NYMBLE: Blocking Misbehaving Users in Anonymizing Networks A thesis submitted in partial fulfillment of the academic requirement for the award of degree of
MASTER OF TECHNOLOGY (Computer Science & Engineering)
Submitted By
Mohammad Zainuddin (10R01D5809) Under the Esteemed guidance of
Mr. D. Baswaraj Associate Professor, Department of CSE
CMR INSTITUTE OF TECHNOLOGY (Approved by AICTE, Affiliated to JNTU, Hyderabad) Kandlakoya, Medchal Road, R.R. Dist. Hyderabad.
2011-2012 i
CMR INSTITUTE OF TECHNOLOGY (Approved by AICTE, Affiliated to JNTU, Kukatpally) Kandlakoya, Medchal Road, Hyderabad
Department of Computer Science & Engineering
CERTIFICATE This is to certify that the Thesis entitled “NYMBLE: Blocking Misbehaving Users in Anonymizing Networks” is being submitted by Mohammad Zainuddin with H.T.No. 10R01D5809 in partial fulfillment of the requirement for the award of the degree of M.Tech in Computer Science & Engineering to the Jawaharlal Nehru Technological University Hyderabad is a record of bonafide work carried out by him under my/our guidance and supervision from 24-10-2011 to 25-08-2012. The results presented in this thesis have been verified and are found to be satisfactory. The results embodied in this thesis have not been submitted to any other University for the award of any other degree or diploma.
Internal Guide
HOD
(Mr. D. Baswaraj)
(Prof. P. Pavan Kumar)
EXTERNAL EXAMINER
ii
Principal (Dr. M. Janga Reddy)
ACKNOWLEDGMENT
I am extremely grateful to Dr. M. Janga Reddy, Principal and Prof. P. Pavan Kumar, HOD, Department of CSE, CMR Institute of Technology. I am extremely thankful to Mr. D. Baswaraj, Project Coordinator and Internal Guide, Department of CSE, for his constant guidance, encouragement and moral support throughout the project. I will be failing in duty if I do not acknowledge with grateful thanks to the authors of the references and other literatures referred in this Project. I express my thanks to all staff members and friends for all the help and co-ordination extended in bringing out this Project successfully in time. Finally, I am very much thankful to my parents who guided me for every step.
(Mohammad Zainuddin) Date: Place:
iii
ABSTRACT Anonymizing networks such as Tor allow users to access Internet services privately by using a series of routers to hide the client’s IP address from the server. The success of such networks, however, has been limited by users employing this anonymity for abusive purposes such as defacing popular websites. Website administrators routinely rely on IP-address blocking for disabling access to misbehaving users, but blocking IP addresses is not practical if the abuser routes through an anonymizing network. As a result, administrators block all known exit nodes of anonymizing networks, denying anonymous access to misbehaving and behaving users alike. To address this problem, we present Nymble, a system in which servers can “blacklist” misbehaving users, thereby blocking users without compromising their anonymity. Our system is thus agnostic to different servers’ definitions of misbehavior — servers can blacklist users for whatever reason, and the privacy of blacklisted users is maintained.
Introduction Problem Definition Existing System and its Limitations Proposed System Advantages of Proposed System Feasibility Study Hardware and Software Requirements Functional Requirements Non-Functional Requirements Pseudo Requirements
1 2 2 2 3 4 5 5 5 5
2.
Literature Survey 2.1. Previous work done in blocking of users in anonymizing networks 2.1.1. Pseudonymous Credential Systems 2.1.2. Anonymous Credential Systems 2.1.3. Verifier-local Revocation (VLR) 2.2. Proposed Work
6 6 6 8 9 9
3.
Analysis and Design 3.1. Modules Description 3.1.1. Nymble Manager 3.1.2. Pseudonym Manager 3.1.3. Blacklisting a User 3.1.4. Nymble-Authenticated Connection 3.2. Data Flow Diagrams 3.3. UML Diagrams 3.3.1. Use Case Diagram 3.3.2. Class Diagram 3.3.3. Sequence Diagram 3.3.4. Activity Diagram 3.3.5. Collaboration Diagram
11 11 11 11 11 11 12 16 16 17 18 19 20
4.
Implementation 4.1. Process Specification 4.1.1. Input Design 4.1.2. Objectives 4.1.3. Output Design 4.2. Techniques Used 4.2.1. Blacklisting Anonymous Users 4.2.2. Practical Performance 4.2.3. Open-Source Implementation 4.3. Algorithms Used 4.3.1. Algorithm for Pseudonym Creation 4.3.2. Algorithm for Granting Nymble Tickets 4.3.3. Algorithm for Notifying Users about their status
21 21 21 21 21 22 22 22 22 23 23 23 24
v
Sl.No.
5.
Particulars
Page No.
4.4. Technology Description 4.4.1. Java Technology 4.4.2. The Java Programming Language 4.4.3. The Java Platform 4.4.4. What can Java Technology do? 4.4.5. How will Java Technology Change Life? 4.4.6. ODBC 4.4.7. JDBC 4.4.8. JDBC Goals 4.4.9. Networking 4.5. Sample Coding 4.5.1. Sample code for client login 4.5.2. Sample code for server login 4.5.3. Sample code for Nymble Manager 4.6. Screenshots
25 25 25 27 27 29 30 31 31 35 39 39 43 51 56
Testing and Debugging 5.1. Types of Testing 5.1.1. Black Box Testing 5.1.2. White Box Testing 5.1.3. Unit Testing 5.1.4. Test Strategy and Approach 5.2. Test Objectives 5.3. Features to be tested 5.3.1. System Testing 5.3.2. Integration Testing 5.3.3. Functional Testing 5.3.4. Test case table 5.3.5. Query 5.4. Test Plan 5.4.1. Bottom up approach 5.4.2. Top down approach 5.5. Test cases