DOCSLIB.ORG

Traffic-Classification) Rules and Avoiding Them Efficiently

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Traffic-Classification) Rules and Avoiding Them Efficiently lib•erate, (n) : A library for exposing (traffic-classification) rules and avoiding them efficiently Fangfan Li Abbas Razaghpanah Arash Molavi Kakhki Northeastern University Stony Brook University Northeastern University [email protected] [email protected] [email protected] Arian Akhavan Niaki David Choffnes Phillipa Gill Stony Brook University Northeastern University University of Massachusetts Amherst [email protected] [email protected] [email protected] Alan Mislove Northeastern University [email protected] ABSTRACT : A library for exposing (traffic-classification) rules and avoiding them Middleboxes implement a variety of network management policies efficiently. In Proceedings of IMC ’17, London, United Kingdom, November (e.g., prioritizing or blocking traffic) in their networks. While such 1–3, 2017, 14 pages. https://doi.org/10.1145/3131365.3131376 policies can be beneficial (e.g., blocking malware) they also raise issues of network neutrality and freedom of speech when used for application-specific differentiation and censorship. There is a poor understanding of how such policies are implemented in 1 INTRODUCTION practice, and how they can be evaded efficiently. As a result, most It is common for ISPs to use middleboxes to manage their network circumvention solutions are brittle, point solutions based on manual traffic. Recent work [32, 35] showed that such middleboxes are often analysis. implemented using deep packet inspection (DPI) on network traffic, This paper presents the design and implementation of lib·erate, relying on packet contents (e.g., Host headers, TLS Server Name a tool for automatically identifying middlebox policies, reverse- Indication (SNI) extensions, or protocol-specific fields) to selectively engineering their implementations, and adaptively deploying cus- apply policies to flows. While such policies may sometimes be tom circumvention techniques. Unlike previous work, our approach beneficent, there are many scenarios in which they may cause harm is application-agnostic, can be deployed unilaterally (i.e., only at to users and/or service providers, e.g., by violating net neutrality, one endpoint) on unmodified applications via a linked library or implementing traffic shaping, or censoring content. transparent proxy, and can adapt to changes to classifiers at run- In response, researchers have proposed a number of solutions to time. We implemented a lib·erate prototype as a transparent proxy obfuscate traffic in a way that evades classification. In general, these and evaluate it both in a testbed environment and in operational approaches entail encrypting/proxying traffic [3, 19], transforming networks that throttle or block traffic based on DPI-based classifier flows to resemble different protocols [48, 49], or selectively modify- rules, and show that our approach is effective across a wide range ing contents of fields that are targeted by classifiers24 [ ]. However, of middlebox deployments. developers of evasion techniques find themselves in an arms race with network providers, where the scales are tipped in favor of the CCS CONCEPTS provider. Designing evasion schemes generally involves one-off analyses based on a specific middlebox classifier (or suspected cen- • Networks → Middle boxes / network appliances; sorship trigger). Further, these schemes face deployment hurdles as KEYWORDS they often require both client- and server-side changes. For exam- ple, the mobile app Signal recently deployed domain fronting [24] Network Neutrality, Traffic Differentiation to avoid blocking in Egypt and UAE [36]. This required users to ACM Reference Format: update their apps to evade censorship, with the obvious caveat that Fangfan Li, Abbas Razaghpanah, Arash Molavi Kakhki, Arian Akhavan the app store might also be censored in the region. In contrast, a Niaki, David Choffnes, Phillipa Gill, and Alan Mislove. 2017. lib•erate, (n) network provider can often neutralize a statically defined evasion technique once it is known (e.g., by blocking a fronted domain). To Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial resolve this imbalance, there is a need for generalizable, adaptive, advantage and that copies bear this notice and the full citation on the first page. Copyrights for and non-invasive techniques to evade classifiers. components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, This paper presents the design and implementation of lib·erate, requires prior specific permission and/or a fee. Request permissions from [email protected]. a tool for identifying middlebox policies, reverse-engineering their IMC ’17, November 1–3, 2017, London, United Kingdom © 2017 Copyright held by the owner/author(s). Publication rights licensed to Association for Com- implementations, and adaptively deploying custom circumvention puting Machinery. techniques. Our key insight is that differentiation is necessarily im- ACM ISBN 978-1-4503-5118-8/17/11...