To stop anonymous tools designed for free speech from being abused by criminals, this project investigates practical solutions to trace back criminals while support free speech for benign users, by exploiting two unique perspectives. First, it utilizes the resource advantages of law enforcement to explore the limitations of anonymous tools. As criminals operated from remote locations usually do not have resources to build large-scale systems, they have to rely on existing anonymous tools with third-party resources to hide their traces. Second, the proposed solutions aim to capture some criminals, without a specific target at the beginning. Such assumption greatly simplifies the system design and makes it feasible, different from common traceback solutions which aim at a specific target from the start and usually require heavy costs for large-scaled deployment.
This project will examine the implementation limitations of Freenet for asynchronous communications and Tor for interactive communications, and develop tracing back solutions for law enforcement to identify data sources and parties involved in malicious transactions. Effective methods to penetrate these systems will be designed for collective traffic analysis. By focusing on known malicious data sharing to further identify malicious parties, the proposed solutions will localize data sources and communication parties. Meanwhile, effective mechanisms for protecting benign users? privacy will also be investigated.
The proposed research will provide significant insights to fight cyber crimes. The PIs will integrate research and education to recruit undergraduate and graduate via NHSEMP Program. For further information, see the project website at www.ee.hawaii.edu/~dong/traceback.
Free speech and user privacy are increasingly under attacks in today’s society due to many emerging issues. Anonymous peer to peer (p2p) networks are important tools to support these basic human rights, as we have seen recently in Arab Spring events. Several anonymous systems have been developed and broadly deployed in the past decade, such as Tor, Freenet, etc. Although these systems have received a lot of attention, the anonymity strength of these networks has not been well understood, due to many factors such as their highly distributed nature to achieve anonymity. In this project, we took a practical approach to evaluate the anonymity strength of anonymous p2p content sharing networks (APCN), in particular, Freenet. We have evaluated various design and development decisions of Freenet, at both the low level and high level, and identified a few weaknesses that may be common to all p2p content sharing systems. These results motivate us to further investigate the countermeasures to address the identified weaknesses for the future development of APCNs. In addition to evaluate the design issues of p2p anonymous systems, as part of this investigation, we have further developed and evaluated two security attacks--routing table insertion (RTI) attack and traceback attack--on Freenet. The RTI attack allows an attacker to insert an attacking node into a target node routing table, such that many other attacks are feasible, e.g., surveillance attacks and traceback attacks. The general idea of RTI attack can be applied to many other p2p systems because it exploits the basic performance improvement schemes and strategies used in p2p networks, e.g., greedy routing to take short paths or replacement of least-recently-used peers to keep connectivity. The traceback attack exploits the request forwarding scheme and identify the originating machine of a message on Freenet, even if only one instance of the message is observed by an attacker. The Freenet project has developed a quick patch to mitigate the proposed traceback attack in September 2012. We are also developing and evaluating various countermeasures to both attacks now. Although the attacks and countermeasures were developed in the framework of Freenet, they can be extended to attack other p2p anonymous systems, and have important consequences and implications for them. More importantly, this project provided new insights into the design and development of p2p anonymous systems and addressed the challenges and tradeoffs in various design decisions of these systems. Furthermore, we have incorporated the research results into networking security courses, provided opportunities for both graduate and undergraduate students to obtain valuable experimental and analytical skills, and prepared them for their future careers.
