Abstract
It is challenging to conduct a large scale Internet censorship measurement, as it involves triggering censors through artificial requests and identifying abnormalities from corresponding responses. Due to the lack of ground truth on the expected responses from legitimate services, previous studies typically require a heavy, unscalable manual inspection to identify false positives while still leaving false negatives undetected. In this paper, we propose Disguiser, a novel framework that enables end-to-end measurement to accurately detect the censorship activities and reveal the censor deployment without manual efforts. The core of Disguiser is a control server that replies with a static payload to provide the ground truth of server responses. As such, we send requests from various types of vantage points across the world to our control server, and the censorship activities can be recognized if a vantage point receives a different response. In particular, we design and conduct a cache test to pre-exclude the vantage points that could be interfered by cache proxies along the network path. Then we perform application traceroute towards our control server to explore censors' behaviors and their deployment. With Disguiser, we conduct 58 million measurements from vantage points in 177 countries. We observe 292 thousand censorship activities that block DNS, HTTP, or HTTPS requests inside 122 countries, achieving a 10^-6 false positive rate and zero false negative rate. Furthermore, Disguiser reveals the censor deployment in 13 countries.
- 1&1 IONOS INC. [n.d.]. Understanding and Configuring DNS TTL . https://www.ionos.com/community/server-cloud-infrastructure/dns/understanding-and-configuring-dns-ttl/.Google Scholar
- Alexa. [n.d.]. https://www.alexa.com/topsites .Google Scholar
- Collin Anderson. 2012. The Hidden Internet of Iran: Private Address Allocations on a National Network. Technical Report. https://arxiv.org/pdf/1209.6398v1.pdfGoogle Scholar
- Collin Anderson, Philipp Winter, and Roya. 2014. Global Network Interference Detection over the RIPE Atlas Network. In USENIX Workshop on Free and Open Communications the Internet (FOCI) .Google Scholar
- Anonymous. 2012. The Collateral Damage of Internet Censorship by DNS Injection . ACM SIGCOMM Computer Communication Review (2012).Google Scholar
- Anonymous, Arian Akhavan Niaki, Nguyen Phong Hoang, Phillipa Gill, and Amir Houmansadr. 2020. Triplet Censors: Demystifying Great Firewalltextquoterights DNS Censorship Behavior. In USENIX Workshop on Free and Open Communications on the Internet (FOCI) .Google Scholar
- Simurgh Aryan, Homa Aryan, and J. Alex Halderman. 2013. Internet Censorship in Iran: A First Look. In USENIX Workshop on Free and Open Communications on the Internet (FOCI) .Google Scholar
- Kevin Bock, George Hughey, Xiao Qiang, and Dave Levin. 2019. Geneva: Evolving Censorship Evasion Strategies . In ACM Conference on Computer and Communications Security (CCS) .Google Scholar
Digital Library
- Stéphane Bortzmeyer. [n.d.]. DNS Censorship (DNS Lies) As Seen By RIPE Atlas . https://labs.ripe.net/Members/stephane_bortzmeyer/dns-censorship-dns-lies-seen-by-atlas-probes .Google Scholar
- Sam Burnett, Nick Feamster, and Santosh Vempala. 2010. Chipping Away at Censorship Firewalls with User-Generated Content. In USENIX Security Symposium .Google Scholar
- CAIDA AS Rank. [n.d.]. http://as-rank.caida.org/.Google Scholar
