Loading Events

« All Events

  • This event has passed.

September 27, 2017 3:00 pm - 4:00 pm EDT

Title: Jurisdictional Arbitrage: The Impact of MLAT Cartels and Lawful Intercept in Anonymous Communications Networks

Speaker: Sarah Cortes, PhD Candidate, College of Computer and Information Science at Northeastern University

Location: Northeastern University, 805 Columbus Avenue, Interdisciplinary Science and Engineering Complex (ISEC), 6th Floor, Room #632, Boston, Massachusetts 02120


Network security attacks on the Internet have long compromised user security.  Whether users realize it or not, some or all of their personal data and communications are vulnerable to access by third parties through many documented attacks, for example, through spyware.  Governments may attack individual privacy, anonymity, and security for legitimate purposes, such as investigating criminals, or less legitimate purposes, such as silencing political opponents.  But those same governments have other, potentially more threatening, means of attack at their disposal to compromise network security.  For example, through lawful intercept (LI), they can dispense altogether with spyware, and simply record all traffic passing through network elements located in their jurisdiction.

Users of anonymous communications networks like Tor seek to ensure privacy and anonymity.  While Tor has proven valuable, which is why some governments censor its use, and despite years of research, today’s anonymous communication systems are still vulnerable to passive deanonymization attacks orchestrated by powerful adversaries, such as nation-states and their Government Intelligence Agencies (GIA’s).

This dissertation demonstrates how it is possible to quantify trust in anonymous communication networks through metrics.  It identifies five LI threat or “hostility” factors, including Mutual Legal Assistance Treaties (MLAT’s), which can indicate governmental risk to network communications through lawful intercept attacks.  It identifies, documents and classifies thousands of MLATs, and examines relevant case law, as well as deep involvement by CSP’s like Google and Microsoft in their use.

Having gathered data pertaining to these factors into a database, this dissertation uses them to develop metrics and algorithms that can be applied to real life networks, for example, undersea cables.  It explores quantifying and counteracting threats raised by these factors by empirically examining the public Tor network and the pattern of MLATs through graph theory analysis.  It includes a tool, MLAT.is, which incorporates scalable service providing accurate predictions of worldwide LI threats.

It then analyzes the MLAT graph itself, demonstrating hidden cartels of collaborating countries which may use their legal powers of surveillance to attack user anonymity.

It forms the basis of four subsequent research projects, each of which have papers and tools in various stages of draft or submission:

  • Dynamic Triggering: MLATs and Lawful Intercept in Communications Networks.
  • CircuitBlasTor, graph analysis of tor path selection.
  • Jurisdiction of the Darknet, balancing legal objectives in daknet investigations
  • Diameter of the Darknet

About the Speaker

Sarah Cortes , MS, CISA, AAFS, is President of Inman Technology.  She earned her undergraduate degree at Harvard University, and holds an MS from Boston University, in Computer Science, Information Security.  She is is a PhD candidate in the Information Assurance program at Northeastern University’s College of Computer and Information Science.  She has also studied Forensic Science at Boston University Medical School.  Her research focuses on the darknet, network security, and criminal legal treaties (MLAT’s).  She is currently an intern at Alameda County Sheriff’s Office Digital and Multimedia Forensics Crime Lab.

Prior to undertaking her PhD, Sarah was a Senior Vice President for Security, IT Audit and Disaster Recovery at Putnam Investments, an investment management firm with over $400 billion in assets under management.  She oversaw Putnam’s recovery on 9/11 when then-parent company Marsh & McLennan’s World Trade Center 99th floor data center was destroyed.  Before that, Cortes was a Senior Vice President for Data Center and Security Operations with BNY Mellon Bank, a global investments company with $1.6 trillion in assets under management, previously a part of Shearson, LehmanAmerican Express.

Sarah has published articles on computer security, privacy, mutual criminal legal assistance treaties (MLATs), and the darknet, including MLAT.is World Treaty Cartel Internet Overlay for Digital Traffic Analytics, featured in the 2017 IEEE International Symposium on Technologies for Homeland Security (HST17). She regularly serves as a referee for Computers & Security Journal.

She has implemented numerous computer applications.  Together with Department Chair, Boston University School of Medicine, Department of Biomedical Forensic Sciences and former Cellmark Lab Director Dr. Robin Cotton et al., Sarah implemented the DNA Mixtures online tool, with a grant from The United States Department of Justice.  DNA Mixtures was highlighted in the Executive Office of the President, President’s Council of Advisors on Science and Technology (PCAST), Report to the President: Forensic Science in Criminal Courts: Ensuring Scientific Validity of Feature-Comparison Methods in 2016.

A former analyst for the US Department of Energy, she led the National Institute for Science and Technology (NIST) Cybersecurity Working Group sub-team, as co-author of the 2014 NIST: Guidelines for Smart Grid Cyber Security: Vol. 2, Privacy and the Smart Grid, as well as the 2010 volume, that created the security and privacy laws section of the report. She served on the privacy use cases team for two years and the NIST cybersecurity working group (CSWG) on Smart Grid privacy for seven years. She has co-led Northeastern University Law School Legal Skills in Social Context (LSSC) clinics on surveillance law and online privacy tools and technology, as well as an MIT Co-Design Studio class at MIT Media Lab. She has helped draft data breach laws, and testified before the Massachusetts legislature and regulatory agencies.

In addition to her work on various industry standards bodies, Sarah serves on the IEEE (Institute of Electrical and Electronics Engineers) P1912 Privacy and Security Architecture for Consumer Wireless Devices Working Group. While completing her PhD, Sarah interns at the Alameda County Sheriff’s Office Crime Lab in Digital and Multimedia Evidence. In her work to help end cyberstalking and abuse through technology, Sarah serves on the Boards of Emerge, the first Abuser Intervention Program (BIP), and Each One Teach One, dedicated to training for technology employment.


  • Professor Thomas H. Koenig, Professor, Interdisciplinary with the College of Computer and Information Science (CCIS) and the College of Social Sciences and Humanities (CSSH) at Northeastern University (Advisor)
  • Professor Albert-László Barabási, Robert Gray Dodge Professor of Network Science, Distinguished University Professor, Interdisciplinary with the College of Computer and Information Science (CCIS) and the College of Science (COS) at Northeastern University
  • Professor Guevara Noubir, Professor, Director of Cybersecurity and Information Assurance Graduate Program, College of Computer and Information Science (CCIS) at Northeastern University
  • Paul Syverson, PhD, Onion Routing, Anonymous Communications Networks, United States Naval Research Laboratory


September 27, 2017
3:00 pm - 4:00 pm
Event Categories:
, , , ,


Interdisciplinary Science and Engineering Complex (ISEC)
805 Columbus Avenue
Boston, MA 02120 United States
+ Google Map
(617) 373-8380