Kevin Bock
Tania Arya
ABSTRACT
Decades of work on censorship evasion have resulted in myriad ways to empower clients with the ability to access censored content, but to our knowledge all of them have required some degree of client-side participation. Having to download and run anti-censorship software can put users at risk, and does not help the many users who do not even realize they are being censored in the first place.
In this paper, we present the first purely server-side censorship evasion strategies---11 in total. We extend a recent tool, Geneva, to automate the discovery and implementation of server-side strategies, and we apply it to four countries (China, India, Iran, and Kazakhstan) and five protocols (DNS-over-TCP, FTP, HTTP, HTTPS, and SMTP). We also perform follow-on experiments to understand why the strategies Geneva finds work, and to glean new insights into how censors operate. Among these, we find that China runs a completely separate network stack (each with its own unique bugs) for each application-layer protocol that it censors.
The server-side techniques we find are easier and safer to deploy than client-side strategies. Our code and data are publicly available.
Supplemental Material
References
- 1981. Transmission Control Protocol. RFC 793. RFC Editor. https://www.rfc-editor.org/rfc/rfc793.txtGoogle Scholar
- 2016. DNS Transport over TCP - Implementation Requirements. RFC 7766. RFC Editor. https://tools.ietf.org/html/rfc7766Google Scholar
- Claudio Agosti and Giovanni Pellerano. 2011. SniffJoke: transparent TCP connection scrambler. https://github.com/vecna/sniffjoke. (2011).Google Scholar
- agrabeli. 2017. Internet Censorship in Iran: Findings from 2014-2017. https://blog.torproject.org/internet-censorship-iran-findings-2014-2017. (2017).Google Scholar
- Anonymous. 2012. The Collateral Damage of Internet Censorship. ACM SIGCOMM Computer Communication Review (CCR) 42, 3 (2012), 21--27.Google ScholarDigital Library
- Anonymous. 2014. Towards a Comprehensive Picture of the Great Firewall's DNS Censorship. In USENIX Workshop on Free and Open Communications on the Internet (FOCI).Google Scholar
- Simurgh Aryan, Homa Aryan, and J. Alex Halderman. 2013. Internet Censorship in Iran: A First Look. In USENIX Workshop on Free and Open Communications on the Internet (FOCI).Google Scholar
- Tod Beardsley and Jin Qian. 2010. The TCP Split Handshake: Practical Effects on Modern Network Equipment. Network Protocols and Algorithms 2, 1 (2010), 197--217.Google ScholarCross Ref
- Kevin Bock, George Hughey, Xiao Qiang, and Dave Levin. 2019. Geneva: Evolving Censorship Evasion. In ACM Conference on Computer and Communications Security (CCS).Google Scholar
- Yue Cao, Zhiyun Qian, Zhongjie Wang, Tuan Dao, Srikanth V. Krishnamurthy, and Lisa M. Marvel. 2016. Off-Path TCP Exploits: Global Rate Limit Considered Dangerous. In USENIX Security Symposium.Google Scholar
- Richard Clayton, Steven J. Murdoch, and Robert N. M. Watson. 2006. Ignoring the Great Firewall of China. In Privacy Enhancing Technologies Symposium (PETS).Google Scholar
- Roger Dingledine. 2012. Obfsproxy: the next step in the censorship arms race. https://blog.torproject.org/obfsproxy-next-step-censorship-arms-race. (2012).Google Scholar
- Roger Dingledine, Nick Mathewson, and Paul Syverson. 2004. Tor: The Second-Generation Onion Router. In USENIXSecurity Symposium.Google ScholarCross Ref
- Roya Ensafi, David Fifield, Philipp Winter, Nick Feamster, Nicholas Weaver, and Vern Paxson. 2015. ExaminingHowthe GreatFirewall Discovers Hidden Circumvention Servers. In ACM Internet Measurement Conference (IMC).Google Scholar
- David Fifield, Nate Hardison, Jonathan Ellithorpe, Emily Stark, Dan Boneh, Roger Dingledine, and Phil Porras. 2012. Evading Censorship with Browser-Based Proxies. In Privacy Enhancing Technologies Symposium (PETS).Google Scholar
- David Fifield, Chang Lan, Rod Hynes, Percy Wegmann, and Vern Paxson. 2015. Blocking-resistant communication through domain fronting. In Privacy Enhancing Technologies Symposium (PETS).Google ScholarCross Ref
- fqrouter. 2015. Detailed GFW's three blocking methods for SMTP protocol. https://web.archive.org/web/20151121091522/http://fqrouter.tumblr.com/post/43400982633/%E8%AF%A6%E8%BF%B0gfw%E5%AF%B9smtp%E5%8D%8F%E8%AE%AE%E7%9A%84%E4%B8%89%E7%A7%8D%E5%B0%81%E9%94%81%E6%89%8B%E6%B3%95. (2015).Google Scholar
- Amir Houmansadr, Chad Brubaker, and Vitaly Shmatikov. 2013. The Parrot is Dead: Observing Unobservable Network Communications. In IEEE Symposium on Security and Privacy.Google ScholarDigital Library
- Jill Jermyn and Nicholas Weaver. 2017. Autosonda: Discovering Rules and Triggers of Censorship Devices. In USENIX Workshop on Free and Open Communications on the Internet (FOCI).Google Scholar
- Dan Kaminsky. 2008. It's The End of the Cache As We Know It. http://kurser.lobner. dk/dDist/DMK_BO2K8.pdf. (2008).Google Scholar