- Abdelberi Chaabane, Terence Chen, Mathieu Cunche, Emiliano De Cristofaro, Arik Friedman, and Mohamed Ali Kaafar. 2014. Censorship in the Wild: Analyzing Internet Filtering in Syria. In ACM Internet Measurement Conference (IMC) .Google Scholar
Digital Library
- Citizen Lab. 2019. URL Testing Lists Intended for Discovering Website Censorship . https://github.com/citizenlab/test-lists/.Google Scholar
- Jedidiah R. Crandall, Daniel Zinn, Michael Byrd, Earl Barr, and Rich East. 2007. ConceptDoppler: A Weather Tracker for Internet Censorship. In ACM Conference on Computer and Communications Security (CCS) .Google Scholar
- Roya Ensaf, Philipp Winter, Abdullah Mueen, and Jedidiah R. Crandall. 2015. Analyzing the Great Firewall of China Over Space and Time. In Privacy Enhancing Technologies Symposium (PETS) .Google Scholar
- David Fifield, Chang Lan, Rod Hynes, Percy Wegmann, and Vern Paxson. 2015. Blocking-resistant Communication through Domain Fronting. In Privacy Enhancing Technologies Symposium (PETS) .Google Scholar
Cross Ref
- Arturo Filastò and Jacob Appelbaum. 2012. OONI: Open Observatory of Network Interference. In USENIX Workshop on Free and Open Communications the Internet (FOCI) .Google Scholar
- FortiGuard Labs. [n.d.]. https://fortiguard.com/webfilter .Google Scholar
- Nguyen Phong Hoang, Arian Akhavan Niaki, Jakub Dalek, Jeffrey Knockel, Pellaeon Lin, Bill Marczak, Masashi Crete-Nishihata, Phillipa Gill, and Michalis Polychronakis. 2021. How Great is the Great Firewall? Measuring Chinatextquoterights DNS Censorship. In USENIX Security Symposium .Google Scholar
- John Holowczak and Amir Houmansadr. 2015. CacheBrowser: Bypassing Chinese Censorship Without Proxies Using Cached Content. In ACM Conference on Computer and Communications Security (CCS) .Google Scholar
Digital Library
- Amir Houmansadr, Giang T. K. Nguyen, Matthew Caesar, and Nikita Borisov. 2011. Cirripede: Circumvention Infrastructure using Router Redirection with Plausible Deniability. In ACM Conference on Computer and Communications Security (CCS) .Google Scholar
Digital Library
- Bradley Huffaker, Marina Fomenkov, and kc claffy. 2011. Geocompare: a comparison of public and commercial geolocation databases. Technical Report.Google Scholar
- IP-API. [n.d.]. http://ip-api.com/.Google Scholar
- IPinfo.io. [n.d.]. http://ipinfo.io/.Google Scholar
- Lin Jin, Shuai Hao, Haining Wang, and Chase Cotton. 2018. Your Remnant Tells Secret: Residual Resolution in DDoS Protection Services. In IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) .Google Scholar
- Lin Jin, Shuai Hao, Haining Wang, and Chase Cotton. 2019. Unveil the Hidden Presence: Characterizing the Backend Interface of Content Delivery Networks. In IEEE International Conference on Network Protocols (ICNP) .Google Scholar
- Lin Jin, Shuai Hao, Haining Wang, and Chase Cotton. 2021. Understanding the Impact of Encrypted DNS on Internet Censorship. In The Web Conference (WWW) .Google Scholar
- Ben Jones, Roya Ensafi, Nick Feamster, Vern Paxson, and Nick Weaver. 2015. Ethical Concerns for Censorship Measurement. In ACM SIGCOMM Workshop on Ethics in Networked Systems Research (NS Ethics) .Google Scholar
- Josh Karlin, Daniel Ellard, Alden W. Jackson, Christine E. Jones, Greg Lauer, David P. Mankins, and W. Timothy Strayer. 2011. Decoy Routing: Toward Unblockable Internet Communication. In USENIX Workshop on Free and Open Communications the Internet (FOCI) .Google Scholar
