h1.toc-heading-western { color: rgb(46, 116, 181); font-family: “Calibri Light”, serif; font-size: 16pt; font-weight: normal; }h1.toc-heading-cjk { color: rgb(46, 116, 181); font-size: 16pt; font-weight: normal; }h1.toc-heading-ctl { color: rgb(46, 116, 181); font-size: 16pt; font-weight: normal; }h3 { margin-top: 0.
03in; margin-bottom: 0in; direction: ltr; color: rgb(0, 0, 10); line-height: 108%; text-align: left; page-break-inside: avoid; }h3.western { font-family: “Times New Roman”, serif; font-size: 12pt; }h3.cjk { font-size: 12pt; }h3.ctl { font-size: 12pt; font-weight: normal; }h2 { margin-top: 0.03in; margin-bottom: 0in; direction: ltr; color: rgb(0, 0, 10); line-height: 108%; text-align: left; page-break-inside: avoid; }h2.western { font-family: “Times New Roman”, serif; font-size: 12pt; }h2.cjk { font-size: 12pt; }h2.ctl { font-size: 13pt; font-weight: normal; }h1 { margin-bottom: 0in; direction: ltr; color: rgb(0, 0, 10); line-height: 108%; text-align: left; page-break-inside: avoid; }h1.
western { font-family: “Times New Roman”, serif; font-size: 12pt; }h1.cjk { font-size: 12pt; }h1.ctl { font-size: 16pt; font-weight: normal; }p { margin-bottom: 0.08in; direction: ltr; color: rgb(0, 0, 10); line-height: 108%; text-align: left; }p.
western { font-family: “Calibri”, serif; font-size: 11pt; }p.cjk { font-family: “Calibri”; font-size: 11pt; }p.ctl { font-size: 11pt; }UNIVERSITYOF SCIENCE AND TECHNOLOGYCYBERSECURITYSubject:Internet AnonymityName– Surname: Hasret GÜLEÇNo:301930Index 1. What Is the Anonymity? 3 2.
Why Do We Need That? 3 3. How can They Follow Us? 3 3.1.
IP Addresses 3 3.2. HTTP Referrer 4 3.3.
Cookies & Tracking Scripts 4 3.4. Super Cookies 4 3.
5. User Agent 4 3.6. Browser Fingerprinting 4 4. How can We Protect? 5 4.
1. VPN(Virtual Private Network) 5 4.2.
Creating Own VPN Server 5 4.3. TOR(The Onion Router) 6 4.
3.1. How does TOR work? 6 4.3.2. Sorts of Relays 6 4.
4. I2P 9 4.4.1. How does I2P work? 9 5. Conclusion 11 What Is the Anonymity? Anonymitymeans that the real author of a message or packet is not shown orvery difficult to findthe author of a message. If we provide those two definiton,that meanswe provide the anonymity on the internet;Unidentifiability;third person cannot identify any individual person who using internetUnlinkability;third person cannot link an person to a specific message or actionAnonymityis not a thing which was invented with the Internet.
Before theweb,people were using aliases for being anonymous,it calls pseudonym.However,being anonymous on the internet is never %100,there is always apossibility to find out who is guessing who it is. Why Do We Need That?Thereare several reasons for that. For example; People in a country with a repressive political regime might use anonymity to get rid of persecution for their political ideas,even in democratic countries. People are more equal in anonymous discussions. There are not any factors that can effect their discussion like status,gender etc.
. Anti-Cencorship Ofcourse privacy. Some people just want it for their privacy. How can They Follow Us? IP Addresses Themost basic way of identifying person is by user’s IP address.
Fromuser’s IP address,a website can determine user’s roughgeographical location – user’s city or area -. However,IP addressescan change and are often used by multiple users,so they are not agood way of tracking a single user every time. Still,an IP addresscan be combined with different techniques here to trace yourgeographical location. HTTP Referrer Whenuser’s browser redirect the user,browser loads the web page youclicked and have the knowledge regarding the web site wherever youcame from.This data is contained in the HTTP referrer header. Cookies & Tracking Scripts Cookiesare small pieces of information websites can store in your browser.
When user sign into a online-banking website,a cookie remembersinformations for login. When user change a setting on a website,acookie stores that setting so it will persist across page loads ansessions. Cookiesmay also track user’s browsing activity. Some websites wish tounderstand what pages users visit.Super Cookies Userscan clear browser’s cookies.
