Nguyen Phong Hoang

Nguyen Phong Hoang
University of Chicago | UC · Department of Computer Science

PhD
Please visit https://np-tokumei.net for current affiliations and research interests.

About

28
Publications
30,589
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
261
Citations
Introduction
Please visit https://np-tokumei.net for current affiliations and research interests.
Additional affiliations
January 2022 - present
University of Chicago
Position
  • PostDoc Position
September 2020 - February 2022
University of Toronto
Position
  • Research Fellow
August 2018 - August 2019
University of Massachusetts Amherst
Position
  • Visiting Researcher
Education
August 2016 - August 2021
Stony Brook University
Field of study
  • Computer Science
October 2014 - August 2016
Kyoto University
Field of study
  • Informatics
October 2010 - September 2014
Ritsumeikan Asia Pacific University
Field of study
  • International Management & Information Communication Technology

Publications

Publications (28)
Conference Paper
Full-text available
May 14 2016 (Update): the lastest version of this study can be found here: https://www.researchgate.net/publication/303069938_Your_Neighbors_Are_My_Spies_Location_and_other_Privacy_Concerns_in_GLBT-focused_Location-based_Dating_Applications Trilateration has recently become one of the well-known threat models to the user's location privacy in loca...
Conference Paper
Full-text available
Tor and I2P are well-known anonymity networks used by many individuals to protect their online privacy and anonymity. Tor's centralized directory services facilitate the understanding of the Tor network, as well as the measurement and visualization of its structure through the Tor Metrics project. In contrast, I2P does not rely on centralized direc...
Conference Paper
Full-text available
Centralized DNS over HTTPS/TLS (DoH/DoT) resolution , which has started being deployed by major hosting providers and web browsers, has sparked controversy among Internet activists and privacy advocates due to several privacy concerns. This design decision causes the trace of all DNS resolutions to be exposed to a third-party resolver, different th...
Preprint
Full-text available
The DNS filtering apparatus of China's Great Firewall (GFW) has evolved considerably over the past two decades. However, most prior studies of China's DNS filtering were performed over short time periods, leading to unnoticed changes in the GFW's behavior. In this study, we introduce GFWatch, a large-scale, longitudinal measurement platform capable...
Preprint
Full-text available
Domain name encryptions (DoTH and ESNI) have been proposed to improve security and privacy while browsing the web. Although the security benefit is clear, the positive impact on user privacy is still questionable. Given that the mapping between domains and their hosting IPs can be easily obtained, the websites a user visits can still be inferred by...
Preprint
Full-text available
Most online communications rely on DNS to map domain names to their hosting IP address(es). Previous work has shown that DNS-based network interference is widespread due to the unencrypted and unauthenticated nature of the original DNS protocol. In addition to DNS, accessed domain names can also be monitored by on-path observers during the TLS hand...
Thesis
With the Internet having become an indispensable means of communication in modern society, censorship and surveillance in cyberspace are getting more prevalent. Malicious actors around the world, ranging from nation states to private organizations, are increasingly making use of technologies to not only control the free flow of information, but als...
Article
Full-text available
Although the security benefits of domain name encryption technologies such as DNS over TLS (DoT), DNS over HTTPS (DoH), and Encrypted Client Hello (ECH) are clear, their positive impact on user privacy is weakened by—the still exposed—IP address information. However, content delivery networks, DNS-based load balancing, co-hosting of different websi...
Article
Full-text available
Understanding web co-location is essential for various reasons. For instance, it can help one to assess the collateral damage that denial-of-service attacks or IP-based blocking can cause to the availability of co-located web sites. However, it has been more than a decade since the first study was conducted in 2007. The Internet infrastructure has...
Conference Paper
Full-text available
Researchers have studied Internet censorship for nearly as long as attempts to censor contents have taken place. Most studies have however been limited to a short period of time and/or a few countries; the few exceptions have traded off detail for breadth of coverage. Collecting enough data for a comprehensive, global, longitudinal perspective rema...
Preprint
Full-text available
Understanding web co-location is essential for various reasons. For instance, it can help one to assess the collateral damage that denial-of-service attacks or IP-based blocking can cause to the availability of co-located web sites. However, it has been more than a decade since the first study was conducted in 2007. The Internet infrastructure has...
Presentation
Full-text available
Centralized DNS over HTTPS/TLS (DoH/DoT) resolution , which has started being deployed by major hosting providers and web browsers, has sparked controversy among Internet activists and privacy advocates due to several privacy concerns. This design decision causes the trace of all DNS resolutions to be exposed to a third-party resolver, different th...
Preprint
Full-text available
As Internet users have become more savvy about the potential for their Internet communication to be observed, the use of network traffic encryption technologies (e.g., HTTPS/TLS) is on the rise. However, even when encryption is enabled, users leak information about the domains they visit via their DNS queries and via the Server Name Indication (SNI...
Conference Paper
Full-text available
The prevalence of Internet censorship has prompted the creation of several measurement platforms for monitoring filtering activities. An important challenge faced by these platforms revolves around the trade-off between depth of measurement and breadth of coverage. In this paper, we present an opportunistic censorship measurement infrastructure bui...
Preprint
Full-text available
The prevalence of Internet censorship has prompted the creation of several measurement platforms for monitoring filtering activities. An important challenge faced by these platforms revolves around the trade-off between depth of measurement and breadth of coverage. In this paper, we present an opportunistic censorship measurement infrastructure bui...
Preprint
Full-text available
Researchers have studied Internet censorship for nearly as long as attempts to censor contents have taken place. Most studies have however been limited to a short period of time and/or a few countries; the few exceptions have traded off detail for breadth of coverage. Collecting enough data for a comprehensive, global, longitudinal perspective rema...
Thesis
Full-text available
As we are living in the digital age, information technology appears in nearly every aspect of our daily lives, and plays an integral role in agriculture, industry, education, business, politics, etc. Thanks to its undeniable convenience, information technology has helped to make our lives easier and more comfortable. For instance, VoIP (voice over...
Article
Full-text available
Trilateration is one of the well-known threat models to the user's location privacy in location-based apps; especially those contain highly sensitive information such as dating apps. The threat model mainly bases on the publicly shown distance from a targeted victim to the adversary to pinpoint the victim's location. As a countermeasure, most of lo...
Conference Paper
Full-text available
Regardless of Tor's robustness against individual attackers thanks to its distributed characteristics, the network is still highly vulnerable to those very powerful adversaries, such as oppressive regimes which have control over a large proportion of the Internet. As recently confirmed by Edward Snowden, Autonomous-System level adversary is no long...
Article
Full-text available
Digital information has become a social infrastructure and with the expansion of the Internet, network infrastructure has become an indispensable part of social life and industrial activity for mankind. The idea of using existing electronics in smart home appliances and connecting them to the Internet is a new dimension along which technologies con...
Thesis
Full-text available
Nowadays, with the expansion of Internet connection around the World, more and more people get online. People use Internet for various activities such as accessing email, searching, shopping, social networking, etc. The Internet indeed provides its users with many conveniences. Sharing knowledge and getting communication among a large amount of Int...
Conference Paper
Full-text available
Digital information has become a social infrastructure and with the expansion of the Internet, network infrastructure has become an indispensable part of social life and industrial activity for mankind. For various reasons, however, today's networks are vulnerable to numerous risks, such as information leakage, privacy infringement and data corrupt...