- Sheharbano Khattak, Mobin Javed, Philip D. Anderson, and Vern Paxson. 2013. Towards Illuminating a Censorship Monitortextquoterights Model to Facilitate Evasion. In USENIX Workshop on Free and Open Communications the Internet (FOCI) .Google Scholar
- Sheharbano Khattak, Mobin Javed, Syed Ali Khayam, Zartash Afzal Uzmi, and Vern Paxson. 2014. A Look at the Consequences of Internet Censorship Through an ISP Lens. In ACM Internet Measurement Conference (IMC) .Google Scholar
Digital Library
- Xianghang Mi, Xuan Feng, Xiaojing Liao, Baojun Liu, XiaoFeng Wang, Feng Qian, Zhou Li, Sumayah Alrwais, Limin Sun, and Ying Liu. 2019. Resident Evil: Understanding Residential IP Proxy as a Dark Service. In IEEE Symposium on Security and Privacy (S&P) .Google Scholar
Cross Ref
- Zubair Nabi. 2013. The Anatomy of Web Censorship in Pakistan. In USENIX Workshop on Free and Open Communications on the Internet (FOCI) .Google Scholar
- Milad Nasr, Hadi Zolfaghari, Amir Houmansadr, and Amirhossein Ghafari. 2020. MassBrowser: Unblocking the Censored Web for the Masses, by the Masses. In Network and Distributed System Security Symposium (NDSS) .Google Scholar
Cross Ref
- Arian Akhavan Niaki, Shinyoung Cho, Zachary Weinberg, Nguyen Phong Hoang, Abbas Razaghpanah, Nicolas Christin, and Phillipa Gill. 2020. ICLab: A Global, Longitudinal Internet Censorship Measurement Platform. In IEEE Symposium on Security and Privacy (S&P) .Google Scholar
- Aqib Nisar, Aqsa Kashaf, Ihsan Ayyub Qazi, and Zartash Afzal Uzmi. 2018. Incentivizing Censorship Measurements via Circumvention. In ACM SIGCOMM .Google Scholar
- Paul Pearce, Roya Ensafi, Frank Li, Nick Feamster, and Vern Paxson. 2017a. Augur: Internet-Wide Detection of Connectivity Disruptions. In IEEE Symposium on Security and Privacy (S&P).Google Scholar
- Paul Pearce, Ben Jones, Frank Li, Roya Ensafi, Nick Feamster, Nick Weaver, and Vern Paxson. 2017b. Global Measurement of DNS Manipulation. In USENIX Security Symposium .Google Scholar
- ProxyRack. [n.d.] a. https://www.proxyrack.com/.Google Scholar
- ProxyRack. [n.d.] b. https://www.proxyrack.com/become-a-peer/.Google Scholar
- Ram Sundara Raman, Leonid Evdokimov, Eric Wurstrow, J. Alex Halderman, and Roya Ensaf. 2020 a. Investigating Large Scale HTTPS Interception in Kazakhstan. In ACM Internet Measurement Conference (IMC) .Google Scholar
- Ram Sundara Raman, Prerana Shenoy, Katharina Kohls, and Roya Ensaf. 2020 b. Censored Planet: An Internet-wide, Longitudinal Censorship Observatory. In ACM Conference on Computer and Communications Security (CCS) .Google Scholar
- Ram Sundara Raman, Adrian Stoll, Jakub Dalek, Armin Sarabi, Reethika Ramesh, Will Scott, and Roya Ensafi. 2020 c. Measuring the Deployment of Network Censorship Filters at Global Scale. In Network and Distributed System Security Symposium (NDSS) .Google Scholar
Cross Ref
- Reethika Ramesh, Ram Sundara Raman, Matthew Bernhard, Victor Ongkowijaya, Leonid Evdokimov, Anne Edmundson, Steven Sprecher, Muhammad Ikram, and Roya Ensafi. 2020. Decentralized Control: A Case Study of Russia . In Network and Distributed System Security Symposium (NDSS) .Google Scholar
Cross Ref
- RIPE Atlas. [n.d.]. https://atlas.ripe.net/.Google Scholar
- Robert Kisteleki. [n.d.]. Ethics of RIPE Atlas Measurements . https://labs.ripe.net/Members/kistel/ethics-of-ripe-atlas-measurements .Google Scholar
