Detecting the Use of Anonymous Proxies
The Internet is built atop the Internet Protocol (IP) which has at its heart a unique identifier known as an IP address. Knowing the location of an IP address can be very useful in many situations such as for banks to know if a connection is in progress from online fraud hotspots. IP addresses can be spoofed allowing hackers to bypass geographical IP restrictions and thus render some category of fraud prevention useless. Anonymous proxies (AP) which act as intermediate relays which disguise the source IP addresses can play a large role in cybercrime. There is a need to ascertain whether an incoming IP connection is an original source matched IP address, or one being routed through an anonymising proxy. This article concentrates on various methods used by anonymising proxies, the characteristics of the anonymous proxies and the potential mechanisms available to detect if a proxy is in use.