TY - GEN
T1 - Do You See What I See? Differential Treatment of Anonymous Users
AU - Khattak, Sheharbano
AU - Fifield, David
AU - Afroz, Sadia
AU - Javed, Mobin
AU - Sundaresan, Srikanth
AU - Paxson, Vern
AU - Murdoch, Steven J.
AU - McCoy, Damon
N1 - Publisher Copyright:
© 2016 Internet Society.
PY - 2016
Y1 - 2016
N2 - The utility of anonymous communication is undermined by a growing number of websites treating users of such services in a degraded fashion. The second-class treatment of anonymous users ranges from outright rejection to limiting their access to a subset of the service’s functionality or imposing hurdles such as CAPTCHA-solving. To date, the observation of such practices has relied upon anecdotal reports catalogued by frustrated anonymity users. We present a study to methodically enumerate and characterize, in the context of Tor, the treatment of anonymous users as second-class Web citizens. We focus on first-line blocking: at the transport layer, through reset or dropped connections; and at the application layer, through explicit blocks served from website home pages. Our study draws upon several data sources: comparisons of Internetwide port scans from Tor exit nodes versus from control hosts; scans of the home pages of top-1,000 Alexa websites through every Tor exit; and analysis of nearly a year of historic HTTP crawls from Tor network and control hosts. We develop a methodology to distinguish censorship events from incidental failures such as those caused by packet loss or network outages, and incorporate consideration of the endemic churn in web-accessible services over both time and geographic diversity. We find clear evidence of Tor blocking on the Web, including 3.67% of the top-1,000 Alexa sites. Some blocks specifically target Tor, while others result from fate-sharing when abuse-based automated blockers trigger due to misbehaving Web sessions sharing the same exit node.
AB - The utility of anonymous communication is undermined by a growing number of websites treating users of such services in a degraded fashion. The second-class treatment of anonymous users ranges from outright rejection to limiting their access to a subset of the service’s functionality or imposing hurdles such as CAPTCHA-solving. To date, the observation of such practices has relied upon anecdotal reports catalogued by frustrated anonymity users. We present a study to methodically enumerate and characterize, in the context of Tor, the treatment of anonymous users as second-class Web citizens. We focus on first-line blocking: at the transport layer, through reset or dropped connections; and at the application layer, through explicit blocks served from website home pages. Our study draws upon several data sources: comparisons of Internetwide port scans from Tor exit nodes versus from control hosts; scans of the home pages of top-1,000 Alexa websites through every Tor exit; and analysis of nearly a year of historic HTTP crawls from Tor network and control hosts. We develop a methodology to distinguish censorship events from incidental failures such as those caused by packet loss or network outages, and incorporate consideration of the endemic churn in web-accessible services over both time and geographic diversity. We find clear evidence of Tor blocking on the Web, including 3.67% of the top-1,000 Alexa sites. Some blocks specifically target Tor, while others result from fate-sharing when abuse-based automated blockers trigger due to misbehaving Web sessions sharing the same exit node.
UR - http://www.scopus.com/inward/record.url?scp=85054055133&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85054055133&partnerID=8YFLogxK
U2 - 10.14722/ndss.2016.23342
DO - 10.14722/ndss.2016.23342
M3 - Conference contribution
AN - SCOPUS:85054055133
T3 - 23rd Annual Network and Distributed System Security Symposium, NDSS 2016
BT - 23rd Annual Network and Distributed System Security Symposium, NDSS 2016
PB - The Internet Society
T2 - 23rd Annual Network and Distributed System Security Symposium, NDSS 2016
Y2 - 21 February 2016 through 24 February 2016
ER -