Detecting the Use of Anonymous Proxies

J McKegaue, K Curran

Research output: Contribution to journalArticle

Abstract

The Internet is built atop the Internet Protocol (IP) which has at its heart a unique identifier known as an IP address. Knowing the location of an IP address can be very useful in many situations such as for banks to know if a connection is in progress from online fraud hotspots. IP addresses can be spoofed allowing hackers to bypass geographical IP restrictions and thus render some category of fraud prevention useless. Anonymous proxies (AP) which act as intermediate relays which disguise the source IP addresses can play a large role in cybercrime. There is a need to ascertain whether an incoming IP connection is an original source matched IP address, or one being routed through an anonymising proxy. This article concentrates on various methods used by anonymising proxies, the characteristics of the anonymous proxies and the potential mechanisms available to detect if a proxy is in use.
LanguageEnglish
Article number5
Pages74-94
Number of pages21
JournalInternational Journal of Digital Crime and Forensics (IJDCF),
Volume10
Issue number2
Early online dateApr 2018
DOIs
Publication statusE-pub ahead of print - Apr 2018

Fingerprint

Internet protocols
Internet

Keywords

  • network proxies
  • security

Cite this

@article{733103e036394865ba375ffe07f599c2,
title = "Detecting the Use of Anonymous Proxies",
abstract = "The Internet is built atop the Internet Protocol (IP) which has at its heart a unique identifier known as an IP address. Knowing the location of an IP address can be very useful in many situations such as for banks to know if a connection is in progress from online fraud hotspots. IP addresses can be spoofed allowing hackers to bypass geographical IP restrictions and thus render some category of fraud prevention useless. Anonymous proxies (AP) which act as intermediate relays which disguise the source IP addresses can play a large role in cybercrime. There is a need to ascertain whether an incoming IP connection is an original source matched IP address, or one being routed through an anonymising proxy. This article concentrates on various methods used by anonymising proxies, the characteristics of the anonymous proxies and the potential mechanisms available to detect if a proxy is in use.",
keywords = "network proxies, security",
author = "J McKegaue and K Curran",
year = "2018",
month = "4",
doi = "10.4018/IJDCF.2018040105",
language = "English",
volume = "10",
pages = "74--94",
journal = "International Journal of Digital Crime and Forensics",
issn = "1941-6210",
number = "2",

}

Detecting the Use of Anonymous Proxies. / McKegaue, J; Curran, K.

In: International Journal of Digital Crime and Forensics (IJDCF), Vol. 10, No. 2, 5, 04.2018, p. 74-94.

Research output: Contribution to journalArticle

TY - JOUR

T1 - Detecting the Use of Anonymous Proxies

AU - McKegaue, J

AU - Curran, K

PY - 2018/4

Y1 - 2018/4

N2 - The Internet is built atop the Internet Protocol (IP) which has at its heart a unique identifier known as an IP address. Knowing the location of an IP address can be very useful in many situations such as for banks to know if a connection is in progress from online fraud hotspots. IP addresses can be spoofed allowing hackers to bypass geographical IP restrictions and thus render some category of fraud prevention useless. Anonymous proxies (AP) which act as intermediate relays which disguise the source IP addresses can play a large role in cybercrime. There is a need to ascertain whether an incoming IP connection is an original source matched IP address, or one being routed through an anonymising proxy. This article concentrates on various methods used by anonymising proxies, the characteristics of the anonymous proxies and the potential mechanisms available to detect if a proxy is in use.

AB - The Internet is built atop the Internet Protocol (IP) which has at its heart a unique identifier known as an IP address. Knowing the location of an IP address can be very useful in many situations such as for banks to know if a connection is in progress from online fraud hotspots. IP addresses can be spoofed allowing hackers to bypass geographical IP restrictions and thus render some category of fraud prevention useless. Anonymous proxies (AP) which act as intermediate relays which disguise the source IP addresses can play a large role in cybercrime. There is a need to ascertain whether an incoming IP connection is an original source matched IP address, or one being routed through an anonymising proxy. This article concentrates on various methods used by anonymising proxies, the characteristics of the anonymous proxies and the potential mechanisms available to detect if a proxy is in use.

KW - network proxies

KW - security

U2 - 10.4018/IJDCF.2018040105

DO - 10.4018/IJDCF.2018040105

M3 - Article

VL - 10

SP - 74

EP - 94

JO - International Journal of Digital Crime and Forensics

T2 - International Journal of Digital Crime and Forensics

JF - International Journal of Digital Crime and Forensics

SN - 1941-6210

IS - 2

M1 - 5

ER -