Activists, whistleblowers, military and law enforcement, businesses and governments, and ordinary Internet users are among those that use anonymity networks to protect their privacy online. Anonymity networks typically operate as network overlays on top of the Internet, and aim to separate the notions of network location (where you are on the network) from network identity (who you are). They permit more privacy-preserving methods of communication, and are a critical component of censorship-circumvention systems. This project explored, designed, and transitioned to practice techniques that improve the resilience of anonymity systems against realistic but understudied threats to network anonymity, privacy, and availability. Much of the existing work in developing defenses for anonymity systems has focused on finding and correcting weaknesses in the design of the anonymity protocols. This has led to an arms race in which developers of anonymity systems harden their software against new attacks, while adversaries attempt to discover new vulnerabilities. We posit that adversaries who wish to stay ahead of the curve will transition to new attacks that target the underlying resources on which anonymity systems depend. That is, attackers will increasingly focus on alternative techniques for disrupting anonymous communication. A core goal of this project was to understand these alternative disruption techniques and how they affect anonymity networks, and develop robust defenses. This project led to several groundbreaking improvements in (1) safely measuring anonymity networks, (2) understanding attacks against such networks, and (3) developing and deploying robust defenses. In total, this project led to 14 peer-reviewed papers, nearly all of which were published at top academic venues (e.g., CCS, USENIX Security, NDSS, TOPS, VLDB, and IMC). Highlights of this project’s findings include: - The development of a suite of tools and protocols for safely measuring anonymity networks. We have significantly advanced the state-of-the-art in performing privacy-preserving measurements on anonymity networks such as Tor through three separate research activities: enhancing PrivCount, robust measurement taking through Historϵ, and unique counting. We also conducted the most detailed measurement study to date of the Tor anonymity network. - The construction, and deployment, of multiple defenses against denial-of-service attacks. Our defenses were informed by our real-world measurements of actual attacks against fielded anonymity networks, and have helped defend anonymity networks against actual (real-world) attacks. - The introduction and deployment of techniques for better managing resources in anonymity networks, leading to improved performance and robustness against flooding-style events. Making contributions beyond science and technology is a core component of this project’s goals. Securely and privately communicating is of tremendous interest to organizations and individuals seeking to freely access and disseminate information. The research activities completed during this project significantly improve the ability to communicate privately online by increasing the resiliency of anonymity networks to both present-day and future threats. Results from this project have been disseminated through publications (all of which are posted online) and through numerous software artifacts that have all been made publicly available (under open source licenses). This research project has also fully or partially supported three Ph.D. students, all of whom have successfully completed their doctoral studies.
Comments
Please register or sign in to add a comment.