Do You See What I See: Differential Treatment of Anonymous Users

DOI number



Khattak, Sheharbano
Fifield, David
Afroz, Sadia
Javed, Mobin
Paxson, Vern
Murdoch, Steven J.
McCoy, Damon

Publication Year



University College London



The utility of anonymous communication is undermined by a growing number of websites treating users of such services in a degraded fashion. The second-class treatment of anonymous users ranges from outright rejection to limiting their access to a subset of the service?s functionality or imposing hurdles such as CAPTCHA-solving. To date, the observation of such practices has relied upon anecdotal reports catalogued by frustrated anonymity users. We present a study to methodically enumerate and characterize, in the context of Tor, the treatment of anonymous users as second-class Web citizens.
We focus on first-line blocking: at the transport layer, through reset or dropped connections; and at the application layer, through explicit blocks served from website home pages. Our study draws upon several data sources: comparisons of Internet-wide port scans from Tor exit nodes versus from control hosts; scans of the home pages of top-1,000 Alexa websites through every Tor exit; and analysis of nearly a year of historic HTTP crawls from Tor network and control hosts. We develop a methodology to distinguish censorship events from incidental failures such as those caused by packet loss or network outages, and incorporate consideration of the endemic churn in web-accessible services over both time and geographic diversity. We find clear evidence of Tor blocking on the Web, including 3.67% of the top-1,000 Alexa sites. Some blocks specifically target Tor, while others result from fate-sharing when abuse-based automated blockers trigger due to misbehaving Web sessions sharing the same exit node.


Data from Internet-wide scans to quantify the extent of differential treatment of anonymous Internet users. The data accompanies the paper "Do You See What I See: Differential Treatment of Anonymous Users" published at the 2016 Network and Distributed System Security Symposium


Internet measurement; censorship; anonymity; security; privacy



Related identifiers

Is referenced by


How to access this data

A portion of the dataset can be accessed here. For the full data set, please contact the author