The dark side of the web: An open proxy's view

With the advent of large-scale, wide-area networking testbeds, researchers can deploy long-running services that interact with other resources on the Web. While such interaction can easily attract clients and traffic, our experience suggests that projects accepting outside input and interacting with outside resources must carefully consider the avenues for abuse of such services. The CoDeeN Content Distribution Network, deployed on PlanetLab, uses a network of caching Web proxy servers to intelligently distribute and cache requests from a potentially large client population. Due to CoDeeN's non-commercial nature, content is not pushed/advertised by content providers, but instead is pulled by clients who have configured their browsers to use CoDeeN. In effect, CoDeeN is one of the largest "open" proxy networks in the world, and therefore draws unwanted attention from malicious users. This paper discusses our experiences with undesirable traffic on CoDeeN, the mechanisms we developed to curtail it, and the future directions for such work. We believe that this work provides a safe alternative to open proxies and will encourage others to deploy similar systems. Some of the security mechanisms we are developing are suitable for ISPs to deploy on their own networks to detect misbehaving customers before problems arise. Finally, other research projects that allow "open" access to Web resources may face similar situations, and may be able to adopt similar mechanisms.