Do You See What I See? Differential Treatment of Anonymous Users

Sheharbano Khattak, David Fifield, Sadia Afroz, Mobin Javed, Srikanth Sundaresan, Vern Paxson, Steven J. Murdoch, Damon McCoy

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Abstract

    The utility of anonymous communication is undermined by a growing number of websites treating users of such services in a degraded fashion. The second-class treatment of anonymous users ranges from outright rejection to limiting their access to a subset of the service’s functionality or imposing hurdles such as CAPTCHA-solving. To date, the observation of such practices has relied upon anecdotal reports catalogued by frustrated anonymity users. We present a study to methodically enumerate and characterize, in the context of Tor, the treatment of anonymous users as second-class Web citizens. We focus on first-line blocking: at the transport layer, through reset or dropped connections; and at the application layer, through explicit blocks served from website home pages. Our study draws upon several data sources: comparisons of Internetwide port scans from Tor exit nodes versus from control hosts; scans of the home pages of top-1,000 Alexa websites through every Tor exit; and analysis of nearly a year of historic HTTP crawls from Tor network and control hosts. We develop a methodology to distinguish censorship events from incidental failures such as those caused by packet loss or network outages, and incorporate consideration of the endemic churn in web-accessible services over both time and geographic diversity. We find clear evidence of Tor blocking on the Web, including 3.67% of the top-1,000 Alexa sites. Some blocks specifically target Tor, while others result from fate-sharing when abuse-based automated blockers trigger due to misbehaving Web sessions sharing the same exit node.

    Original languageEnglish (US)
    Title of host publication23rd Annual Network and Distributed System Security Symposium, NDSS 2016
    PublisherThe Internet Society
    ISBN (Electronic)189156241X, 9781891562419
    DOIs
    StatePublished - 2016
    Event23rd Annual Network and Distributed System Security Symposium, NDSS 2016 - San Diego, United States
    Duration: Feb 21 2016Feb 24 2016

    Publication series

    Name23rd Annual Network and Distributed System Security Symposium, NDSS 2016

    Conference

    Conference23rd Annual Network and Distributed System Security Symposium, NDSS 2016
    Country/TerritoryUnited States
    CitySan Diego
    Period2/21/162/24/16

    ASJC Scopus subject areas

    • Computer Networks and Communications
    • Control and Systems Engineering
    • Safety, Risk, Reliability and Quality

    Fingerprint

    Dive into the research topics of 'Do You See What I See? Differential Treatment of Anonymous Users'. Together they form a unique fingerprint.

    Cite this