Completed Projects

Completed projects are listed below. A list of active projects is also available.

An Extensive Evaluation of the Internet’s Open Proxies

This project (in collaboration with Northeastern University) conducts a comprehensive study of open proxies, encompassing more than 107,000 listed open proxies and 13M proxy requests over a 50 day period.

We provide a broad study that examines the availability, success rates, diversity, and also (mis)behavior of proxies. Our results show that listed open proxies suffer poor availability — more than 92% of open proxies that appear on aggregator sites are unresponsive to proxy requests. Much more troubling, we find numerous examples of malicious open proxies in which HTML content is manipulated to mine cryptocurrency (that is, cryptojacking). We additionally detect TLS man-in-the-middle (MitM) attacks, and discover numerous instances in which binaries fetched through proxies were modified to include remote access trojans and other forms of malware. As a point of comparison, we conduct and discuss a similar measurement study of the behavior of Tor exit relays. We find no instances in which Tor relays performed TLS MitM or manipulated content, suggesting that Tor offers a far more reliable and safe form of proxied communication.

More info…


A large volume of existing research attempts to understand who uses Tor and how the network is used (and misused). However, conducting measurements on the live Tor network, if done improperly, can endanger the security and anonymity of the millions of users who depend on the network to enhance their online privacy. Indeed, several existing measurement studies of Tor have been heavily criticized for unsafe research practices.

Tor needs privacy-preserving methods of gathering statistics. The recently proposed PrivEx system demonstrates how data can be safely collected on Tor using techniques from differential privacy. However, the integrity of the statistics reported by PrivEx is brittle under realistic deployment conditions. An adversary who operates even a single relay in the volunteer-operated anonymity network can arbitrarily influence the result of PrivEx queries. We argue that a safe and useful data collection mechanism must provide both privacy and integrity protections.

HisTorɛ is a privacy-preserving statistics collection scheme based on (ɛ,𝛿)-differential privacy that is robust against adversarial manipulation. We formalize the security guarantees of HisTorɛ and show using historical data from the Tor Project that HisTorɛ provides useful data collection and reporting with low bandwidth and processing overheads.

HoneyMail and HoneyProxy

HoneyMail is a measurement study of email interception. Since the content (and metadata) of intercepted emails can be trivially read, convention wisdom tells us that confidential information should never be sent via unencrypted emails. The project explores whether such advice is actually prudent. That is, we aim to answer the question how often are emails actually intercepted on the Internet?

To determine the regularity of which interception occurs, we transmit (false) emails whose content is attractive to potential eavesdroppers, but are sent only between our own email accounts. In particular, our fake emails will contain URLs that purportedly contain sensitive information about mortgages, bank accounts, passwords, and shared files. The emails are sent between geographically distributed email servers located through the globe, with embedded URLs that resolve to web servers under our control. Since the emails are sent only between our email servers and are addressed to fictitious email accounts, any visit to one of the embedded URLs must be due to the (illegal) interception of our email. More info…

The HoneyProxy project is a comparative study between the numerous free proxies freely available online and the Tor network. Since both Tor and free proxies are susceptible to manipulation and monitoring of traffic, for this project we are examining the behavior of a set of over 5000 proxies and all Tor exit nodes to search for malicious behavior on the part of the proxies and exit nodes. More info…


Senser is a distributed censorship detection and circumvention system for the web. Senser operates as a network of proxies located at different vantage points on the Internet (some of which may be subject to censorship). Clients query a random subset of Senser proxies for compact descriptions of a desired web page, and apply consensus and matching algorithms to the returned results to locally render a “majority” web page. More info…


A project to automate the creation of EmuLab experiments involving Tor. Creating a Tor ‘network-in-a-box’ on EmuLab requires significant configuration of both EmuLab and Tor; EmulaTor simplifies this process and allows for push-button creation of the necessary files. More Info…


Tortoise is a system for rate limiting Tor at its ingress points. We demonstrate that the system incurs little penalty for interactive web users, while significantly decreasing the throughput for filesharers. Our techniques provide incentives to filesharers to configure their Tor clients to also relay traffic, which in turn improves the network’s overall performance. More info…

Secure Network Provenance

The goal of this project is to provide secure network provenance, that is, the ability to correctly explain system states even when (and especially when) the system is faulty or under attack. Towards this goal, we are substantially extending and generalizing the concept of network provenance by adding capabilities needed in a forensic setting, we are developing techniques for securely storing prove­nance without trusted components, and we are designing methods for efficiently querying secure provenance. We are evaluating our techniques in the context of concrete applications, such as Hadoop MapReduce or BGP interdomain routing.

Web Footprinting

With the growth of online social networks and social media sites, the increase in dynamic web content, and the popularity of digital communication, more and more public information about individuals is available on the Internet. While much of this information is not sensitive, it is not uncommon for users to publish some sensitive information, including their birth dates and addresses, on social networking sites. The availability of this publicly accessible and potentially sensitive data can (and does) lead to abuse, exposing users to fraud, stalking, and identity theft. To help users better understand the potential risks associated with publishing certain data on the web, this project focuses on helping individuals determine and understand their WebFootprints. More info…


The DARPA-funded Selectable Anonymity for Enabling SAFER Telecommunications (SAFEST) project investigates methods for constructing reliable, high-performing, and censorship-resistant anonymity networks. SAFEST is a collaborative effort between Georgetown and the University of Pennsylvania.