- Sheharbano Khattak, Mobin Javed, Philip D. Anderson, and Vern Paxson. 2013. Towards Illuminating a Censorship Monitor's Model to Facilitate Evasion. In USENIX Workshop on Free and Open Communications on the Internet (FOCI).Google Scholar
- George T. Klees, Andrew Ruef, Benjamin Cooper, Shiyi Wei, and Michael Hicks. 2018. Evaluating Fuzz Testing. In ACM Conference on Computer and Communications Security (CCS).Google Scholar
- Fangfan Li, Abbas Razaghpanah, Arash Molavi Kakhki, Arian Akhavan Niaki, David Choffnes, Phillipa Gill, and Alan Mislove. 2017. lib.erate, (n): A library for exposing (traffic-classification) rules and avoiding them efficiently. In ACM Internet Measurement Conference (IMC).Google Scholar
- Richard McPherson, Amir Houmansadr, and Vitaly Shmatikov. 2016. Covert-Cast: Using Live Streaming to Evade Internet Censorship. In Privacy Enhancing Technologies Symposium (PETS).Google Scholar
- Hooman Mohajeri Moghaddam, Baiyu Li, Mohammad Derakhshani, and Ian Goldberg. 2012. SkypeMorph: Protocol Obfuscation for Tor Bridges. In ACM Conference on Computer and Communications Security (CCS).Google ScholarDigital Library
- Zubair Nabi. 2013. The Anatomy of Web Censorship in Pakistan. In USENIX Workshop on Free and Open Communications on the Internet (FOCI).Google Scholar
- Kei Yin Ng, Anna Feldman, and Chris Leberknight. 2018. Detecting Censorable Content on Sina Weibo: A Pilot Study. In Hellenic Conference on Artificial Intelligence (SETN).Google ScholarDigital Library
- Paul Pearce, Ben Jones, Frank Li, Roya Ensafi, Nick Feamster, Nick Weaver, and Vern Paxson. 2017. Global Measurement of DNS Manipulation. In USENIX Security Symposium.Google Scholar
- Thomas H. Ptacek and Timothy N. Newsham. 1998. Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection. In Secure Networks.Google Scholar
- Sigal Samuel. 2019. China is installing a secret surveillance app on tourists' phones. https://www.vox.com/future-perfect/2019/7/3/20681258/china-uighur-surveillance-app-tourist-phone. (2019).Google Scholar
- Rachee Singh, Rishab Nithyanand, Sadia Afroz, Paul Pearce, Michael Carl Tschantz, Phillipa Gill, and Vern Paxson. 2017. Characterizing the Nature and Dynamics of Tor Exit Blocking. In USENIX Security Symposium.Google ScholarDigital Library
- TelegramMessenger. 2019. MTProxy. https://github.com/TelegramMessenger/MTProxy. (2019).Google Scholar
- Inc. The Tor Project. [n. d.]. Tor Project: Bridges. https://2019.www.torproject.org/docs/bridges.html.en. ([n. d.]).Google Scholar
- Benjamin VanderSloot, Allison McDonald, Will Scott, J. Alex Halderman, and Roya Ensafi. 2018. Quack: Scalable Remote Measurement of Application-Layer Censorship. In USENIX Security Symposium.Google ScholarDigital Library
- Spandan Veggalam, Sanjay Rawat, Istvan Haller, and Herbert Bos. 2016. IFuzzer: An Evolutionary Interpreter Fuzzer using Genetic Programming. In European Symposium on Research in Computer Security (ESORICS).Google ScholarCross Ref
- Zhongjie Wang, Yue Cao, Zhiyun Qian, Chengyu Song, and Srikanth V. Krishnamurthy. 2017. Your State is Not Mine: A Closer Look at Evading Stateful Internet Censorship. In ACM Internet Measurement Conference (IMC).Google Scholar
- Zachary Weinberg, Jeffrey Wang, Vinod Yegneswaran, Linda Briesemeister, Steven Cheung, Frank Wang, and Dan Boneh. 2012. StegoTorus: A Camouflage Proxy for the Tor Anonymity System. In ACM Conference on Computer and Communications Security (CCS).Google ScholarDigital Library
- Philipp Winter. 2012. brdgrd (Bridge Guard). https://github.com/NullHypothesis/brdgrd. (2012).Google Scholar
- Philipp Winter and Stefan Lindskog. 2012. How the Great Firewall of China is Blocking Tor. In USENIX Workshop on Free and Open Communications on the Internet (FOCI).Google Scholar
- Eric Wustrow, Colleen M. Swanson, and J. Alex Halderman. 2014. TapDance: End-to-Middle Anticensorship without Flow Blocking. In USENIX Annual Technical Conference.Google Scholar
- Eric Wustrow, Scott Wolchok, Ian Goldberg, and J. Alex Halderman. 2011. Telex: Anticensorship in the Network Infrastructure. In USENIX Annual Technical Conference.Google Scholar
- Xueyang Xu, Morley Mao, and J. Alex Halderman. 2011. Internet Censorship in China: Where Does the Filtering Occur?. In Passive and Active Network Measurement Workshop (PAM).Google Scholar
- Tarun Kumar Yadav, Akshat Sinha, Devashish Gosain, Piyush Kumar Sharma, and Sambuddho Chakravarty. 2018. Where The Light Gets In: Analyzing Web Censorship Mechanisms in India. InACM Internet Measurement Conference (IMC).Google ScholarDigital Library
- Li Yuan. 2018. A Generation Grows Up in China Without Google, Facebook or Twitter. https://www.nytimes.com/2018/08/06/technology/china-generation-blocked-internet.html. (2018).Google Scholar
Index Terms
Come as You Are: Helping Unmodified Clients Bypass Censorship with Server-side Evasion
Comments