Large-scale Internet censorship prevents citizens of many parts of the world from accessing vast amounts of otherwise publicly available information. The recognition and publication of these censorship events have aided in motivating the development of new privacy-enhancing technologies to circumvent the censor. We argue that as circumvention technologies improve and the cost of detecting their use increases, adversaries that are intent on restricting access to information will seek out alternative techniques for disruption. As such, understanding these alternative disruption techniques and how they affect network anonymity, privacy, and performance is paramount not only to the successful design of future technologies, but also to the security of existing networks and systems. Accordingly, this project explores, designs, and transitions to practice techniques that will improve the resilience of privacy-enhancing technologies against these realistic but understudied threats to network anonymity, privacy, and availability. We consider adversaries that look beyond weaknesses in software implementations or protocols and instead seek to destabilize anonymity services by affecting the shared resources upon which these services depend. This project studies how Internet infrastructure attacks apply to anonymity networks. The research designs defenses that improve the resilience against such threats, and transitions such defenses to the deployed Tor network. Our research activities (i) examine performance-based resource attacks and design privacy-preserving detection techniques to understand not only how denial-of-service attacks can drain network resources, but more importantly, how to automatically detect and prevent such attacks; (ii) study how control-plane routing attacks can be used to harm anonymity, and develop attack mitigation techniques to understand how to improve the resilience of anonymity networks against threats from the underlying untrusted Internet infrastructure; and (iii) analyze the impact of human mobility on anonymity to understand how to provide robust and secure anonymity services to the now ubiquitous mobile operating environment. The activities help expand understudied research areas and not only help improve the design of future technologies, but also enhance the security of existing networks and systems.
TWC: TTP Option: Small: Collaborative: Enhancing Anonymity Network Resilience against Pervasive Internet Attacks