- Max Schuchard, John Geddes, Christopher Thompson, and Nicholas Hopper. 2012. Routing Around Decoys. In ACM Conference on Computer and Communications Security (CCS) .Google Scholar
- Will Scott, Thomas Anderson, Tadayoshi Kohno, and Arvind Krishnamurthy. 2016. Satellite: Joint Analysis of CDNs and Network-level Interference. In USENIX Annual Technical Conference (ATC).Google Scholar
- Michael Carl Tschantz, Sadia Afroz, Anonymous, and Vern Paxson. 2016. SoK: Towards Grounding Censorship Circumvention in Empiricism. In IEEE Symposium on Security and Privacy (S&P) .Google Scholar
- Benjamin VanderSloot, Allison McDonald, Will Scott, J. Alex Halderman, and Roya Ensafi. 2018. Quack: Scalable Remote Measurement of Application-Layer Censorship. In USENIX Security Symposium .Google Scholar
- Zhongjie Wang, Shitong Zhu, Yue Cao, Zhiyun Qian, Chengyu Song, Srikanth V. Krishnamurthy, Kevin S. Chan, and Tracy D. Braun. 2020. SymTCP: Eluding Stateful Deep Packet Inspection with Automated Discrepancy Discovery. In Network and Distributed System Security Symposium (NDSS) .Google Scholar
- Zachary Weinberg, Shinyoung Cho, Nicolas Christin, Vyas Sekar, and Phillipa Gill. 2018. How to Catch When Proxies Lie: Verifying the Physical Locations of Network Proxies with Active Geolocation. In ACM Internet Measurement Conference (IMC) .Google Scholar
Digital Library
- Eric Wustrow, Scott Wolchok, Ian Goldberg, and J. Alex Halderman. 2011. Telex: Anticensorship in the Network Infrastructure. In USENIX Security Symposium .Google Scholar
- Xueyang Xu, Z. Morley Mao, and J. Alex Halderman. 2011. Internet Censorship in China: Where Does the Filtering Occur?. In Passive and Active Network Measurement (PAM) .Google Scholar
- Tarun Kumar Yadav, Akshat Sinha, Devashish Gosain, Piyush Kumar Sharma, and Sambuddho Chakravarty. 2018. Where The Light Gets In: Analyzing Web Censorship Mechanisms in India. In ACM Internet Measurement Conference (IMC) .Google Scholar
Digital Library
- Hadi Zolfaghari and Amir Houmansadr. 2016. Practical Censorship Evasion Leveraging Content Delivery Networks. In ACM Conference on Computer and Communications Security (CCS) .Google Scholar
Index Terms
Understanding the Practices of Global Censorship through Accurate, End-to-End Measurements
Recommendations
Understanding the Practices of Global Censorship through Accurate, End-to-End Measurements
SIGMETRICS/PERFORMANCE '22: Abstract Proceedings of the 2022 ACM SIGMETRICS/IFIP PERFORMANCE Joint International Conference on Measurement and Modeling of Computer SystemsIt is challenging to conduct a large scale Internet censorship measurement, as it involves triggering censors through artificial requests and identifying abnormalities from corresponding responses. Due to the lack of ground truth on the expected ...
Understanding the Impact of Encrypted DNS on Internet Censorship
WWW '21: Proceedings of the Web Conference 2021DNS traffic is transmitted in plaintext, resulting in privacy leakage. To combat this problem, secure protocols have been used to encrypt DNS messages. Existing studies have investigated the performance overhead and privacy benefits of encrypted DNS ...
Understanding the Practices of Global Censorship through Accurate, End-to-End Measurements
SIGMETRICS '22It is challenging to conduct a large scale Internet censorship measurement, as it involves triggering censors through artificial requests and identifying abnormalities from corresponding responses. Due to the lack of ground truth on the expected ...






Comments