one identity are purposely shared by mu...

Encrypting traffic does not prevent an attacker from performing some types of traffic analysis. We present a straightforward traffic analysis attack against encrypted HTTP streams that is surprisingly effective in identifying the source of the traffic. An attacker starts by creating a profile of the statistical characteristics of web requests from...

Initial work in ad hoc routing has considered only the problem of providing efficient mechanisms for finding paths in very dynamic networks, without considering security. Because of this, there are a number of attacks that can be used to manipulate the routing in an ad hoc network. In this paper, we describe these threats, specifically showing thei...

Disruption-tolerant networks (DTNs) differ from other types of networks in that capacity is created by the movements of network participants. This implies that understanding and influencing the participants’ motions can have a significant impact on network performance. In this paper, we introduce the routing protocol MORA, which learns structure in...

We design and evaluate a distributed information retrieval system that operates over a mobile network where a wire-less infrastructure unavailable. Such networks are common in developing nations, disaster-stricken areas, and even in the rural areas of the technologically progressive countries. This poses a new challenge for distributed IR, which no...

We present Ghost, a peer-to-peer game architecture that manages game consistency across a set of players with heterogeneous network resources. Ghost dynamically creates responsive sub-games based on the delay profiles of players. Ghost allows each user to set the quality of game they are willing to play and creates the maximum-sized game that satis...

We present a game-theoretic model of the interactions between server and clients in a constrained family of commercial P2P computations (where clients are financially compensated for work). We study the cost of implementing redundant task allocation (redundancy, for short) as a means of preventing cheating. Under the assumption that clients are mot...

We use knowledge discovery techniques to guide the creation of efficient overlay networks for peer-to-peer file sharing. An overlay network specifies the logical connections among peers in a network and is distinct from the physical connections of the network. It determines the order in which peers will be queried when a user is searching for a spe...

Many routing algorithms for both traditional and ad hoc networks require a complete and contemporaneous path of peers from source to destination. Disruption Tolerant Networks (DTNs) attempt to deliver messages despite a frequently disconnected link layer (e.g., due to peer mobility, limited communication range, and power management limitations). Wh...