A First Look at User-Installed Residential Proxies From a Network Operator's Perspective

Residential proxies (RESIP) enable the tunneling of traffic through non-data center Internet connections. Previous research has focused on malicious software on end-user devices that made them part of RESIP networks. This study investigates RESIP networks that users voluntarily join in exchange for...

Full description

Saved in:
Bibliographic Details
Main Authors: Khan, Etienne, Chiapponi, Elisa, Verkleij, Martijn, Sperotto, Anna, Van Rijswijk-Deij, Roland, Van Der Ham-De Vos, Jeroen
Format: Conference Proceeding
Language:English
Subjects:
denial of inventory
Fraud
Malware
Metadata
Mobile applications
Monitoring
Phishing
Prevention and mitigation
residential proxies (RESIP)
Social factors
Telecommunication traffic
Tunneling
web scraping
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Residential proxies (RESIP) enable the tunneling of traffic through non-data center Internet connections. Previous research has focused on malicious software on end-user devices that made them part of RESIP networks. This study investigates RESIP networks that users voluntarily join in exchange for monetary rewards, aiming to understand the activities facilitated through these services. We developed a testbed environment to operate and monitor eight different residential proxy applications over 7.5 months, enabling us to collect and analyze 368 GB of proxied network traffic, the majority of which is encrypted.In this work, we highlight three distinct case studies that suggest these proxies are used in practices not advertised by the RESIP providers and in one case, shed light on the scale of the proxied campaigns. Firstly, we discuss the use of RESIPs on two dating apps, Tinder and happn, highlighting their likely role in facilitating fraudulent activities. Secondly, an analysis of metadata suggests that RESIPs may play a crucial part in phishing campaigns. Thirdly, a collaboration with a leading technology company in the travel industry allows us to analyze the behavior of web scrapers.Our results underscore the need for enhanced detection mechanisms to mitigate fraud and protect users.
ISSN:2165-963X
DOI:10.23919/CNSM62983.2024.10814519