Experimental Study of Accountability in Existing Anonymous Networks

Project Summary To stop anonymous tools designed for free speech being abused by criminals, this project investigates practical solutions to trace back criminals while support free speech for benign users, by exploiting two unique perspectives. First, it utilizes the resource advantages of law enforcement to explore the limitations of anonymous tools. As criminals operated from remote locations usually do not have resources to build large-scale systems, they have to rely on existing anonymous tools with third-party resources to hide their traces. Second, the proposed solutions aim to capture some criminals, without a specific target at the beginning. Such assumption greatly simplifies the system design and makes it feasible, different from common traceback solutions which aim at a specific target from the start and usually require heavy costs for large-scaled deployment.

This project will examine the implementation limitations of Freenet for asynchronous communications and Tor for interactive communications, and develop tracing back solutions for law enforcement to identify data sources and parties involved in malicious transactions. Effective methods to penetrate these systems will be designed for collective traffic analysis. By focusing on known malicious data sharing to further identify malicious parties, the proposed solutions will localize data sources and communication parties. Meanwhile, effective mechanisms for protecting benign users’ privacy will also be investigated. The proposed research will provide significant insights to fight cyber crimes. The PIs will integrate research and education to recruit undergraduate and graduate students.

 

Personnel

Principal Investigator:         Yingfei Dong

Research Assistant:           Todd Baumeister

Alumni:                              James Ochmann, Dwayne Yuen

Collaborator:                      Prof. Zhenhai Duan, Dept, of Computer Science, Florida State University

 

Software      Analysis Source Code at Github.

 

Current Progress

 

We focused on Freenet and have built an experimental testbed in our lab (Holmes Hall 390, 2450 Dole St, Honolulu, HI 96822.) to examine the implementation limitations of Freenet. Our main progresses include

(1)  We have set up our own version of Freenet in our lab on a private network with virtual machines using VM vSphere. Emulating a large scale p2p system is a challenging task. Luckily, with significant efforts, we are able to run a small Freenet on our lab to examine the basic protocols and identify potential issues.

(2)  We have examine the basic protocols in Freenet, such as node join announcement, data insertion, data query, request routing, etc.

(3)  We have found several weaknesses that we can explore to trace data insertion/query actions, poison peer routing tables, surveillance a target, and building the topology of the network. We are working two basic types of attacks: location-based and content-based. Combining these two approaches, we are developing our attack and defense models, and further generalizing to anonymity issues in common p2p systems.

 

Publication

 

• G. Tian, Z. Duan, T. Baumeister, and Y. Dong. Reroute on loop in anonymous peer-to-peer content sharing networks. In IEEE Conference on Communications and Network Security (CNS), submitted to, 2014.
• T. Baumeister, Y. Dong, G. Tian and Z. Duan. Look-ahead hint: Reduce routing information sharing to mitigate routing based attacks. Under submission, 2014.
• G. Tian, Z. Duan, T. Baumeister, and Y. Dong. Thwarting traceback attack on Freenet. In IEEE Globecom, Communication and Information System Security Symposium (CISS), Atlanta, GA, 2013.
• T. Baumeister, Y. Dong, G. Tian and Z. Duan. Using randomized routing to counter routing table insertion attack on freenet. In IEEE Globecom, Communication and Information System Security Symposium (GC13 CISS), Atlanta, GA, 2013.
• G. Tian, Z. Duan, T. Baumeister, and Y. Dong. A traceback attack on freenet. In IEEE INFOCOM,Turin, Italy, April, pages 1797-1805, 2013. [PDF]
• G. Tian, Z. Duan, T. Baumeister, and Y. Dong. Traceback attacks on freenet. IEEE Transactions on Dependable and Secure Computing, submitted to, 2013.
• T. Baumeister, Y. Dong, G. Tian and Z. Duan. “A Routing Table Insertion Attack on Freenet,” in Proc. of annual ASE/IEEE Cyber Security Conference, 2012 [PDF].

·       C. Li, Y. Xue, Y. Dong, “Super Nodes in Tor: Existence and Security Implication,” in Proc. of  ACSAC’11, Orlando, FL, Dec. 2011.

• G. Sun, Y. Xue, Y. Dong, “A Novel Hybrid Method for Effectively Classifying Encrypted Traffic,” in Proc. of IEEE Globecom’2010, Dec. 2010, Miami.
• C. Li, Y. Xue, Y. Dong, “HMC: A Novel Mechanism for Identifying Encrypted P2P Thunder Traffic,” in Proc. of IEEE Globecom’2010 Dec. 2010, Miami.

 

Internal Documents: (Available on request.)

 

FreeNetSetupEclipseAndDebugEnvironment.pdf, May 26, 2011

FreeNetTestBedDesign.pdf, March 17, 2011

FreenetSetupExperimentsontheTestbed.pdf, May 26, 2011

FreenetTestbedSetup.pdf, May 19, 2011

 

This project is supported by NSF CNS-1041739, NSF CNS-1120902.

Note: Any opinions, findings, or conclusions expressed on this web site are those of the author(s) and do not necessarily reflect the views of the National Science Foundation (NSF).