$15.00 https://doi.org/10.1145/3131365.3131376 plemented by middleboxes using incomplete models of end-to-end IMC ’17, November 1–3, 2017, London, United Kingdom Fangfan Li et al. communication at the network and transport layers. These models • Policies are implemented using classifiers that rely on searches are necessarily incomplete because a middlebox does not have visi- for keywords in HTTP payloads, SNI fields, and protocol- bility into the state at endpoints; namely, a packet that traverses a specific fields. Some of the policies apply only to asmallnum- middlebox may never reach the intended destination (and/or the ber of initial packets, while Iran’s censoring devices inspect corresponding application at the destination). Further, in practice the entire flow. We found no evidence that UDP traffic was we find that middlebox designers do not completely implement classified by any of the operational networks we tested, pro- standards governing network traffic, nor do they necessarily in- viding a surprisingly easy way to evade their policies (i.e., use spect every packet of every flow (potentially for efficiency/cost UDP-based protocols). reasons). With this insight, lib·erate conducts efficient, targeted net- • Middleboxes running the classifiers exhibit different, incom- work measurements to identify any network- and transport-layer plete implementations of network and transport layers. Specif- inconsistencies between middlebox- and endpoint-views of end-to- ically, our testbed device does not check for a wide range of end communication, and leverages this information to transform invalid packet header values, while the Great Firewall of China arbitrary network traffic such that itis purposefully misclassified (GFC) does extensive packet validation. Iran and T-Mobile use (e.g., to avoid shaping or censorship). middleboxes that only partially check for invalid packet head- At a high level, lib·erate operates in four automated phases. First, ers. Further, we find that reordering of TCP segments can alter it conducts tests to determine whether an application’s network classification in all instances except for the GFC and AT&T traffic is differentiated by a middlebox (e.g., throttled, blocked). Ifso, (the latter uses a transparent HTTP proxy). it identifies which features of that network traffic that the middlebox • Except for AT&T and Iran, all middleboxes in our experiments uses to classify the application for differentiated treatment. Next, are vulnerable to misclassification using TTL-limited traffic it uses this information to test candidate evasion techniques that that reaches the middlebox but not the server. are designed to exploit inconsistencies between the middlebox and • The classifiers for Iran and AT&T only inspect port 80 for end-to-end view of network traffic. Finally, lib·erate uses the lowest matching content; thus simply changing the server port can cost, working technique to evade differentiation for network traffic evade classification. generated by the application. • Classifier results do not persist indefinitely, meaning that estab- Our approach is application agnostic, can be deployed unilater- lishing a connection and pausing can evade middlebox policies. ally (i.e., only at one endpoint) on unmodified applications via a For some devices, flow contents are ignored after a fixed delay. linked library or transparent proxy, and can adapt to changes to • If we can assume server-side support as well, we found that in- classifiers at runtime. Like any evasion technique, lib·erate does serting even one packet carrying dummy traffic (that is ignored not end the cat-and-mouse game between evasion and countermea- by the server) at the beginning of a flow evades classification sures; rather, by automating evasion and adapting to changes in in our testbed, T-Mobile, AT&T, and the GFC. middlebox classifiers quickly, it makes countermeasures substan- The paper is organized as follows. The next section discusses tially more expensive for network providers. related work in the area of middlebox implementations and evasion. The primary contributions of this paper are: In Section 3 we detail the goals and approach taken in this work. • An application-agnostic approach to identifying traffic-classifica- Section 4 presents the design of lib·erate
Load more

Recommended publications
  • Shedding Light on Mobile App Store Censorship
