Abstract
Free web proxies promise anonymity and censorship circumvention at no cost. Several websites publish lists of free proxies organized by country, anonymity level, and performance. These lists index hundreds of thousands of hosts discovered via automated tools and crowd-sourcing. A complex free proxy ecosystem has been forming over the years, of which very little is known. In this article, we shed light on this ecosystem via a distributed measurement platform that leverages both active and passive measurements. Active measurements are carried out by an infrastructure we name ProxyTorrent, which discovers free proxies, assesses their performance, and detects potential malicious activities. Passive measurements focus on proxy performance and usage in the wild, and are accomplished by means of a Chrome extension named Ciao. ProxyTorrent has been running since January 2017, monitoring up to 230K free proxies. Ciao was launched in March 2017 and has thus far served roughly 9.7K users and generated 14TB of traffic. Our analysis shows that less than 2% of the proxies announced on the Web indeed proxy traffic on behalf of users; further, only half of these proxies have decent performance and can be used reliably. Every day, around 5%--10% of the active proxies exhibit malicious behaviors, e.g., advertisement injection, TLS interception, and cryptojacking, and these proxies are also the ones providing the best performance. Through the analysis of more than 14TB of proxied traffic, we show that web browsing is the primary user activity. Geo-blocking avoidance—allegedly a popular use case for free web proxies—accounts for 30% or less of the traffic, and it mostly involves countries hosting popular geo-blocked content.
- Devdatta Akhawe and Adrienne Porter Felt. 2013. Alice in warningland: A large-scale field study of browser security warning effectiveness. In Proceedings of the USENIX Security Symposium. 257--272.Google Scholar
- Taejoong Chung, David R. Choffnes, and Alan Mislove. 2016. Tunneling for transparency: A large-scale analysis of end-to-end violations in the internet. In Proceedings of the ACM Internet Measurement Conference (IMC’16). 199--213.Google ScholarDigital Library
- CIAO. 2017. Automated Free Proxies Discovery/usage. https://goo.gl/NgJmLE.Google Scholar
- CURL. 2017. Command Line Tool and Library for Transferring Data with URLs. https://curl.haxx.se/.Google Scholar
- David Dittrich and Erin Kenneally. 2012. The Menlo Report: Ethical Principles Guiding Information and Communication Technology Research. Technical Report, US Department of Homeland Security.Google Scholar
- Zakir Durumeric, Eric Wustrow, and J. Alex Halderman. 2013. ZMap: Fast internet-wide scanning and its security applications. In Proceedings of the USENIX Security Symposium. 605--620.Google ScholarDigital Library
- Brendan J. Frey and Delbert Dueck. 2007. Clustering by passing messages between data points. Science 315, 5814 (2007), 972--976.Google Scholar
- Haschek Solutions. 2017. ProxyChecker. https://github.com/chrisiaut/proxycheck_script.Google Scholar
- Hola. 2017. Free VPN, Secure Browsing, Unrestricted Access. http://hola.org/.Google Scholar
- Muhammad Ikram, Narseo Vallina-Rodriguez, Suranga Seneviratne, Mohamed Ali Kaafar, and Vern Paxson. 2016. An analysis of the privacy and security risks of Android VPN permission-enabled apps. In Proceedings of the ACM Internet Measurement Conference (IMC’16). 349--364.Google ScholarDigital Library
- Christian Kreibich, Nicholas Weaver, Boris Nechaev, and Vern Paxson. 2010. Netalyzr: Illuminating the edge network. In Proceedings of the ACM Internet Measurement Conference (IMC’10). 246--259.Google ScholarDigital Library
- letsencrypt. 2017. A Free, Automated, and Open Certificate Authority. https://letsencrypt.org/.Google Scholar
