skip to main content
research-article

Long-term Measurement and Analysis of the Free Proxy Ecosystem

Published: 26 November 2019 Publication History

Abstract

Free web proxies promise anonymity and censorship circumvention at no cost. Several websites publish lists of free proxies organized by country, anonymity level, and performance. These lists index hundreds of thousands of hosts discovered via automated tools and crowd-sourcing. A complex free proxy ecosystem has been forming over the years, of which very little is known. In this article, we shed light on this ecosystem via a distributed measurement platform that leverages both active and passive measurements. Active measurements are carried out by an infrastructure we name ProxyTorrent, which discovers free proxies, assesses their performance, and detects potential malicious activities. Passive measurements focus on proxy performance and usage in the wild, and are accomplished by means of a Chrome extension named Ciao. ProxyTorrent has been running since January 2017, monitoring up to 230K free proxies. Ciao was launched in March 2017 and has thus far served roughly 9.7K users and generated 14TB of traffic. Our analysis shows that less than 2% of the proxies announced on the Web indeed proxy traffic on behalf of users; further, only half of these proxies have decent performance and can be used reliably. Every day, around 5%--10% of the active proxies exhibit malicious behaviors, e.g., advertisement injection, TLS interception, and cryptojacking, and these proxies are also the ones providing the best performance. Through the analysis of more than 14TB of proxied traffic, we show that web browsing is the primary user activity. Geo-blocking avoidance—allegedly a popular use case for free web proxies—accounts for 30% or less of the traffic, and it mostly involves countries hosting popular geo-blocked content.

