Anonymous communication tools, such as Tor, are extensively employed by users who want to keep their web activity private. But recent works have shown that when a local, passive adversary observes nothing more than the timestamp, size and direction (incoming or outgoing) of the packets, it can still identify with high accuracy the website accessed by a user. Several defenses against these website fingerprinting attacks have been proposed but they come at the cost of a significant overhead in traffic and/or website loading time. We propose a defense against website fingerprinting which exploits multihoming, where a user can access the Internet by sending the traffic through multiple networks. With multihoming, it is possible to protect against website fingerprinting by splitting traffic among the networks, i.e., by removing packets from one network and sending them through another, whereas current defenses can only add packets. This enables us to design a defense with no traffic overhead that, as we show through extensive experimentation against state-of-the-art attacks, reaches the same level of privacy as the best existing practical defenses. We describe and evaluate a proof-ofconcept implementation of our defense and show that is does not add significant loading-time overhead. Our solution is compatible with other state-of-the-art defenses, and we show that combining it with another defense further improves privacy.
RAN virtualization will become a key technology for the last mile of next-generation mobile networks driven by initiatives such as the O-RAN alliance. However, due to the computing fluctuations inherent to wireless dynamics and resource contention in shared computing infrastructure, the price to migrate from dedicated to shared platforms may be too high. Indeed, we show in this paper that the baseline architecture of a base station's distributed unit (DU) collapses upon moments of deficit in computing capacity. Recent solutions to accelerate some signal processing tasks certainly help but do not tackle the core problem: a DU pipeline that requires predictable computing to provide carrier-grade reliability.We present Nuberu, a novel pipeline architecture for 4G/5G DUs specifically engineered for non-deterministic computing platforms. Our design has one key objective to attain reliability: to guarantee a minimum set of signals that preserve synchronization between the DU and its users during computing capacity shortages and, provided this, maximize network throughput. To this end, we use techniques such as tight deadline control, jitter-absorbing buffers, predictive HARQ, and congestion control. Using an experimental prototype, we show that Nuberu attains >95% of the theoretical spectrum efficiency in hostile environments, where state-of-art approaches lose connectivity, and at least 80% resource savings.
CCS CONCEPTS• Networks → Mobile networks; Wireless access points, base stations and infrastructure; Network reliability.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.