APPARATUS AND METHOD FOR CLIENT IDENTIFICATION IN ANONYMOUS COMMUNICATION NETWORKS
First Claim
1. A computer-implemented client identification method for an anonymous communication network, the method comprising:
- analyzing path vulnerabilities associated with transmission of traffic through the anonymous communication network;
generating results of the path vulnerabilities analysis to determine probability of selection of unpopular ports in the anonymous communication network;
accessing a web server associated with the anonymous communication network to compromise the web server, the web server being communicatively linked to an anonymous client machine;
modifying the compromised web server with a script that enables injection of a hidden program into the anonymous client machine based on the results of the path vulnerability analysis; and
wherein the hidden program modifies the anonymous client machine to establish a new path in the anonymous communication network and activates the anonymous client machine to communicate over the new path, wherein traffic from the anonymous client machine is routed through at least one unpopular port in the new path to determine the identity of the anonymous client machine in the anonymous communication network.
1 Assignment
0 Petitions
Accused Products
Abstract
Apparatus and methods for client identification in anonymous communication networks are provided to identify an anonymous client by guiding a network path selection algorithm to select from a small set of relays. A large percentage of the relays in the set are controlled, thus probabilistically forming a pathway connection in which the traffic is routed through the set of relays which are configured to identify client traffic. From the set of controlled relays, if both an entry node and an exit node are selected by the anonymous client, then client identification is possible. Path vulnerabilities are analyzed and results of the analysis determine a probability of selection of unpopular ports. A hidden program modifies the anonymous client machine and traffic from the anonymous client machine is routed through at least one unpopular port in the new path to determine the identity of the anonymous client machine.
14 Citations
20 Claims
-
1. A computer-implemented client identification method for an anonymous communication network, the method comprising:
-
analyzing path vulnerabilities associated with transmission of traffic through the anonymous communication network; generating results of the path vulnerabilities analysis to determine probability of selection of unpopular ports in the anonymous communication network; accessing a web server associated with the anonymous communication network to compromise the web server, the web server being communicatively linked to an anonymous client machine; modifying the compromised web server with a script that enables injection of a hidden program into the anonymous client machine based on the results of the path vulnerability analysis; and wherein the hidden program modifies the anonymous client machine to establish a new path in the anonymous communication network and activates the anonymous client machine to communicate over the new path, wherein traffic from the anonymous client machine is routed through at least one unpopular port in the new path to determine the identity of the anonymous client machine in the anonymous communication network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. An apparatus to identify a client machine in an anonymous communication network, the apparatus comprising:
-
a controller including a processor to analyze path vulnerabilities associated with transmission of traffic in an anonymous communication network to identify a client machine, wherein the controller; performs a path vulnerability analysis in the anonymous communication network; generates results of the path vulnerabilities analysis to determine probability of selection of unpopular ports in the anonymous communication network; accesses a web server associated with the anonymous communication network to compromise the web server, the web server being communicatively linked to a client machine; and modifies the compromised web server with a script that enables injection of a hidden program into the anonymous client machine based on the results of the path vulnerability analysis; and a memory associated with the processor, wherein the controller generates the hidden program to modify the anonymous client machine to establish a new path in the anonymous communication network based on the path vulnerability analysis, wherein traffic from the anonymous client machine is routed through at least one unpopular port in the new path to determine the identity of the client machine in the anonymous communication network. - View Dependent Claims (15, 16, 17)
-
-
18. A computer software product, comprising a non-transitory storage medium readable by a processor, the non-transitory storage medium having stored thereon a set of instructions for performing computer-implemented client identification in an anonymous communication network, the set of instructions comprising:
-
(a) a first sequence of instructions which, when executed by the processor, causes said processor to analyze path vulnerabilities and generate results associated with transmission of traffic through the anonymous communication network to determine probability of selection of unpopular ports in the anonymous communication network; (b) a second sequence of instruction which, when executed by the processor, causes said processor to inject an increase in perceived bandwidth and an increase in perceived uptime into one or more unpopular ports and one or more associated malicious routers based on the results of the path vulnerability analysis; (c) a third sequence of instructions which, when executed by the processor, causes said processor to access a web server associated with the anonymous communication network to compromise the web server, the web server being communicatively linked to a client machine; and (d) a fourth sequence of instructions which, when executed by the processor, causes said processor to modify the compromised web server with a script that enables injection of a hidden program into the client machine based on the results of the path vulnerability analysis, wherein the hidden program modifies the client machine to establish a new path in the anonymous communication network, wherein traffic from the client machine is routed through at least one unpopular port in the new path to determine the identity of the client machine in the anonymous communication network. - View Dependent Claims (19, 20)
-
Specification