Network

Cited By

Projects

Project (1)
Archived project
In recent years, the problem of censorship and surveillance in cyberspace has become increasingly prevalent. For this reason, anonymous communication has drawn remarkable attention from both researchers and ordinary Internet users. As anonymous communications grow to support more users, many tools become freely available on the Internet. These tools include proxy servers, Virtual Private Network (VPN) software, the Onion Router (Tor), the Invisible Internet Project (I2P)], and so on. Among them, Tor and I2P are the most well-known anonymity networks, which use onion routing technique to protect user anonymity. While helping users to browse the Internet anonymously, these networks also provide hidden services (comprising the “dark web”) in which the anonymity of both senders and receivers is preserved. Thanks to its popularity and the support of volunteer-based “exit nodes” to the normal Internet, Tor has been widely used and extensively researched. On the other hand, I2P has not been studied as comprehensively as Tor. There are two primary reasons that make I2P less appealing to study compared to Tor. First, I2P’s purely distributed network architecture, which lacks any centralized directory service, makes it more difficult to measure. Second, the intermittent availability of exit nodes causes I2P to operate as a closed (i.e. self-contained) network most of the time, making it less attractive to users that want to casually browse the web in the clear Internet. This project aims to fill this research gap by conducting an empirical measurement study of the I2P network, which is expected to popularize I2P to both academic researchers and ordinary Internet users. The data collected from empirical experiments will be analyzed to answer the following questions: 1. What is the size of the I2P network and the population of I2P users, especially those originating from repressive regions? 2. What are the blocking strategies that a censor may take to block access to the I2P network? 3. How to improve the I2P network design to make it more resilient to widespread censorship?