    Shedding Light on Mobile App Store Censorship Vasilis Ververis Marios Isaakidis Humboldt University, Berlin, Germany University College London, London, UK [email protected] [email protected] Valentin Weber Benjamin Fabian Centre for Technology and Global Affairs University of Telecommunications Leipzig (HfTL) University of Oxford, Oxford, UK Humboldt University, Berlin, Germany [email protected] [email protected] ABSTRACT KEYWORDS This paper studies the availability of apps and app stores across app stores, censorship, country availability, mobile applications, countries. Our research finds that users in specific countries do China, Russia not have access to popular app stores due to local laws, financial reasons, or because countries are on a sanctions list that prohibit ACM Reference Format: Vasilis Ververis, Marios Isaakidis, Valentin Weber, and Benjamin Fabian. foreign businesses to operate within its jurisdiction. Furthermore, 2019. Shedding Light on Mobile App Store Censorship. In 27th Conference this paper presents a novel methodology for querying the public on User Modeling, Adaptation and Personalization Adjunct (UMAP’19 Ad- search engines and APIs of major app stores (Google Play Store, junct), June 9–12, 2019, Larnaca, Cyprus. ACM, New York, NY, USA, 6 pages. Apple App Store, Tencent MyApp Store) that is cross-verified by https://doi.org/10.1145/3314183.3324965 network measurements. This allows us to investigate which apps are available in which country. We primarily focused on the avail- ability of VPN apps in Russia and China. Our results show that 1 INTRODUCTION despite both countries having restrictive VPN laws, there are still The widespread adoption of smartphones over the past decade saw many VPN apps available in Russia and only a handful in China.
    [Show full text]
  • Internet Infrastructure Review Vol.27
    Internet Infrastructure Vol.27 Review May 2015 Infrastructure Security Increasingly Malicious PUAs Messaging Technology Anti-Spam Measure Technology and DMARC Trends Web Traffic Report Report on Access Log Analysis Results for Streaming Delivery of the 2014 Summer Koshien Inte r ne t In f r ast r uc t ure Review Vol.27 May 2015 Executive Summary ———————————————————3 1. Infrastructure Security ———————————————4 Table of Contents Table 1.1 Introduction —————————————————————— 4 1.2 Incident Summary ——————————————————— 4 1.3 Incident Survey ——————————————————— 11 1.3.1 DDoS Attacks —————————————————————— 11 1.3.2 Malware Activities ———————————————————— 13 1.3.3 SQL Injection Attacks —————————————————— 16 1.3.4 Website Alterations ——————————————————— 17 1.4 Focused Research —————————————————— 18 1.4.1 Increasingly Malicious PUAs —————————————— 18 1.4.2 ID Management Technology: From a Convenience and Security Perspective ————— 22 1.4.3 Evaluating the IOCs of Malware That Reprograms HDD Firmware —————————————————————— 25 1.5 Conclusion —————————————————————— 27 2. Messaging Technology —————————————— 28 2.1 Introduction ————————————————————— 28 2.2 Spam Trends ————————————————————— 28 2.2.1 Spam Ratios Decline Further in FY2014 ————————— 28 2.2.2 Higher Risks Despite Lower Volumes —————————— 29 2.3 Trends in Email Technologies ——————————— 29 2.3.1 The DMARC RFC ————————————————————— 29 2.3.2 Problems with DMARC and Reporting —————————— 30 2.3.3 Use of DMARC by Email Recipients ——————————— 30 2.3.4 Domain Reputation ——————————————————— 31 2.3.5
    [Show full text]
  • Threat Modeling and Circumvention of Internet Censorship by David Fifield
    Threat modeling and circumvention of Internet censorship By David Fifield A dissertation submitted in partial satisfaction of the requirements for the degree of Doctor of Philosophy in Computer Science in the Graduate Division of the University of California, Berkeley Committee in charge: Professor J.D. Tygar, Chair Professor Deirdre Mulligan Professor Vern Paxson Fall 2017 1 Abstract Threat modeling and circumvention of Internet censorship by David Fifield Doctor of Philosophy in Computer Science University of California, Berkeley Professor J.D. Tygar, Chair Research on Internet censorship is hampered by poor models of censor behavior. Censor models guide the development of circumvention systems, so it is important to get them right. A censor model should be understood not just as a set of capabilities|such as the ability to monitor network traffic—but as a set of priorities constrained by resource limitations. My research addresses the twin themes of modeling and circumvention. With a grounding in empirical research, I build up an abstract model of the circumvention problem and examine how to adapt it to concrete censorship challenges. I describe the results of experiments on censors that probe their strengths and weaknesses; specifically, on the subject of active probing to discover proxy servers, and on delays in their reaction to changes in circumvention. I present two circumvention designs: domain fronting, which derives its resistance to blocking from the censor's reluctance to block other useful services; and Snowflake, based on quickly changing peer-to-peer proxy servers. I hope to change the perception that the circumvention problem is a cat-and-mouse game that affords only incremental and temporary advancements.
