Certificates
Content
NYMBLE: Blocking Misbehaving Users in Anonymizing Networks
A thesis submitted in partial fulfillment of the academic requirement for the award of degree of
MASTER OF TECHNOLOGY (Computer Science & Engineering)
Submitted By
Mohammad Zainuddin (10R01D5809) Under the Esteemed guidance of
Mr. D. Baswaraj Associate Professor, Department of CSE
CMR INSTITUTE OF TECHNOLOGY (Approved by AICTE, Affiliated to JNTU, Hyderabad) Kandlakoya, Medchal Road, R.R. Dist. Hyderabad.
2011-2012 i
CMR INSTITUTE OF TECHNOLOGY (Approved by AICTE, Affiliated to JNTU, Kukatpally) Kandlakoya, Medchal Road, Hyderabad
Department of Computer Science & Engineering
CERTIFICATE This is to certify that the Thesis entitled “NYMBLE: Blocking Misbehaving Users in Anonymizing Networks” is being submitted by Mohammad Zainuddin with H.T.No. 10R01D5809 in partial fulfillment of the requirement for the award of the degree of M.Tech in Computer Science & Engineering to the Jawaharlal Nehru Technological University Hyderabad is a record of bonafide work carried out by him under my/our guidance and supervision from 24-10-2011 to 25-08-2012. The results presented in this thesis have been verified and are found to be satisfactory. The results embodied in this thesis have not been submitted to any other University for the award of any other degree or diploma.
Internal Guide
HOD
(Mr. D. Baswaraj)
(Prof. P. Pavan Kumar)
EXTERNAL EXAMINER
ii
Principal (Dr. M. Janga Reddy)
ACKNOWLEDGMENT
I am extremely grateful to Dr. M. Janga Reddy, Principal and Prof. P. Pavan Kumar, HOD, Department of CSE, CMR Institute of Technology.
I am extremely thankful to Mr. D. Baswaraj, Project Coordinator and Internal Guide, Department of CSE, for his constant guidance, encouragement and moral support throughout the project.
I will be failing in duty if I do not acknowledge with grateful thanks to the authors of the references and other literatures referred in this Project.
I express my thanks to all staff members and friends for all the help and co-ordination extended in bringing out this Project successfully in time.
Finally, I am very much thankful to my parents who guided me for every step.
(Mohammad Zainuddin) Date: Place:
iii
ABSTRACT Anonymizing networks such as Tor allow users to access Internet services privately by using a series of routers to hide the client’s IP address from the server. The success of such networks, however, has been limited by users employing this anonymity for abusive purposes such as defacing popular websites. Website administrators routinely rely on IP-address blocking for disabling access to misbehaving users, but blocking IP addresses is not practical if the abuser routes through an anonymizing network. As a result, administrators block all known exit nodes of anonymizing networks, denying anonymous access to misbehaving and behaving users alike. To address this problem, we present Nymble, a system in which servers can “blacklist” misbehaving users, thereby blocking users without compromising their anonymity. Our system is thus agnostic to different servers’ definitions of misbehavior — servers can blacklist users for whatever reason, and the privacy of blacklisted users is maintained.
iv
CONTENTS Sl.No. 1. 1.1. 1.2. 1.3. 1.4. 1.5. 1.6. 1.7. 1.8. 1.9.
Particulars
Page No.
Introduction Problem Definition Existing System and its Limitations Proposed System Advantages of Proposed System Feasibility Study Hardware and Software Requirements Functional Requirements Non-Functional Requirements Pseudo Requirements
1 2 2 2 3 4 5 5 5 5
2.
Literature Survey 2.1. Previous work done in blocking of users in anonymizing networks 2.1.1. Pseudonymous Credential Systems 2.1.2. Anonymous Credential Systems 2.1.3. Verifier-local Revocation (VLR) 2.2. Proposed Work
6 6 6 8 9 9
3.
