A Framework for the Game-theoretic Analysis of Censorship Resistance

We present a game-theoretic analysis of optimal solutions for interactions between censors and censorship resistance systems (CRSs) by focusing on the data channel used by the CRS to smuggle clients’ data past the censors. This analysis leverages the inherent errors (false positives and negatives) made by the censor when trying to classify traffic as either non-circumvention traffic or as CRS traffic, as well as the underlying rate of CRS traffic. We identify Nash equilibrium solutions for several simple censorship scenarios and then extend those findings to more complex scenarios where we find that the deployment of a censorship apparatus does not qualitatively change the equilibrium solutions, but rather only affects the amount of traffic a CRS can support before being blocked. By leveraging these findings, we describe a general framework for exploring and identifying optimal strategies for the censorship circumventor, in order to maximize the amount of CRS traffic not blocked by the censor. We use this framework to analyze several scenarios with multiple data-channel protocols used as cover for the CRS. We show that it is possible to gain insights through this framework even without perfect knowledge of the censor’s (secret) values for the parameters in their utility function

A Framework for the Game-theoretic Analysis of Censorship Resistance

This paper argues that one of the most important decisions in designing and deploying censorship resistance systems is whether one set of system options should be selected (the best), or whether there should be several sets of good ones. We model the problem of choosing these options as a cat-and-mouse game and show that the best strategy depends on the value the censor associates with total system censorship versus partial, and the tolerance of false positives. If the censor has a low tolerance to false positives then choosing one censorship resistance system is best. Otherwise choosing several systems is the better choice, but the way traffic should be distributed over the systems depends on the tolerance of the censor to false negatives. We demonstrate that establishing the censor's utility function is critical to discovering the best strategy for censorship resistance

Systemization of Pluggable Transports for Censorship Resistance

An increasing number of countries implement Internet censorship at different scales and for a variety of reasons. In particular, the link between the censored client and entry point to the uncensored network is a frequent target of censorship due to the ease with which a nation-state censor can control it. A number of censorship resistance systems have been developed thus far to help circumvent blocking on this link, which we refer to as link circumvention systems (LCs). The variety and profusion of attack vectors available to a censor has led to an arms race, leading to a dramatic speed of evolution of LCs. Despite their inherent complexity and the breadth of work in this area, there is no systematic way to evaluate link circumvention systems and compare them against each other. In this paper, we (i) sketch an attack model to comprehensively explore a censor's capabilities, (ii) present an abstract model of a LC, a system that helps a censored client communicate with a server over the Internet while resisting censorship, (iii) describe an evaluation stack that underscores a layered approach to evaluate LCs, and (iv) systemize and evaluate existing censorship resistance systems that provide link circumvention. We highlight open challenges in the evaluation and development of LCs and discuss possible mitigations.Comment: Content from this paper was published in Proceedings on Privacy Enhancing Technologies (PoPETS), Volume 2016, Issue 4 (July 2016) as "SoK: Making Sense of Censorship Resistance Systems" by Sheharbano Khattak, Tariq Elahi, Laurent Simon, Colleen M. Swanson, Steven J. Murdoch and Ian Goldberg (DOI 10.1515/popets-2016-0028

Recipes for Resistance: A Censorship Circumvention Cookbook

The increasing centralization of Internet infrastructure and web services, along with advancements in the application of machine learning techniques to analyze and classify network traffic, have enabled the growth and proliferation of Internet censorship. While the Internet filtering infrastructure of censoring authorities improves, cracks and weaknesses in the censorship systems deployed by the state allow Internet users to appropriate existing network protocols in order to circumvent censorship attempts. The relationship between censors and censorship resistors is often likened to a cat-and-mouse game in which resistors struggle to find new gaps in nation-state firewalls through which they can access content freely, while censors are devoted to discovering and closing these gaps as quickly as possible. The life cycle of censorship resistance tools typically begins with their creation, but often ends very quickly as the tools are discovered and blocked by censors whose ability to identify anomalous network traffic continues to grow. In this thesis, we provide several recipes to create censorship resistance systems that disguise user traffic, despite a censor’s complete knowledge of how the system works. We describe how to properly appropriate protocols, maximize censorship-resistant bandwidth, and deploy censorship resistance systems that can stand the test of time