    [Show full text]
  • Style Counsel: Seeing the (Random) Forest for the Trees in Adversarial Code Stylometry∗
    Style Counsel: Seeing the (Random) Forest for the Trees in Adversarial Code Stylometry∗ Christopher McKnight Ian Goldberg Magnet Forensics University of Waterloo [email protected] [email protected] ABSTRACT worm based on an examination of the reverse-engineered code [17], The results of recent experiments have suggested that code stylom- casting style analysis as a forensic technique. etry can successfully identify the author of short programs from This technique, however, may be used to chill speech for soft- among hundreds of candidates with up to 98% precision. This poten- ware developers. There are several cases of developers being treated tial ability to discern the programmer of a code sample from a large as individuals of suspicion, intimidated by authorities and/or co- group of possible authors could have concerning consequences for erced into removing their software from the Internet. In the US, the open-source community at large, particularly those contrib- Nadim Kobeissi, the Canadian creator of Cryptocat (an online se- utors that may wish to remain anonymous. Recent international cure messaging application) was stopped, searched, and questioned events have suggested the developers of certain anti-censorship by Department of Homeland Security officials on four separate oc- and anti-surveillance tools are being targeted by their governments casions in 2012 about Cryptocat and the algorithms it employs [16]. and forced to delete their repositories or face prosecution. In November 2014, Chinese developer Xu Dong was arrested, pri- In light of this threat to the freedom and privacy of individual marily for political tweets, but also because he allegedly “committed programmers around the world, we devised a tool, Style Counsel, to crimes of developing software to help Chinese Internet users scale aid programmers in obfuscating their inherent style and imitating the Great Fire Wall of China” [4] in relation to proxy software he another, overt, author’s style in order to protect their anonymity wrote.
    [Show full text]
  • Digital Authoritarianism and the Global Threat to Free Speech Hearing
    DIGITAL AUTHORITARIANISM AND THE GLOBAL THREAT TO FREE SPEECH HEARING BEFORE THE CONGRESSIONAL-EXECUTIVE COMMISSION ON CHINA ONE HUNDRED FIFTEENTH CONGRESS SECOND SESSION APRIL 26, 2018 Printed for the use of the Congressional-Executive Commission on China ( Available at www.cecc.gov or www.govinfo.gov U.S. GOVERNMENT PUBLISHING OFFICE 30–233 PDF WASHINGTON : 2018 VerDate Nov 24 2008 12:25 Dec 16, 2018 Jkt 081003 PO 00000 Frm 00001 Fmt 5011 Sfmt 5011 C:\USERS\DSHERMAN1\DESKTOP\VONITA TEST.TXT DAVID CONGRESSIONAL-EXECUTIVE COMMISSION ON CHINA LEGISLATIVE BRANCH COMMISSIONERS Senate House MARCO RUBIO, Florida, Chairman CHRIS SMITH, New Jersey, Cochairman TOM COTTON, Arkansas ROBERT PITTENGER, North Carolina STEVE DAINES, Montana RANDY HULTGREN, Illinois JAMES LANKFORD, Oklahoma MARCY KAPTUR, Ohio TODD YOUNG, Indiana TIM WALZ, Minnesota DIANNE FEINSTEIN, California TED LIEU, California JEFF MERKLEY, Oregon GARY PETERS, Michigan ANGUS KING, Maine EXECUTIVE BRANCH COMMISSIONERS Not yet appointed ELYSE B. ANDERSON, Staff Director PAUL B. PROTIC, Deputy Staff Director (ii) VerDate Nov 24 2008 12:25 Dec 16, 2018 Jkt 081003 PO 00000 Frm 00002 Fmt 0486 Sfmt 0486 C:\USERS\DSHERMAN1\DESKTOP\VONITA TEST.TXT DAVID C O N T E N T S STATEMENTS Page Opening Statement of Hon. Marco Rubio, a U.S. Senator from Florida; Chair- man, Congressional-Executive Commission on China ...................................... 1 Statement of Hon. Christopher Smith, a U.S. Representative from New Jer- sey; Cochairman, Congressional-Executive Commission on China .................. 4 Cook, Sarah, Senior Research Analyst for East Asia and Editor, China Media Bulletin, Freedom House ..................................................................................... 6 Hamilton, Clive, Professor of Public Ethics, Charles Sturt University (Aus- tralia) and author, ‘‘Silent Invasion: China’s Influence in Australia’’ ............
