Understanding the Anonymity Ecosystem
Depending upon whom you ask, anonymity systems such as Tor are either (1) used by activists, journalists, and ordinary users to gain unfettered access to the Internet and bypass restrictive censorship systems, or (2) they are used by criminals to perform network attacks, buy and sell illegal narcotics and weapons, and post and access illicit/illegal content (e.g., on the "Dark Web"). While privacy advocates stress the personal freedom and privacy afforded by anonymity systems, others claim that anonymity networks are ripe with abuse. Despite some anecdotal evidence (in both directions), in truth, we know very little about who actually uses anonymity systems such as Tor and how these systems are actually being used.
This talk presents recent and ongoing research, done in collaboration with researchers at the U.S. Naval Research Laboratory (NRL) and the University of New South Wales Sydney, that attempts to shine some light on the users (in the aggregate) of these anonymity systems. A key scientific challenge of this line of work is to perform measurements in a safe manner that does not endanger the users of anonymity networks by potentially exposing their identities (and possibly subjecting them to physical harm). At the same time, since anonymity networks are often volunteer-operated and thus subject to malicious participants, measurement techniques should also provide strong integrity guarantees that resist manipulation by malicious insiders.
Finally, the talk will describe ongoing work that examines the
Internet's open proxy servers -- hosts that allow any Internet user to
relay traffic through it. Open proxies are often used for anonymous
communication or to avoid regional restrictions placed on content
(e.g., streaming movies and sporting events). We present early
results that show that misbehavior abounds on the Internet's open
proxies. In particular, we highlight instances in which open proxies
perform TLS man-in-the-middle, inject or modify content, and otherwise
interfere with users' end-to-end communication.
Micah Sherr is Provost's Distinguished Associate Professor in the Computer Science Department at Georgetown University and director of the Georgetown Institute for Information Assurance. His academic interests include privacy-preserving technologies, electronic voting, wiretap systems, and network security. He participated in two large-scale studies of electronic voting machine systems, and helped to disclose numerous architectural vulnerabilities in U.S. election systems. His current research examines the security properties of legally authorized wiretap (interception) systems and investigates methods for achieving scalable, high-performance anonymous routing. Micah received his B.S.E., M.S.E., and Ph.D. degrees from the University of Pennsylvania. He is a recipient of the NSF CAREER award.