Skip navigation
Please use this identifier to cite or link to this item:
Title: Enhancing Anonymity Systems under Network and User Dynamics
Authors: Sun, Yixin
Advisors: Mittal, Prateek
Chiang, Mung
Contributors: Computer Science Department
Keywords: Anonymity
Network Privacy
Routing security
Subjects: Computer science
Computer engineering
Issue Date: 2020
Publisher: Princeton, NJ : Princeton University
Abstract: Privacy on the Internet is eroding rapidly. Anonymity systems have been designed to protect the identity and privacy of users from untrusted destinations and third parties on the Internet. However, many prior works on anonymity systems assume that important system components, such as network routing and user location, are static. In practice, these components are highly dynamic, leading to new vulnerabilities that can compromise user anonymity. In this dissertation, we exploit dynamics in anonymity systems across two different layers: network dynamics (i.e., changes in routing) at the network layer and user dynamics (i.e., changes in user location) at the application layer. First, we present RAPTOR attacks that exploit the dynamics in Internet routing to compromise user anonymity in the Tor network. The attacks enable adversaries to observe more user traffic and deanonymize them more effectively than previously thought. We successfully demonstrate the attacks by performing them on the live Tor network, ethically. Second, we build proactive and reactive defenses to protect Tor users from RAPTOR attacks: (1) a novel Tor relay selection algorithm that proactively reduces the probability of Tor users being affected by an attack, and (2) a monitoring system with novel detection analytics that detect routing anomaly for Tor relays in real time. Finally, we present attacks that exploit user mobility to compromise user anonymity across a wide range of anonymity systems. While prior works assume that user locations are fixed when accessing anonymity systems, we demonstrate that users can be highly mobile and subsequently expose themselves to adversaries as they visit more locations. In summary, we demonstrate the dangers of abstracting dynamics in Internet routing and user location from the analysis of anonymity systems, and take the step to design anonymity systems with these important system components in mind.
Alternate format: The Mudd Manuscript Library retains one bound copy of each dissertation. Search for these copies in the library's main catalog:
Type of Material: Academic dissertations (Ph.D.)
Language: en
Appears in Collections:Computer Science

Files in This Item:
File Description SizeFormat 
Sun_princeton_0181D_13242.pdf2.38 MBAdobe PDFView/Download

Items in Dataspace are protected by copyright, with all rights reserved, unless otherwise indicated.