This post is about my research project-“Personalized Pseudonyms for Servers in the Cloud”. In this work, we designed and implemented a cloud service which offers server anonymity to the user. You might ask what is server anonymity and why it matters. Basically, server anonymity guarantees that the web server’s identity is hidden from network attackers when a client communicates with the server. Your ISP is a real-world example who might do unwanted things to your network traffic if server anonymity is not enforced. The ISP might collect your web browsing history to build a profile and push ads to you. The ISP might even slow down your traffic to a certain website since the net neutrality rules were repealed. Our service gives you an option to protect your privacy when surfing the Internet!
There are many aspects of our system. From a system design point of view, our system uses SDN switches in the cloud to do network address translation (NAT), which makes our service faster and more scalable. The evaluation shows that the latency is only slightly higher than HTTPS and far better than Tor, a popular anonymous tool. From a usability point of view, our service is compatible with major browsers without requiring extensions or new client software. Although, the user needs to register a personalized pseudo domain name and install client certificate before using our service. More details can be found in my PETS 2016 paper.
Below is a demo video which demonstrates how our system can be used to protect user’s privacy.