However,it isn’t a 100% solution. Supercookie’s datas can store in multiple places for instance,in Flashcookies, Silverlight storage,browsing history and HTML5 nativestorage. Whena web site notices that you have deleted part of the super cookie,theinformation copy from the other location. For instance,you mightclear your browser cookies and not your Flash cookies,so the websitewill copy the value of the Flash cookie to your browser cookies.User Agent Browseralso sends a user agent every time you connect to a website. Thistells websites your browser and operating system’sinformation for example, which device you are using,which version ofbrowser and what it is name. While using this information attackerscan find exploit easiliy using Google. After that,there is only thingthat user can do is watch how can attackers steal informations fast.
Browser Fingerprinting Websitescan determine user’s operating system,browser version,installedplug-ins and their versions,operating system’s screenresolution,installed fonts,time zone etc. Thereis a website called Panopticlick can check user’s browser’s andsystem’s trackability ;https://panopticlick.eff.org/Theyare the basic way of logging systems. Every big systems have loggingserver.
They can log every action,sendig request to http,ftp,smtp,sshetc. How can We Protect? Thereare several ways to protect from tracking/being anonym on theinternet. However,there is notcertain way to do it. Users can set the cookies setting on the browser that they use like ; “Only keep cookies until I close my browser” or close all of it. Close all of it might not be good solution because some websites don’t allow the users which don’t accept the cookies. Disable Flash and all other kind of “Super Cookies” Use the extensions on the browsers to control 3rd party sites can include content in user’s page or run code in user’s browser Use Tor to hide user’s IP address and other browser characteristics when user want maximum browser privacyVPN(Virtual Private Network) VirtualPrivate Network is a service that permits you to connect to the webvia a server run by a VPN provider. All information traveling betweenuser’s device and this “VPN Server” is securely encrypted.
Normally,Whenyou connect to the web you first connet to your ISP(Internet ServiceProvider),then you connect to other sites. The ISP can read all theinformation that between you and the website. When using VPN, the ISPcan view only the access that you connect to the VPN,because youconnect to other sites after the VPN and the connection between youand VPN server is encrypted and also it is safe to use public Wifihotspot,thanks to encrypted connection.
Even if a hacker somehowmanages your data,the data safe because it is encrypted. Ofcourse your VPN provider can know what do you do on the internet.However,you can create your own VPN server.Creating Own VPN Server TheVPN provide secure access to your home network from everyplace or youcan use it for usingPoland version of Netflix when traveling outside the Poland. Thereare many solutions to do that.
First one is getting a router which mayact like VPN. Home routers often come with built-in VPN servers,youshould simply check it if it has. You can then activate and configurethe VPN server by using setting of router. Secondoption is creating your own VPN server. You need just a computer ordevice that is on all the time,not a device that turn off when youarenot at there. Thirdchoice is installing third-party VPN server’s application likeOpenVPN or OperaVPN. VPN servers are avaible for each operatingsystems. You need the just configure your ports or most of theapplications do that by themselves.
Anotheroption is hosting your own VPN server with a web hosting provider.After rent a server hosting you can install a VPN server on theserver which they have give to you. Internet bandwidth and machine’spower can be change according to which packet that you choose.Itdoesn’t matter whatever solution is chosen,there is only one factthat,users should set the authentication and updatescarefully.Otherwise, hackers or another users can track the vpnservers easily. TOR(The Onion Router) Toris an anonymity tool used by the those who want to stay private whensurfing on the internet. It provides security,stability and speed. Ithas many different sponsors.
Tor can help the users for beinganonymous and also host their websites by using “hidden services”capabilities which mean sites can only be accessed by user on the Tornetwork. It is call “Dark Web”.How does TOR work? Torworks by bouncing connections from user’s pc to destinations (forinstance agh.
edu.pl) by using several of intermediate computers orrelays. Nowadays, there are about 6000 relays managing the traffic atthe Tor arrange. A large portion of the relays do not have specialhardware or computer code to do it. They simply have the Tor softwareconfigured to act as a relay. On the off chance that there are moretransfers to pick from,it will be harder to trace anyone.
