A flexible in-network IP anonymization service

User privacy on the Internet has been an increasing concern in recent years. With the proliferation and sophistication of information services, data mining, and search engines, a simple network address may be used to reveal a great deal of information about a user, including location, identity, and behavior. Existing approaches to privacy, however, make unacceptable tradeoffs between performance and anonymity. For example, Tor [5] attempts to provide strong anonymity by withholding trust from third-party relays. We believe an acceptable level of privacy can be provided to most users, with noticeably lower latency and throughput impact, by working with the network provider. In this paper, we introduce AnonyFlow, an in-network anonymization service designed to efficiently and seamlessly provide privacy to users as they communicate with other endpoints and services. We design, implement, and evaluate an OpenFlow-based prototype of AnonyFlow that achieves endpoint anonymity without compromising on throughput or latency.

[1]  Robert Tappan Morris,et al.  Tarzan: a peer-to-peer anonymizing network layer , 2002, CCS '02.

[2]  David Wetherall,et al.  Enlisting ISPs to Improve Online Privacy: IP Address Mixing by Default , 2009, Privacy Enhancing Technologies.

[3]  C. Molina-Jimenez,et al.  True anonymity without mixes , 2001, Proceedings. The Second IEEE Workshop on Internet Applications. WIAPP 2001.

[4]  Paul F. Syverson,et al.  Onion routing , 1999, CACM.

[5]  Toshiro Kawahara,et al.  Cryptographically Protected Prefixes for Location Privacy in IPv6 , 2004, Privacy Enhancing Technologies.

[6]  Peter Sewell,et al.  Passive Attack Analysis for Connection-Based Anonymity Systems , 2003, ESORICS.

[7]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[8]  Jason Lee,et al.  The devil and packet trace anonymization , 2006, CCRV.

[9]  Pekka Nikander,et al.  BLIND: A Complete Identity Protection Framework for End-Points , 2004, Security Protocols Workshop.

[10]  Nick McKeown,et al.  OpenFlow: enabling innovation in campus networks , 2008, CCRV.

[11]  Steffen Kunz,et al.  Privately Waiting - A Usability Analysis of the Tor Anonymity Network , 2010, AMCIS.

[12]  Martín Casado,et al.  NOX: towards an operating system for networks , 2008, CCRV.

[13]  Pekka Nikander,et al.  Host Identity Protocol (HIP) Architecture , 2006, RFC.

[14]  Andrei Serjantov,et al.  Nonesuch: a mix network with sender unobservability , 2006, WPES '06.

[15]  Marco Gruteser,et al.  Enhancing Location Privacy in Wireless LAN Through Disposable Interface Identifiers: A Quantitative Analysis , 2005, Mob. Networks Appl..

[16]  Hannes Federrath,et al.  Web MIXes: A System for Anonymous and Unobservable Internet Access , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[17]  Charles E. Perkins,et al.  IP Mobility Support for IPv4, Revised , 2010, RFC.

[18]  Santosh S. Vempala,et al.  Chipping Away at Censorship Firewalls with User-Generated Content , 2010, USENIX Security Symposium.

[19]  Charles E. Perkins,et al.  IP Mobility Support for IPv4 , 2002, RFC.