Analysis and Design 3.1. Modules Description 3.1.1. Nymble Manager 3.1.2. Pseudonym Manager 3.1.3. Blacklisting a User 3.1.4. Nymble-Authenticated Connection 3.2. Data Flow Diagrams 3.3. UML Diagrams 3.3.1. Use Case Diagram 3.3.2. Class Diagram 3.3.3. Sequence Diagram 3.3.4. Activity Diagram 3.3.5. Collaboration Diagram
11 11 11 11 11 11 12 16 16 17 18 19 20
4.
Implementation 4.1. Process Specification 4.1.1. Input Design 4.1.2. Objectives 4.1.3. Output Design 4.2. Techniques Used 4.2.1. Blacklisting Anonymous Users 4.2.2. Practical Performance 4.2.3. Open-Source Implementation 4.3. Algorithms Used 4.3.1. Algorithm for Pseudonym Creation 4.3.2. Algorithm for Granting Nymble Tickets 4.3.3. Algorithm for Notifying Users about their status v
21 21 21 21 21 22 22 22 22 23 23 23 24
Sl.No.
5.
Particulars
Page No.
4.4. Technology Description 4.4.1. Java Technology 4.4.2. The Java Programming Language 4.4.3. The Java Platform 4.4.4. What can Java Technology do? 4.4.5. How will Java Technology Change Life? 4.4.6. ODBC 4.4.7. JDBC 4.4.8. JDBC Goals 4.4.9. Networking 4.5. Sample Coding 4.5.1. Sample code for client login 4.5.2. Sample code for server login 4.5.3. Sample code for Nymble Manager 4.6. Screenshots
25 25 25 27 27 29 30 31 31 35 39 39 43 51 56
Testing and Debugging 5.1. Types of Testing 5.1.1. Black Box Testing 5.1.2. White Box Testing 5.1.3. Unit Testing 5.1.4. Test Strategy and Approach 5.2. Test Objectives 5.3. Features to be tested 5.3.1. System Testing 5.3.2. Integration Testing 5.3.3. Functional Testing 5.3.4. Test case table 5.3.5. Query 5.4. Test Plan 5.4.1. Bottom up approach 5.4.2. Top down approach 5.5. Test cases
77 77 77 77 77 77 77 78 78 78 78 79 79 80 80 80 80
6.
Conclusion
82
7.
Reference / Bibliography
83
8.
Appendix
85
vi
List of Figures Fig.No.
Description
Page No.
1.
Project Architecture
3
2.
Pseudonymous System Flow Diagram
7
3.
Anonymous Credential Systems
8
4.
Overview Nymble Design
10
5.
DFD for Nymble Modules
13
6.
Overview Flowchart of Whole Project
13
7.
DFD for Server
14
8.
DFD for Client
15
9.
Use case Diagram for user login and server login
16
10.
Class Diagram for user and nymble manager interaction
17
11.
Sequence Diagram for client, server and NM interactions
18
12.
Activity Diagram for user and server
19
13.
Collaboration Diagram for Nymble System
20
14.
Working of Interpreter
26
15.
Working of Java Program
26
16.
Java API
27
17.
Java IDE
29
18.
Java Program going through Compilers and Interpreter
34
vii
List of Tables Table.No.
Description
Page No.
1.
Nymble Server Login Test Table
80
2.
Client Login Test Table
81
3.
Blocking Test Table
81
List of Screenshots SS.No.
Particulars
Page No.
1.
Nymble Server
56
2.
Nymble Server Invalid Login
57
3.
Nymble Server Valid Login
58
4.
Nymble Manager with Resources and handling blocked IP-addresses 59
5.
Misbehaving Users Info
60
6.
Client Registration
61
7.
Server Registration
62
8.
User Login
63
9.
User Login Key
64
10.
Available Resources
65
11.
Accessing of File
66
12.
Authenticate Nymble Page
67
13.
Nymble Web Page-1
68
14.
Nymble Web Page-2
69 viii
List of Screenshots SS.No.
Particulars
Page No.
15.
Server View Via Android Mobile
70
16.
Pseudonym Manager-1
71
17.
Pseudonym Manager-2
72
18.
Invalid PWD for 1st Time
73
19.
Invalid PWD for 2nd Time
74
20.
Invalid PWD for 3rd Time
75
21.
