Yixin Sun will present her FPO "Enhancing Anonymity Systems under Network and User Dynamics" on Tuesday, December 17, 2019 at 9:30am in CS 402.

The members of her committee are as follows: Advisers: Mung Chiang and Prateek Mittal; Readers: Jennifer Rexford, Prateek Mittal, and Nick Feamster; Nonreaders: Jennifer Rexford, Ed Felten, and Mung Chiang.

A copy of her thesis is available upon request. Please email ngotsis@cs.princeton if you would like a copy of the thesis.

Everyone is invited to attend her talk. The talk title and abstract follow below.

Privacy on the Internet is eroding rapidly. Anonymity systems have been

designed to protect the identity and privacy of users from untrusted

destinations and third parties on the Internet. However, many prior

works on anonymity systems assume that important system components,

such as network routing and user location, are static. In practice, these

components are highly dynamic, leading to new vulnerabilities that can

compromise user anonymity. In this dissertation, we exploit dynamics in

anonymity systems across two different layers: network dynamics (i.e.,

changes in routing) at the network layer and user dynamics (i.e., changes

in user location) at the application layer.

First, we present RAPTOR attacks that exploit the dynamics in Internet

routing to compromise user anonymity in the Tor network. The attacks

enable adversaries to observe more user traffic and deanonymize them

more effectively than previously thought. We successfully demonstrate

the attacks by performing them on the live Tor network, ethically.

Second, we build proactive and reactive defenses to protect Tor users

from RAPTOR attacks: (1) a novel Tor relay selection algorithm that

proactively reduces the probability of Tor users being affected by an

attack, and (2) a monitoring system with novel detection analytics that

detect routing anomaly for Tor relays in real time.

Finally, we present attacks that exploit user mobility to compromise user

anonymity across a wide range of anonymity systems. While prior works

assume that user locations are fixed when accessing anonymity systems,

we demonstrate that users can be highly mobile and subsequently expose

themselves to adversaries as they visit more locations.

In summary, we demonstrate the dangers of abstracting dynamics in

Internet routing and user location from the analysis of anonymity

systems, and take the step to design anonymity systems with these

important system components in mind.