References

[1]
Devdatta Akhawe and Adrienne Porter Felt. 2013. Alice in warningland: A large-scale field study of browser security warning effectiveness. In Proceedings of the USENIX Security Symposium. 257--272.
[2]
Taejoong Chung, David R. Choffnes, and Alan Mislove. 2016. Tunneling for transparency: A large-scale analysis of end-to-end violations in the internet. In Proceedings of the ACM Internet Measurement Conference (IMC’16). 199--213.
[3]
CIAO. 2017. Automated Free Proxies Discovery/usage. https://goo.gl/NgJmLE.
[4]
CURL. 2017. Command Line Tool and Library for Transferring Data with URLs. https://curl.haxx.se/.
[5]
David Dittrich and Erin Kenneally. 2012. The Menlo Report: Ethical Principles Guiding Information and Communication Technology Research. Technical Report, US Department of Homeland Security.
[6]
Zakir Durumeric, Eric Wustrow, and J. Alex Halderman. 2013. ZMap: Fast internet-wide scanning and its security applications. In Proceedings of the USENIX Security Symposium. 605--620.
[7]
Brendan J. Frey and Delbert Dueck. 2007. Clustering by passing messages between data points. Science 315, 5814 (2007), 972--976.
[8]
Haschek Solutions. 2017. ProxyChecker. https://github.com/chrisiaut/proxycheck_script.
[9]
Hola. 2017. Free VPN, Secure Browsing, Unrestricted Access. http://hola.org/.
[10]
Muhammad Ikram, Narseo Vallina-Rodriguez, Suranga Seneviratne, Mohamed Ali Kaafar, and Vern Paxson. 2016. An analysis of the privacy and security risks of Android VPN permission-enabled apps. In Proceedings of the ACM Internet Measurement Conference (IMC’16). 349--364.
[11]
Christian Kreibich, Nicholas Weaver, Boris Nechaev, and Vern Paxson. 2010. Netalyzr: Illuminating the edge network. In Proceedings of the ACM Internet Measurement Conference (IMC’10). 246--259.
[12]
letsencrypt. 2017. A Free, Automated, and Open Certificate Authority. https://letsencrypt.org/.
[13]
Akshaya Mani, Tavish Vaidya, David Dworken, and Micah Sherr. 2018. An extensive evaluation of the internet’s open proxies. In Proceedings of the 34th Computer Security Applications Conference (ACSAC’18). ACM, New York, NY, 252--265.
[14]
MAXMIND. 2017. IP Geolocation and Online Fraud Prevention. https://www.maxmind.com/.
[15]
NGINX. 2017. A Free, Open-source, High-performance HTTP Server. https://nginx.org/.
[16]
Diego Perino, Matteo Varvello, and Claudio Soriente. 2018. ProxyTorrent: Untangling the free HTTP(S) proxy ecosystem. In Proceedings of the World Wide Web Conference (WWW’18). 197--206.
[17]
Vasile Claudiu Perta, Marco Valerio Barbera, Gareth Tyson, Hamed Haddadi, and Alessandro Mei. 2015. A glance through the VPN looking glass: IPv6 leakage and DNS hijacking in commercial VPN clients. In Proceedings of the Conference on Privacy Enhancing Technologies (PoPETs’15). 77--91.
[18]
PhantomJS. 2017. Headless Browser. http://phantomjs.org/.
[19]
PLANETLAB. 2017. An Open Platform for Developing, Deploying, and Accessing Planetary-scale Services. https://www.planet-lab.org/.
[20]
ProxyTorrent team.2017. Ciao Code. https://github.com/ciao-dev/CIAO.
[21]
Charles Reis, Steven D. Gribble, Tadayoshi Kohno, and Nicholas C. Weaver. 2008. Detecting in-flight page changes with web tripwires. In Proceedings of the USENIX Symposium on Networked Systems Design 8 Implementation (NSDI’08). 31--44.
[22]
Will Scott, Ravi Bhoraskar, and Arvind Krishnamurthy. 2015. Understanding open proxies in the wild. In Proceedings of the Chaos Communication Camp.
[23]
Georgios Tsirantonakis, Panagiotis Ilia, Sotiris Ioannidis, Elias Athanasopoulos, and Michalis Polychronakis. 2018. A large-scale analysis of content modification by open HTTP proxies. In Proceedings of the Network and Distributed System Security Symposium (NDSS’18). (2018).
[24]
Gareth Tyson, Shan Huang, Félix Cuadrado, Ignacio Castro, Vasile Claudiu Perta, Arjuna Sathiaseelan, and Steve Uhlig. 2017. Exploring HTTP header manipulation in-the-wild. In Proceedings of the International Conference on World Wide Web (WWW’17). 451--458.
[25]
Matteo Varvello, Jeremy Blackburn, David Naylor, and Konstantina Papagiannaki. 2016. EYEORG: A platform for crowdsourcing web quality of experience measurements. In Proceedings of the Conference on Emerging Network Experiment and Technology (CoNEXT’16).
[26]
Nicholas Weaver, Christian Kreibich, Martin Dam, and Vern Paxson. 2014. Here be web proxies. In Proceedings of the Passive and Active Measurement Conference (PAM’14). 183--192.

Cited By

View all

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Transactions on the Web
ACM Transactions on the Web  Volume 13, Issue 4
November 2019
139 pages
ISSN:1559-1131
EISSN:1559-114X
DOI:10.1145/3372405
Issue’s Table of Contents
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 26 November 2019
Accepted: 01 August 2019
Revised: 01 June 2019
Received: 01 April 2018
Published in TWEB Volume 13, Issue 4

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. Web security and privacy
  2. network measurements
  3. proxies
  4. web protocol security

Qualifiers

  • Research-article
  • Research
  • Refereed

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)13
  • Downloads (Last 6 weeks)1
Reflects downloads up to 14 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2025)Open Web ProxiesEncyclopedia of Cryptography, Security and Privacy10.1007/978-3-030-71522-9_1745(1736-1736)Online publication date: 8-Jan-2025
  • (2022)Analysis and prediction of web proxies misbehaviorProceedings of the 17th International Conference on Availability, Reliability and Security10.1145/3538969.3544412(1-11)Online publication date: 23-Aug-2022
  • (2021)Open Web ProxiesEncyclopedia of Cryptography, Security and Privacy10.1007/978-3-642-27739-9_1745-1(1-3)Online publication date: 31-Dec-2021
  • (2020)Reading In-Between the LinesProceedings of the ACM Internet Measurement Conference10.1145/3419394.3423615(133-146)Online publication date: 27-Oct-2020

View Options

Login options

Full Access

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

HTML Format

View this article in HTML Format.

HTML Format

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media