    [Show full text]
  • July 20, 2020 the Honorable David N. Cicilline Chairman
    July 20, 2020 The Honorable David N. Cicilline Chairman, Subcommittee on Antitrust, Commercial and Administrative Law U.S. House of Representatives Subject: House Judiciary Committee’s July 27 hearing of Apple’s CEO Tim Cook Chairman Cicilline, GreatFire is a China-based, anti-censorship organization that has been working since 2011 to bring transparency to online censorship in China and to help Chinese citizens to freely access information. We would like to draw to your attention Apple’s current policy of censorship of its App Store, which constitutes a serious abuse of its dominant position in the digital marketplace as well as a violation of human rights. On July 27, the Subcommittee on Antitrust, Commercial and Administrative Law of the U.S House of Representatives Judiciary Committee will question Apple Inc. CEO Tim Cook, along with the CEOs of Amazon, Google and Facebook, as part of the Committee’s ongoing investigation into competition in the digital marketplace. The “Online Platforms and Market Power, Part 6: Examining the Dominance of Amazon, Facebook, Google and Apple” hearing will conclude an investigation which began last year and has already covered Apple’s anti-competitive practices and their impact, most notably on a “Free and Diverse Press”. We believe that one crucial consequence of Apple’s dominant position in the digital market has not been covered by the investigation: Apple’s opaque and arbitrary management of its China App Store. In China, currently Apple’s biggest market worldwide, Apple directly collaborates with the Chinese authorities to censor apps that the government does not want its population to use.
    [Show full text]
  • Forbidden Feeds: Government Controls on Social Media in China
    FORBIDDEN FEEDS Government Controls on Social Media in China 1 FORBIDDEN FEEDS Government Controls on Social Media in China March 13, 2018 © 2018 PEN America. All rights reserved. PEN America stands at the intersection of literature and hu- man rights to protect open expression in the United States and worldwide. We champion the freedom to write, recognizing the power of the word to transform the world. Our mission is to unite writers and their allies to celebrate creative expression and defend the liberties that make it possible. Founded in 1922, PEN America is the largest of more than 100 centers of PEN International. Our strength is in our membership—a nationwide community of more than 7,000 novelists, journalists, poets, es- sayists, playwrights, editors, publishers, translators, agents, and other writing professionals. For more information, visit pen.org. Cover Illustration: Badiucao CONTENTS EXECUTIVE SUMMARY 4 INTRODUCTION : AN UNFULFILLED PROMISE 7 OUTLINE AND METHODOLOGY 10 KEY FINDINGS 11 SECTION I : AN OVERVIEW OF THE SYSTEM OF SOCIAL MEDIA CENSORSHIP 12 The Prevalence of Social Media Usage in China 12 Digital Rights—Including the Right to Free Expression—Under International Law 14 China’s Control of Online Expression: A Historical Perspective 15 State Control over Social Media: Policy 17 State Control over Social Media: Recent Laws and Regulations 18 SECTION II: SOCIAL MEDIA CENSORSHIP IN PRACTICE 24 A Typology of Censored Topics 24 The Corporate Responsibility to Censor its Users 29 The Mechanics of Censorship 32 Tibet and
    [Show full text]
  • The Impact of Media Censorship: Evidence from a Field Experiment in China
    The Impact of Media Censorship: Evidence from a Field Experiment in China Yuyu Chen David Y. Yang* January 4, 2018 — JOB MARKET PAPER — — CLICK HERE FOR LATEST VERSION — Abstract Media censorship is a hallmark of authoritarian regimes. We conduct a field experiment in China to measure the effects of providing citizens with access to an uncensored Internet. We track subjects’ me- dia consumption, beliefs regarding the media, economic beliefs, political attitudes, and behaviors over 18 months. We find four main results: (i) free access alone does not induce subjects to acquire politically sen- sitive information; (ii) temporary encouragement leads to a persistent increase in acquisition, indicating that demand is not permanently low; (iii) acquisition brings broad, substantial, and persistent changes to knowledge, beliefs, attitudes, and intended behaviors; and (iv) social transmission