- Akshaya Mani, Tavish Vaidya, David Dworken, and Micah Sherr. 2018. An extensive evaluation of the internet’s open proxies. In Proceedings of the 34th Computer Security Applications Conference (ACSAC’18). ACM, New York, NY, 252--265. DOI:https://doi.org/10.1145/3274694.3274711Google ScholarDigital Library
- MAXMIND. 2017. IP Geolocation and Online Fraud Prevention. https://www.maxmind.com/.Google Scholar
- NGINX. 2017. A Free, Open-source, High-performance HTTP Server. https://nginx.org/.Google Scholar
- Diego Perino, Matteo Varvello, and Claudio Soriente. 2018. ProxyTorrent: Untangling the free HTTP(S) proxy ecosystem. In Proceedings of the World Wide Web Conference (WWW’18). 197--206.Google ScholarDigital Library
- Vasile Claudiu Perta, Marco Valerio Barbera, Gareth Tyson, Hamed Haddadi, and Alessandro Mei. 2015. A glance through the VPN looking glass: IPv6 leakage and DNS hijacking in commercial VPN clients. In Proceedings of the Conference on Privacy Enhancing Technologies (PoPETs’15). 77--91.Google ScholarCross Ref
- PhantomJS. 2017. Headless Browser. http://phantomjs.org/.Google Scholar
- PLANETLAB. 2017. An Open Platform for Developing, Deploying, and Accessing Planetary-scale Services. https://www.planet-lab.org/.Google Scholar
- ProxyTorrent team.2017. Ciao Code. https://github.com/ciao-dev/CIAO.Google Scholar
- Charles Reis, Steven D. Gribble, Tadayoshi Kohno, and Nicholas C. Weaver. 2008. Detecting in-flight page changes with web tripwires. In Proceedings of the USENIX Symposium on Networked Systems Design 8 Implementation (NSDI’08). 31--44.Google Scholar
- Will Scott, Ravi Bhoraskar, and Arvind Krishnamurthy. 2015. Understanding open proxies in the wild. In Proceedings of the Chaos Communication Camp.Google Scholar
- Georgios Tsirantonakis, Panagiotis Ilia, Sotiris Ioannidis, Elias Athanasopoulos, and Michalis Polychronakis. 2018. A large-scale analysis of content modification by open HTTP proxies. In Proceedings of the Network and Distributed System Security Symposium (NDSS’18). (2018).Google ScholarCross Ref
- Gareth Tyson, Shan Huang, Félix Cuadrado, Ignacio Castro, Vasile Claudiu Perta, Arjuna Sathiaseelan, and Steve Uhlig. 2017. Exploring HTTP header manipulation in-the-wild. In Proceedings of the International Conference on World Wide Web (WWW’17). 451--458.Google ScholarDigital Library
- Matteo Varvello, Jeremy Blackburn, David Naylor, and Konstantina Papagiannaki. 2016. EYEORG: A platform for crowdsourcing web quality of experience measurements. In Proceedings of the Conference on Emerging Network Experiment and Technology (CoNEXT’16).Google ScholarDigital Library
- Nicholas Weaver, Christian Kreibich, Martin Dam, and Vern Paxson. 2014. Here be web proxies. In Proceedings of the Passive and Active Measurement Conference (PAM’14). 183--192.Google ScholarDigital Library
Index Terms
- Long-term Measurement and Analysis of the Free Proxy Ecosystem
Recommendations
ProxyTorrent: Untangling the Free HTTP(S) Proxy Ecosystem
WWW '18: Proceedings of the 2018 World Wide Web ConferenceFree web proxies promise anonymity and censorship circumvention at no cost. Several websites publish lists of free proxies organized by country, anonymity level, and performance. These lists index hundreds of thousand of hosts discovered via automated ...
Shining a light on dark places: A comprehensive analysis of open proxy ecosystem
AbstractOpen proxies provide free relay services and are widely used to anonymously browse the Internet, avoid geographic restrictions, and circumvent censorship. To shed light on the ecosystem of open proxies and characterize the behaviors of ...
PTC: Proxies that Transcode and Cache in Heterogeneous Web Client Environments
Advances in computing and communication technologies have resulted in a wide variety of networked mobile devices that access data over the Internet. In this paper, we argue that servers by themselves may not be able to handle this diversity in client ...
Comments