NYMBLE: Blocking Misbehaving Users in Anonymizing

Networks

A thesis submitted in partial fulfillment of the academic

requirement for the award of degree of

MASTER OF TECHNOLOGY
(Computer Science & Engineering)

Submitted
By

Mohammad Zainuddin
(10R01D5809)
Under the Esteemed guidance of

Mr. D. Baswaraj
Associate Professor, Department of CSE

CMR INSTITUTE OF TECHNOLOGY

(Approved by AICTE, Affiliated to JNTU, Hyderabad)
Kandlakoya, Medchal Road, R.R. Dist. Hyderabad.

2011-2012
i

CMR INSTITUTE OF TECHNOLOGY

(Approved by AICTE, Affiliated to JNTU, Kukatpally)
Kandlakoya, Medchal Road, Hyderabad

Department of Computer Science & Engineering

CERTIFICATE
This is to certify that the Thesis entitled NYMBLE: Blocking Misbehaving Users in
Anonymizing Networks is being submitted by Mohammad Zainuddin with H.T.No.
10R01D5809 in partial fulfillment of the requirement for the award of the degree of
M.Tech in Computer Science & Engineering to the Jawaharlal Nehru Technological
University Hyderabad is a record of bonafide work carried out by him under my/our
guidance and supervision from 24-10-2011 to 25-08-2012.
The results presented in this thesis have been verified and are found to be satisfactory. The
results embodied in this thesis have not been submitted to any other University for the
award of any other degree or diploma.

Internal Guide

HOD

(Mr. D. Baswaraj)

(Prof. P. Pavan Kumar)

EXTERNAL EXAMINER

ii

Principal
(Dr. M. Janga Reddy)

ACKNOWLEDGMENT

I am extremely grateful to Dr. M. Janga Reddy, Principal and Prof. P. Pavan Kumar,
HOD, Department of CSE, CMR Institute of Technology.

I am extremely thankful to Mr. D. Baswaraj, Project Coordinator and Internal Guide,

Department of CSE, for his constant guidance, encouragement and moral support
throughout the project.

I will be failing in duty if I do not acknowledge with grateful thanks to the authors of the
references and other literatures referred in this Project.

I express my thanks to all staff members and friends for all the help and co-ordination
extended in bringing out this Project successfully in time.

Finally, I am very much thankful to my parents who guided me for every step.

(Mohammad Zainuddin)
Date:
Place:

iii

ABSTRACT
Anonymizing networks such as Tor allow users to access Internet services privately by
using a series of routers to hide the clients IP address from the server. The success of such
networks, however, has been limited by users employing this anonymity for abusive
purposes such as defacing popular websites.
Website administrators routinely rely on IP-address blocking for disabling access to
misbehaving users, but blocking IP addresses is not practical if the abuser routes through
an anonymizing network. As a result, administrators block all known exit nodes of
anonymizing networks, denying anonymous access to misbehaving and behaving users
alike. To address this problem, we present Nymble, a system in which servers can
blacklist misbehaving users, thereby blocking users without compromising their
anonymity. Our system is thus agnostic to different servers definitions of misbehavior
servers can blacklist users for whatever reason, and the privacy of blacklisted users is
maintained.

iv

CONTENTS
Sl.No.
1.
1.1.
1.2.
1.3.
1.4.
1.5.
1.6.
1.7.
1.8.
1.9.

Particulars

Page No.

Introduction
Problem Definition
Existing System and its Limitations
Proposed System
Advantages of Proposed System
Feasibility Study
Hardware and Software Requirements
Functional Requirements
Non-Functional Requirements
Pseudo Requirements

1
2
2
2
3
4
5
5
5
5

2.

Literature Survey
2.1. Previous work done in blocking of users in anonymizing networks
2.1.1. Pseudonymous Credential Systems
2.1.2. Anonymous Credential Systems
2.1.3. Verifier-local Revocation (VLR)
2.2. Proposed Work

6
6
6
8
9
9

3.