Sorts of Relays GuardRelay : This the entrance for the Tor network. MiddleRelay : Middle points transport activity from the guard relay to theexit point.ExitRelay : Exit point at the Tor network. They send traffic to the finalpoint. <<---Connectionset up Connection---->> >Forefficiency,the Tor network uses the same path for connections atintervals a similar 10 minutes.
Later requests are given a replacementcircuit to keep away people from linking your earlier actions to thenew ones. TheTor network can not solve all anonymity problems. It focuses onlyprotective the information transfer.
Users have to use differentsoftwares if they don’t want the sites user visit to see user’sinformation like identfy.If the attackers watch the traffic comingout of your computer,and also going out, they can use statisticalanalysis to find out that which web sites that you visit or whoarrive email from you. I2P I2Pis a open source project and it is a anonymous P2P(Peer to Peer)network. It provides to user security layers which may connect eachother.
The users can use email services,surfing,connecting the blogsand forums,publish websites and instant message in the this layers.All the informations encrypt with layers and transfer by tunnels.Tunnel is the most important topic in the I2P. Thereare two types of tunnels in the I2P. First one is “outbond” andother one is “inbound”.How does I2P work? Thenetwork created of a set of nodes with a number of undirectionalinbound and outbound tunnels.
Each router has a cryptographicidentify. These routers communicate with each other with usingexisting protocols(TCP,UDP etc..). Client applications have differentcryptographic identifier that enable to send and receive packets.
These users may connect to every router and authorize the temporaryallocation(“lease”) of some tunnels that will be used forreceiving and sending packets using the network.I2P has its owninternal network database for distribute route and deliver packetssecurely..Inthe picture,Alice,Bob,Charlie and Dave are all running routers with a single path on their local router. Each of them have 2-hop inboundtunnels per route.
When Alice and Bob communicate to each other,Alicesends packet out one of her outbound tunnels through to one of Bob’sinbound tunnels. This informations keep on the database. IfBob wants to send back packet to Alice,he just goes through the samepath,send a packet out one of his outbound tunnels through one ofAlice’s inbound tunnels. Thereisn’t any central mechanism to keep statistics of performance andreliability of routers within the network. The network itself makesuse of a significant number of cryptographic techniques andalgorithms such a 2048bit ElGamal encryption,256bit AES with PKCS#5padding,1024bit DSA signatures,SHA256 hashes,2048bit D?ffie-Hellmannegotiated connections with point to point authentication andElGamal/ AES+SessionTag. End-to-endencryption was removed in I2P’s earlier version;end-to-end encryptionfrom Alice’s router “a” to Bob’s router “h”remins. All packets from a to h is end-to-end encrypted,but the I2CPconnection between the I2P router and the applications isn’tend-to-end encrypted! A and h are the routers of Alice and Bob,whileAlice and Bob in following graph are the applications running on ofI2P.Torprovides one with better anonymous access to the open internet andI2P supply one with a more powerful and trustable “network withinternet”.
Both of them provide cryptographically sound methodsto anonymously access data and connect online world.In every case,ISP can trace the user .In order to hide this knowledge,users shoulduse VPN service to hide their entry point the internet or Tor/I2Pnetworks.Conclusion Withthe increasing of number of Internet users,we are faced with severalthreats against user’s privacy.
All widely-used Internet servicesand protocols transfer a lot critical data.With analyzing thesedata,firms can generate user’s profile.There is no way to hideyourself in the internet %100.
However,there are some tips that usercan do for reducing the risk. VPN is the main one,after that user mayuse TOR/I2P for the anonymity but they always have to be carefulabout the websites,cookies,http referrer,ip addresses and thevulnerability king of internet ; flash.References http://www.cezerisga.com/makale/%C4%B0nternette%20G%C3%B6r%C3%BCnmez%20Olmak%20%C4%B0%C3%A7in%2010%20Gizlilik%20Uygulamas%C4%B1 https://www.ivpn.net/privacy-guides/an-introduction-to-tor-vs-i2p https://geti2p.net/tr/docs/how/intro https://www.bestvpn.com/i2p-idiots-introduction/ https://www.torproject.org https://geti2p.net/en/docs/how/intro https://internet-anonymity.com/ https://people.dsv.su.se/~jpalme/society/anonymity.html
