Optimizing the Placement of Implicit Proxies

Traffic filters block clients from communicating with certain Internet destinations. To prevent clients from evading the filtering policies, traffic filters may also block access to well-known anonymizing proxies. In response, researchers have designed more sophisticated solutions techniques that rely on implicit proxies lying along the path to unfiltered destinations. An implicit proxy transparently deflects traffic directed to an unfiltered destination toward the filtered destination. However, the effectiveness of implicit proxies highly depends on their presence in paths between clients and unfiltered destinations. In this paper we formulate and solve the problem of proxy placement, and evaluate our algorithms on snapshots of the Internet topology for a variety of client and destination sets. We also consider smart filtering techniques that select alternate routes to avoid implicit proxies, as well as the effects of asymmetric Internet routing. Our results show that a relatively small number of proxies can satisfy a large group of clients across a range of geographic locations.

[1]  Alejandro López-Ortiz,et al.  On the number of distributed measurement points for network tomography , 2003, IMC '03.

[2]  Uriel Feige,et al.  The Dense k -Subgraph Problem , 2001, Algorithmica.

[3]  Dmitri V. Krioukov,et al.  AS relationships: inference and validation , 2006, CCRV.

[4]  Nikita Borisov,et al.  Cirripede: circumvention infrastructure using router redirection with plausible deniability , 2011, CCS '11.

[5]  Ian Goldberg,et al.  Telex: Anticensorship in the Network Infrastructure , 2011, USENIX Security Symposium.

[6]  A. Dammer How Secure are Secure Interdomain Routing Protocols , 2011 .

[7]  Yakov Rekhter,et al.  A Border Gateway Protocol 4 (BGP-4) , 1994, RFC.

[8]  Lane A. Hemaspaandra,et al.  On ranking , 1987, SCT.

[9]  Donald F. Towsley,et al.  Locating network monitors: complexity, heuristics, and coverage , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[10]  Samir Khuller,et al.  The Budgeted Maximum Coverage Problem , 1999, Inf. Process. Lett..

[11]  W. Timothy Strayer,et al.  A Topological Analysis of Monitor Placement , 2007, Sixth IEEE International Symposium on Network Computing and Applications (NCA 2007).

[12]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[13]  Lixia Zhang,et al.  On the placement of Internet instrumentation , 2000, Proceedings IEEE INFOCOM 2000. Conference on Computer Communications. Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies (Cat. No.00CH37064).

[14]  Lixin Gao,et al.  Stable Internet routing without global coordination , 2000, SIGMETRICS '00.