Experimental Study of Accountability in Existing
Anonymous Networks
Project
Summary
To stop anonymous tools designed for free speech being abused by criminals,
this project investigates practical solutions to trace back criminals while
support free speech for benign users, by exploiting two unique perspectives. First, it utilizes the resource advantages of law enforcement to explore the limitations
of anonymous tools. As criminals operated from remote locations usually
do not have resources to build large-scale systems, they have to rely on
existing anonymous tools with third-party resources to hide their traces. Second, the proposed solutions aim to
capture some criminals, without a specific target at the beginning. Such
assumption greatly simplifies the system design and makes it feasible,
different from common traceback
solutions which aim at a specific target from the start and usually
require heavy costs for large-scaled deployment.
This project will examine the implementation
limitations of Freenet for
asynchronous communications and Tor
for interactive communications, and develop
tracing back solutions for law enforcement to identify data sources and parties
involved in malicious transactions. Effective methods to penetrate these
systems will be designed for collective traffic analysis. By focusing on known
malicious data sharing to further identify malicious parties, the proposed
solutions will localize data sources and
communication parties. Meanwhile,
effective mechanisms for protecting benign users’ privacy will also be
investigated. The proposed research will provide significant insights to
fight cyber crimes. The PIs will integrate research and education to recruit
undergraduate and graduate students.
Personnel
Principal
Investigator: Yingfei Dong
Research
Assistant: Todd Baumeister
Alumni:
James
Ochmann, Dwayne Yuen
Collaborator: Prof. Zhenhai Duan, Dept,
of Computer Science, Florida State University
Software Analysis Source Code at Github.
Current Progress
We
focused on Freenet and have built an experimental testbed in our lab (Holmes Hall 390, 2450 Dole St, Honolulu, HI 96822.)
to examine the implementation limitations of Freenet. Our main
progresses include
(1) We have set up our own
version of Freenet in our lab on a private network with virtual machines using
VM vSphere. Emulating a large scale p2p system is a
challenging task. Luckily, with significant efforts, we are able to run a small
Freenet on our lab to examine the basic protocols and identify potential
issues.
(2) We have examine the basic
protocols in Freenet, such as node join announcement, data insertion, data
query, request routing, etc.
(3) We have found several
weaknesses that we can explore to trace data insertion/query actions, poison
peer routing tables, surveillance a target, and building the topology of the
network. We are working two basic types of attacks: location-based and
content-based. Combining these two approaches, we are developing our attack and
defense models, and further generalizing to anonymity issues in common p2p
systems.
Publication
·
C. Li, Y.
Xue, Y. Dong, “Super Nodes in Tor: Existence and Security Implication,” in
Proc. of ACSAC’11,
Orlando, FL, Dec. 2011.
Internal Documents: (Available on
request.)
FreeNetSetupEclipseAndDebugEnvironment.pdf,
May 26, 2011
FreeNetTestBedDesign.pdf,
March 17, 2011
FreenetSetupExperimentsontheTestbed.pdf,
May 26, 2011
FreenetTestbedSetup.pdf,
May 19, 2011
This project is supported by
NSF CNS-1041739, NSF CNS-1120902.
Note: Any opinions, findings, or conclusions
expressed on this web site are those of the author(s) and do not necessarily
reflect the views of the National Science Foundation (NSF).