Analysis and Design

3.1. Modules Description
3.1.1. Nymble Manager
3.1.2. Pseudonym Manager
3.1.3. Blacklisting a User
3.1.4. Nymble-Authenticated Connection
3.2. Data Flow Diagrams
3.3. UML Diagrams
3.3.1. Use Case Diagram
3.3.2. Class Diagram
3.3.3. Sequence Diagram
3.3.4. Activity Diagram
3.3.5. Collaboration Diagram

11
11
11
11
11
11
12
16
16
17
18
19
20

4.

Implementation
4.1. Process Specification
4.1.1. Input Design
4.1.2. Objectives
4.1.3. Output Design
4.2. Techniques Used
4.2.1. Blacklisting Anonymous Users
4.2.2. Practical Performance
4.2.3. Open-Source Implementation
4.3. Algorithms Used
4.3.1. Algorithm for Pseudonym Creation
4.3.2. Algorithm for Granting Nymble Tickets
4.3.3. Algorithm for Notifying Users about their status
v

21
21
21
21
21
22
22
22
22
23
23
23
24

Sl.No.

5.

Particulars

Page No.

4.4. Technology Description

4.4.1. Java Technology
4.4.2. The Java Programming Language
4.4.3. The Java Platform
4.4.4. What can Java Technology do?
4.4.5. How will Java Technology Change Life?
4.4.6. ODBC
4.4.7. JDBC
4.4.8. JDBC Goals
4.4.9. Networking
4.5. Sample Coding
4.5.1. Sample code for client login
4.5.2. Sample code for server login
4.5.3. Sample code for Nymble Manager
4.6. Screenshots

25
25
25
27
27
29
30
31
31
35
39
39
43
51
56

Testing and Debugging

5.1. Types of Testing
5.1.1. Black Box Testing
5.1.2. White Box Testing
5.1.3. Unit Testing
5.1.4. Test Strategy and Approach
5.2. Test Objectives
5.3. Features to be tested
5.3.1. System Testing
5.3.2. Integration Testing
5.3.3. Functional Testing
5.3.4. Test case table
5.3.5. Query
5.4. Test Plan
5.4.1. Bottom up approach
5.4.2. Top down approach
5.5. Test cases

77
77
77
77
77
77
77
78
78
78
78
79
79
80
80
80
80

6.

Conclusion

82

7.

Reference / Bibliography

83

8.

Appendix

85

vi

List of Figures
Fig.No.

Description

Page No.

1.

Project Architecture

2.

Pseudonymous System Flow Diagram

3.

Anonymous Credential Systems

4.

Overview Nymble Design

10

5.

DFD for Nymble Modules

13

6.

Overview Flowchart of Whole Project

13

7.

DFD for Server

14

8.

DFD for Client

15

9.

Use case Diagram for user login and server login

16

10.

Class Diagram for user and nymble manager interaction

17

11.

Sequence Diagram for client, server and NM interactions

18

12.

Activity Diagram for user and server

19

13.

Collaboration Diagram for Nymble System

20

14.

Working of Interpreter

26

15.

Working of Java Program

26

16.

Java API

27

17.

Java IDE

29

18.

Java Program going through Compilers and Interpreter

34

vii

List of Tables
Table.No.

Description

Page No.

1.

Nymble Server Login Test Table

80

2.

Client Login Test Table

81

3.

Blocking Test Table

81

List of Screenshots
SS.No.

Particulars

Page No.

1.

Nymble Server

56

2.

Nymble Server Invalid Login

57

3.

Nymble Server Valid Login

58

4.

Nymble Manager with Resources and handling blocked IP-addresses 59

5.

Misbehaving Users Info

60

6.

Client Registration

61

7.

Server Registration

62

8.

User Login

63

9.

User Login Key

64

10.

Available Resources

65

11.

Accessing of File

66

12.

Authenticate Nymble Page

67

13.

Nymble Web Page-1

68

14.

Nymble Web Page-2

69
viii

List of Screenshots
SS.No.

Particulars

Page No.

15.

Server View Via Android Mobile

70

16.

Pseudonym Manager-1

71

17.

Pseudonym Manager-2

72

18.

Invalid PWD for 1st Time

73

19.

Invalid PWD for 2nd Time

74

20.

Invalid PWD for 3rd Time

75

21.

Blocking of User on 3rd Wrong Attempt

76

ix