Blocking of User on 3rd Wrong Attempt
76
ix
A thesis submitted in partial fulfillment of the academic requirement for the award of degree of
MASTER OF TECHNOLOGY (Computer Science & Engineering)
Submitted By
Mohammad Zainuddin (10R01D5809) Under the Esteemed guidance of
Mr. D. Baswaraj Associate Professor, Department of CSE
CMR INSTITUTE OF TECHNOLOGY (Approved by AICTE, Affiliated to JNTU, Hyderabad) Kandlakoya, Medchal Road, R.R. Dist. Hyderabad.
2011-2012 i
CMR INSTITUTE OF TECHNOLOGY (Approved by AICTE, Affiliated to JNTU, Kukatpally) Kandlakoya, Medchal Road, Hyderabad
Department of Computer Science & Engineering
CERTIFICATE This is to certify that the Thesis entitled “NYMBLE: Blocking Misbehaving Users in Anonymizing Networks” is being submitted by Mohammad Zainuddin with H.T.No. 10R01D5809 in partial fulfillment of the requirement for the award of the degree of M.Tech in Computer Science & Engineering to the Jawaharlal Nehru Technological University Hyderabad is a record of bonafide work carried out by him under my/our guidance and supervision from 24-10-2011 to 25-08-2012. The results presented in this thesis have been verified and are found to be satisfactory. The results embodied in this thesis have not been submitted to any other University for the award of any other degree or diploma.
Internal Guide
HOD
(Mr. D. Baswaraj)
(Prof. P. Pavan Kumar)
EXTERNAL EXAMINER
ii
Principal (Dr. M. Janga Reddy)
ACKNOWLEDGMENT
I am extremely grateful to Dr. M. Janga Reddy, Principal and Prof. P. Pavan Kumar, HOD, Department of CSE, CMR Institute of Technology.
I am extremely thankful to Mr. D. Baswaraj, Project Coordinator and Internal Guide, Department of CSE, for his constant guidance, encouragement and moral support throughout the project.
I will be failing in duty if I do not acknowledge with grateful thanks to the authors of the references and other literatures referred in this Project.
I express my thanks to all staff members and friends for all the help and co-ordination extended in bringing out this Project successfully in time.
Finally, I am very much thankful to my parents who guided me for every step.
(Mohammad Zainuddin) Date: Place:
iii
ABSTRACT Anonymizing networks such as Tor allow users to access Internet services privately by using a series of routers to hide the client’s IP address from the server. The success of such networks, however, has been limited by users employing this anonymity for abusive purposes such as defacing popular websites. Website administrators routinely rely on IP-address blocking for disabling access to misbehaving users, but blocking IP addresses is not practical if the abuser routes through an anonymizing network. As a result, administrators block all known exit nodes of anonymizing networks, denying anonymous access to misbehaving and behaving users alike. To address this problem, we present Nymble, a system in which servers can “blacklist” misbehaving users, thereby blocking users without compromising their anonymity. Our system is thus agnostic to different servers’ definitions of misbehavior — servers can blacklist users for whatever reason, and the privacy of blacklisted users is maintained.
iv
CONTENTS Sl.No. 1. 1.1. 1.2. 1.3. 1.4. 1.5. 1.6. 1.7. 1.8. 1.9.
Particulars
Page No.
Introduction Problem Definition Existing System and its Limitations Proposed System Advantages of Proposed System Feasibility Study Hardware and Software Requirements Functional Requirements Non-Functional Requirements Pseudo Requirements
1 2 2 2 3 4 5 5 5 5
2.
Literature Survey 2.1. Previous work done in blocking of users in anonymizing networks 2.1.1. Pseudonymous Credential Systems 2.1.2. Anonymous Credential Systems 2.1.3. Verifier-local Revocation (VLR) 2.2. Proposed Work
6 6 6 8 9 9
3.
Analysis and Design 3.1. Modules Description 3.1.1. Nymble Manager 3.1.2. Pseudonym Manager 3.1.3. Blacklisting a User 3.1.4. Nymble-Authenticated Connection 3.2. Data Flow Diagrams 3.3. UML Diagrams 3.3.1. Use Case Diagram 3.3.2. Class Diagram 3.3.3. Sequence Diagram 3.3.4. Activity Diagram 3.3.5. Collaboration Diagram
11 11 11 11 11 11 12 16 16 17 18 19 20
4.