of information is statis- tically significant but small in magnitude. We calibrate a simple model to show that the combination of low demand for uncensored information and the moderate social transmission means China’s censorship apparatus may remain robust to a large number of citizens receiving access to an uncensored Internet. Keywords: censorship, information, media, belief JEL classification: D80, D83, L86, P26 *Chen: Guanghua School of Management, Peking University. Email: [email protected]. Yang: Department of Economics, Stanford University. Email: [email protected]. Yang is deeply grateful to Ran Abramitzky, Matthew Gentzkow, and Muriel Niederle
    [Show full text]
  • Download and Install a New Trusted Root Certificate in Order to Connect to ~250 Foreign Web Sites
    The Information Safety & Capacity (ISC) Project FINAL REPORT 2011-2020 Submitted to: USAID/DCHA Submitted by: Counterpart International DISCLAIMER: This publication was produced by Counterpart International for review by the United States Agency for International Development under Cooperative Agreement AID-OAA-LA-11-00008 and Leader Cooperative Agreement Number: FD-A-00-09-00141-00. The authors’ views expressed in this publication do not necessarily reflect the views of the United States Agency for International Development or the United States Government. 2 The ISC Project Final Report Table of Contents 04 Executive Summary 20 Locally Created Resources and Tools 04 Introduction 20 Technology Development 05 Achievements & Milestones 22 Investment in Technology 06 Investing in Trust 22 Technology Support Grants: 2013 06 Initial Threats and Fixes 24 Technology Support Grants: 2016 06 State Actors and Suppression 24 Technology Support Grants: 2018 07 Looking Ahead 24 Technology Support Grants: 2019 08 Part One: ISC Project Vision and Strategy 25 Technology Support Grants: 2020 08 The Importance of Cybersecurity in Civil Society 26 Cyber Policy Support 09 Global Threats and Trends: Old and New 26 Internet Freedom Landscape 09 Cybersecurity Threats in the Beginning 27 Design Principles for Internet Freedom Support 10 Evolution of Threats Through Technological 28 Internet Governance and Internet Freedom: 2017- Innovation 2019 Awardees 11 The ISC Project’s Network of Digital Security 30 Internet Freedom Policy Advocacy: 2020 Specialists Awardees
    [Show full text]
  • Geneva: Evolving Censorship Evasion Strategies
    Session 9E: Web Censorship and Auditing CCS ’19, November 11–15, 2019, London, United Kingdom Geneva: Evolving Censorship Evasion Strategies Kevin Bock George Hughey University of Maryland University of Maryland Xiao Qiang Dave Levin UC Berkeley University of Maryland ABSTRACT 1 INTRODUCTION Researchers and censoring regimes have long engaged in a cat-and- Multiple nations around the world today engage in country-wide mouse game, leading to increasingly sophisticated Internet-scale censorship of Internet traffic. Although there are many forms of censorship techniques and methods to evade them. In this paper, censorship—including political pressure [34] and outright blocking we take a drastic departure from the previously manual evade- of certain protocols [10, 17]—the most pervasive form of online detect cycle by developing techniques to automate the discovery censorship involves in-network monitoring and censoring of for- of censorship evasion strategies. We present Geneva, a novel ge- bidden keywords. China [48], Pakistan [29], and more [34] deploy netic algorithm that evolves packet-manipulation-based censorship on-path monitors—similar to network intrusion detection systems evasion strategies against nation-state level censors. Geneva com- (NIDS) [21]—to detect and tear down network connections that poses, mutates, and evolves sophisticated strategies out of four basic carry a prohibited word or domain name. The distinguishing fea- packet manipulation primitives (drop, tamper headers, duplicate, ture of such on-path censors is that they are not one of the hops and fragment). With experiments performed both in-lab and against in the target’s communication path; rather, they monitor copies of several real censors (in China, India, and Kazakhstan), we demon- packets and inject new packets (e.g., TCP RSTs) to interfere with strate that Geneva is able to quickly and independently re-derive connections they deem to be inappropriate.
