Experimental Study of Accountability in Existing Anonymous Networks
Project Summary To stop anonymous tools designed for free speech being abused by criminals, this project investigates practical solutions to trace back criminals while support free speech for benign users, by exploiting two unique perspectives. First, it utilizes the resource advantages of law enforcement to explore the limitations of anonymous tools. As criminals operated from remote locations usually do not have resources to build large-scale systems, they have to rely on existing anonymous tools with third-party resources to hide their traces. Second, the proposed solutions aim to capture some criminals, without a specific target at the beginning. Such assumption greatly simplifies the system design and makes it feasible, different from common traceback solutions which aim at a specific target from the start and usually require heavy costs for large-scaled deployment.
This project will examine the implementation limitations of Freenet for asynchronous communications and Tor for interactive communications, and develop tracing back solutions for law enforcement to identify data sources and parties involved in malicious transactions. Effective methods to penetrate these systems will be designed for collective traffic analysis. By focusing on known malicious data sharing to further identify malicious parties, the proposed solutions will localize data sources and communication parties. Meanwhile, effective mechanisms for protecting benign users’ privacy will also be investigated. The proposed research will provide significant insights to fight cyber crimes. The PIs will integrate research and education to recruit undergraduate and graduate students.
Principal Investigator: Yingfei Dong
Research Assistant: Todd Baumeister
Alumni: James Ochmann, Dwayne Yuen
Collaborator: Prof. Zhenhai Duan, Dept, of Computer Science, Florida State University
Software Analysis Source Code at Github.
We focused on Freenet and have built an experimental testbed in our lab (Holmes Hall 390, 2450 Dole St, Honolulu, HI 96822.) to examine the implementation limitations of Freenet. Our main progresses include
(1) We have set up our own version of Freenet in our lab on a private network with virtual machines using VM vSphere. Emulating a large scale p2p system is a challenging task. Luckily, with significant efforts, we are able to run a small Freenet on our lab to examine the basic protocols and identify potential issues.
(2) We have examine the basic protocols in Freenet, such as node join announcement, data insertion, data query, request routing, etc.
(3) We have found several weaknesses that we can explore to trace data insertion/query actions, poison peer routing tables, surveillance a target, and building the topology of the network. We are working two basic types of attacks: location-based and content-based. Combining these two approaches, we are developing our attack and defense models, and further generalizing to anonymity issues in common p2p systems.
· “A Traceback Attack on Freenet,” submitted to IEEE INFOCOM 2013. [PDF]
· “A Routing Table Insertion Attack on Freenet,” submitted to the annual ASE/IEEE Cyber Security Conference, 2012 [PDF].
Internal Documents: (Available on request.)
FreeNetSetupEclipseAndDebugEnvironment.pdf, May 26, 2011
FreeNetTestBedDesign.pdf, March 17, 2011
FreenetSetupExperimentsontheTestbed.pdf, May 26, 2011
FreenetTestbedSetup.pdf, May 19, 2011
This project is supported by NSF CNS-1041739, NSF CNS-1120902.
Note: Any opinions, findings, or conclusions expressed on this web site are those of the author(s) and do not necessarily reflect the views of the National Science Foundation (NSF).