UC Santa Cruz

User privacy on the Internet has been an increasing concern in recent years. With the proliferation and sophistication of information services, data mining, and search engines, a simple network address may be used to reveal a great deal of information about a user, including location, identity, and behavior.

A new network architecture paradigm known as "Software-Defined Networking" (SDN) has recently garnered attention in both industry and academia. Defined by a separation of data and control planes, it offloads routing decisions from the switching hardware and provides an innovative framework upon which new protocols and services can be deployed.

In this thesis, we examine how SDN can be employed by service providers to offer endpoint privacy. We identify existing approaches to privacy and determine that they make unacceptable tradeoffs between performance and anonymity. We argue an acceptable level of privacy can be provided to most users, with noticeably lower latency and throughput impact, by working with the network provider; to that end, we introduce AnonyFlow, an in-network anonymization service designed to efficiently and seamlessly provide privacy to users as they communicate with other endpoints and services. We design, implement, and evaluate a prototype of AnonyFlow, based on an OpenFlow SDN deployment, that achieves endpoint anonymity without compromising on throughput or latency.