    [Show full text]
  • C 2017 Frederick Ernest Douglas CIRCUMVENTION of CENSORSHIP of INTERNET ACCESS and PUBLICATION
    c 2017 Frederick Ernest Douglas CIRCUMVENTION OF CENSORSHIP OF INTERNET ACCESS AND PUBLICATION BY FREDERICK ERNEST DOUGLAS DISSERTATION Submitted in partial fulfillment of the requirements for the degree of Doctor of Philosophy in Computer Science in the Graduate College of the University of Illinois at Urbana-Champaign, 2017 Urbana, Illinois Doctoral Committee: Associate Professor Matthew Caesar, Chair Associate Professor Nikita Borisov Professor Klara Nahrstedt Assistant Professor Eric Wustrow, University of Colorado, Boulder ABSTRACT Internet censorship of one form or another affects on the order of half of all internet users. Previous work has studied this censorship, and proposed techniques for circumventing it, ranging from making proxy servers avail- able to censored users, to tunneling internet connections through services such as voice or video chat, to embedding censorship circumvention in cloud platforms' front-end servers or even in ISP's routers. This dissertation describes a set of techniques for circumventing internet censorship building on and surpassing prior efforts. As is always the case, there are tradeoffs to be made: some of this work emphasizes deployability, and some aims for unstoppable circumvention with the assumption of sig- nificant resources. However, the latter techniques are not merely academic thought experiments: this dissertation also describes the experience of suc- cessfully deploying such a technique, which served tens of thousands of users. While the solid majority of previous work, as well as much of the work presented here, is focused on governments blocking access to sites and services hosted outside of their country, the rise of social media has created a new form of internet censorship.
    [Show full text]
  • How China's Government, Businesses, and Populace
    Behind the Great Firewall: How China’s Government, Businesses, and Populace Compete to Shape the Chinese Internet An STS Research Paper presented to the faculty of the School of Engineering and Applied Science University of Virginia by James Houghton May 5, 2020 On my honor as a University student, I have neither given nor received unauthorized aid on this assignment as defined by the Honor Guidelines for Thesis-Related Assignments. Signed: _________________________________________________ Approved: ____________________________________________ Date _______________________ Peter Norton, Department of Engineering and Society 1 Behind the Great Firewall: How China’s Government, Businesses, and Populace Compete to Shape the Chinese Internet Introduction Chinese citizens are subject to some of the strictest censorship in the world. The Chinese government blocks nearly all of Google’s services, Facebook, Twitter, and even some academic journals. Even today, political expression is limited, and whistleblowers are silenced (Griffiths, 2020). Although many in China remain complacent due to highly integrated applications like WeChat, a small minority is vocal about combating censorship. The relationship between Chinese authorities and web users is complex and requires investigation. The Communist Party of China (CPC) has built what is now called the Great Firewall of China (GFW), a web traffic monitoring and censorship system. The CPC routinely uses it to scan for and block content it deems sensitive or inappropriate (Zheng, 2017). Although some people working in academia and business may have methods, by exemption or otherwise, of bypassing some of the GFW restrictions, the CPC has plugged many of its holes in recent years, impeding research and business opportunities. However, nearly all Chinese web users including students do not seek to access the uncensored web, and many businesses thrive with the lack of much foreign intervention.
    [Show full text]