Client-Side Web Proxy Detection from Unprivileged Mobile Devices
This addresses the opacity of web proxy deployments for mobile users, enabling average users to measure and understand proxy impacts on network performance, though it is incremental in improving detection techniques.
The paper tackled the problem of detecting web proxies on cellular networks without privileged access, presenting a method that identified proxies on 11 carriers across four countries and characterized their behaviors like caching and content rewriting.
Mobile devices that connect to the Internet via cellular networks are rapidly becoming the primary medium for accessing Web content. Cellular service providers (CSPs) commonly deploy Web proxies and other middleboxes for security, performance optimization and traffic engineering reasons. However, the prevalence and policies of these Web proxies are generally opaque to users and difficult to measure without privileged access to devices and servers. In this paper, we present a methodology to detect the presence of Web proxies without requiring access to low-level packet traces on a device, nor access to servers being contacted. We demonstrate the viability of this technique using controlled experiments, and present the results of running our approach on several production networks and popular Web sites. Next, we characterize the behaviors of these Web proxies, including caching, redirecting, and content rewriting. Our analysis can identify how Web proxies impact network performance, and inform policies for future deployments. Last, we release an Android app called Proxy Detector on the Google Play Store, allowing average users with unprivileged (non-rooted) devices to understand Web proxy deployments and contribute to our IRB-approved study. We report on results of using this app on 11 popular carriers from the US, Canada, Austria, and China.