Implementation 4.1. Process Specification 4.1.1. Input Design 4.1.2. Objectives 4.1.3. Output Design 4.2. Techniques Used 4.2.1. Blacklisting Anonymous Users 4.2.2. Practical Performance 4.2.3. Open-Source Implementation 4.3. Algorithms Used 4.3.1. Algorithm for Pseudonym Creation 4.3.2. Algorithm for Granting Nymble Tickets 4.3.3. Algorithm for Notifying Users about their status v
21 21 21 21 21 22 22 22 22 23 23 23 24
Sl.No.
5.
Particulars
Page No.
4.4. Technology Description 4.4.1. Java Technology 4.4.2. The Java Programming Language 4.4.3. The Java Platform 4.4.4. What can Java Technology do? 4.4.5. How will Java Technology Change Life? 4.4.6. ODBC 4.4.7. JDBC 4.4.8. JDBC Goals 4.4.9. Networking 4.5. Sample Coding 4.5.1. Sample code for client login 4.5.2. Sample code for server login 4.5.3. Sample code for Nymble Manager 4.6. Screenshots
25 25 25 27 27 29 30 31 31 35 39 39 43 51 56
Testing and Debugging 5.1. Types of Testing 5.1.1. Black Box Testing 5.1.2. White Box Testing 5.1.3. Unit Testing 5.1.4. Test Strategy and Approach 5.2. Test Objectives 5.3. Features to be tested 5.3.1. System Testing 5.3.2. Integration Testing 5.3.3. Functional Testing 5.3.4. Test case table 5.3.5. Query 5.4. Test Plan 5.4.1. Bottom up approach 5.4.2. Top down approach 5.5. Test cases
77 77 77 77 77 77 77 78 78 78 78 79 79 80 80 80 80
6.
Conclusion
82
7.
Reference / Bibliography
83
8.
Appendix
85
vi
List of Figures Fig.No.
Description
Page No.
1.
Project Architecture
3
2.
Pseudonymous System Flow Diagram
7
3.
Anonymous Credential Systems
8
4.
Overview Nymble Design
10
5.
DFD for Nymble Modules
13
6.
Overview Flowchart of Whole Project
13
7.
DFD for Server
14
8.
DFD for Client
15
9.
Use case Diagram for user login and server login
16
10.
Class Diagram for user and nymble manager interaction
17
11.
Sequence Diagram for client, server and NM interactions
18
12.
Activity Diagram for user and server
19
13.
Collaboration Diagram for Nymble System
20
14.
Working of Interpreter
26
15.
Working of Java Program
26
16.
Java API
27
17.
Java IDE
29
18.
Java Program going through Compilers and Interpreter
34
vii
List of Tables Table.No.
Description
Page No.
1.
Nymble Server Login Test Table
80
2.
Client Login Test Table
81
3.
Blocking Test Table
81
List of Screenshots SS.No.
Particulars
Page No.
1.
Nymble Server
56
2.
Nymble Server Invalid Login
57
3.
Nymble Server Valid Login
58
4.
Nymble Manager with Resources and handling blocked IP-addresses 59
5.
Misbehaving Users Info
60
6.
Client Registration
61
7.
Server Registration
62
8.
User Login
63
9.
User Login Key
64
10.
Available Resources
65
11.
Accessing of File
66
12.
Authenticate Nymble Page
67
13.
Nymble Web Page-1
68
14.
Nymble Web Page-2
69 viii
List of Screenshots SS.No.
Particulars
Page No.
15.
Server View Via Android Mobile
70
16.
Pseudonym Manager-1
71
17.
Pseudonym Manager-2
72
18.
Invalid PWD for 1st Time
73
19.
Invalid PWD for 2nd Time
74
20.
Invalid PWD for 3rd Time
75
21.
Blocking of User on 3rd Wrong Attempt
76
ix
