ICLab: A Global, Longitudinal Internet Censorship Measurement Platform

Researchers have studied Internet censorship for nearly as long as attempts to censor contents have taken place. Most studies have however been limited to a short period of time and/or a few countries; the few exceptions have traded off detail for breadth of coverage. Collecting enough data for a comprehensive, global, longitudinal perspective remains challenging. In this work, we present ICLab, an Internet measurement platform specialized for censorship research. It achieves a new balance between breadth of coverage and detail of measurements, by using commercial VPNs as vantage points distributed around the world. ICLab has been operated continuously since late 2016. It can currently detect DNS manipulation and TCP packet injection, and overt "block pages" however they are delivered. ICLab records and archives raw observations in detail, making retrospective analysis with new techniques possible. At every stage of processing, ICLab seeks to minimize false positives and manual validation. Within 53,906,532 measurements of individual web pages, collected by ICLab in 2017 and 2018, we observe blocking of 3,602 unique URLs in 60 countries. Using this data, we compare how different blocking techniques are deployed in different regions and/or against different types of content. Our longitudinal monitoring pinpoints changes in censorship in India and Turkey concurrent with political shifts, and our clustering techniques discover 48 previously unknown block pages. ICLab's broad and detailed measurements also expose other forms of network interference, such as surveillance and malware injection.Comment: To appear in Proceedings of the 41st IEEE Symposium on Security and Privacy (Oakland 2020). San Francisco, CA. May 202

Social Media and Public Discourse Participation in Restrictive Environments

This dissertation investigates citizens\u27 use of social media to participate in public discourse (i.e., access, share, and comment on socio-political content) in restrictive environments: societies ruled by a hegemonic government where users face economic and infrastructure barriers to using digital technologies. Theoretical propositions are built inductively from an interpretive case study of how Cuban citizens use Twitter to participate in socio-political conversations. The case study resulted in the identification of nine affordances (i.e., action potentials) for participating in public discourse that Cubans perceive on Twitter. The findings also showed that the identified affordances enabled Cubans to achieve citizen goals: positive outcomes that made them more effective to counteract the government\u27s hegemonic ruling. The case study also resulted in the identification of six obstacle-circumvention use strategies that Cubans apply to realize Twitter’s affordances and the conditions informing these strategies. The case findings were abstracted into a conceptual framework to explain social media-enabled participation in public discourse as a mechanism of empowerment in restrictive environments. One research contribution is the proposition that social media empowers citizens in restrictive spaces by allowing them to take, in the virtual world, actions related to participating in socio-political conversations that they cannot take in offline settings. Moreover, this work advances that social media empowers citizens in restrictive environments because it increases their self-efficacy and motivation to counteract the government and the knowledge and access to valuable resources needed to be more effective while pursuing this goal. Another contribution was highlighting that media use in restrictive environments is an involved process requiring users to devise optimization strategies that usually involve the use of supportive technologies in addition to the social media app. The use strategies are informed by limiting societal, individual user-level, and circumstantial conditions. One of this work’s practical contributions is offering pro-democracy advocates in restrictive environments a clearer understanding of the effects of using social media. This dissertation reaffirms that social media-mediated participation in public discourse empowers citizens because it provides the emotional fuel and the knowledge that they need to engage in the tiring battle of pushing back against the government’s domination

The Art of Repression: Digital Dissent and Power Consolidation in El-Sisi’s Egypt

Imprecise measurement tools impede the study of protest mobilization. Mobilization proxies, such as counting protesters and protest events, result in significant outliers and variance while ignoring sociocultural, cybernetic, economic, legal, and other features that relevant academic literature considers essential to understanding mobilization dynamics. Without accurate empirical models, researchers’ and policymakers’ investigations of autocratic repression have little explanatory power. This thesis proposes a methodological addition to the mobilization literature: Two three-level scales distinguish an event’s potential to attract an audience from the protest’s actual output relative to similar episodes. I employ the Armed Conflict Location and Event Data (ACLED) project to demonstrate the measurement’s utility. Afterwards, I apply these models to conduct an impact assessment of recent Egyptian cyberregulatory laws. Controlling for the grievances of protesters and performing other robustness checks, the time series demonstrates a strong, statistically significant relationship between the policies and the reduction of low-level potential mobilizational capacity of Egyptian dissidents, but fails to identify an expected relationship between police pressure and the decline of mobilizational capacity. These findings contribute to the theoretical frameworks of mobilization scholars and policymaker discussions regarding the value of internet censorship tools for curtailing oppositional political action

The Hydraulics of Intermediary Liability Regulation

The intermediary immunity created by Section 230 probably protects claims based on the non-legal harms of hate speech and misinformation as well as a European-style proportionality system of content moderation better than a more “legalized” intermediary liability regime would. Contrasting the existing non-copyright content moderation systems with empirical research on the effects of the Digital Millennium Copyright Act (DMCA) shows that a comprehensive regulation of content moderation would incentivize the moderation of defamation and negligence claims at the expense of these important non-legal claims and incentivize a homogenous, categorical approach to content moderation. Furthermore, empirical research on the effects of SESTA-FOSTA and online secondary copyright liability outside the DMCA’s safe harbor shows the effects of a non-comprehensive solution would be even worse: incentivizing widespread automation and crude blocking with negligible positive effects. Instead, policymakers should focus on narrow changes to Section 230, remedies that punish systemic violations, and non-tort solutions

Empirical and Analytical Perspectives on the Robustness of Blockchain-related Peer-to-Peer Networks

Die Erfindung von Bitcoin hat ein großes Interesse an dezentralen Systemen geweckt. Eine häufige Zuschreibung an dezentrale Systeme ist dabei, dass eine Dezentralisierung automatisch zu einer höheren Sicherheit und Widerstandsfähigkeit gegenüber Angriffen führt. Diese Dissertation widmet sich dieser Zuschreibung, indem untersucht wird, ob dezentralisierte Anwendungen tatsächlich so robust sind. Dafür werden exemplarisch drei Systeme untersucht, die häufig als Komponenten in komplexen Blockchain-Anwendungen benutzt werden: Ethereum als Infrastruktur, IPFS zur verteilten Datenspeicherung und schließlich "Stablecoins" als Tokens mit Wertstabilität. Die Sicherheit und Robustheit dieser einzelnen Komponenten bestimmt maßgeblich die Sicherheit des Gesamtsystems in dem sie verwendet werden; darüber hinaus erlaubt der Fokus auf Komponenten Schlussfolgerungen über individuelle Anwendungen hinaus. Für die entsprechende Analyse bedient sich diese Arbeit einer empirisch motivierten, meist Netzwerklayer-basierten Perspektive -- angereichert mit einer ökonomischen im Kontext von Wertstabilen Tokens. Dieses empirische Verständnis ermöglicht es Aussagen über die inhärenten Eigenschaften der studierten Systeme zu treffen. Ein zentrales Ergebnis dieser Arbeit ist die Entdeckung und Demonstration einer "Eclipse-Attack" auf das Ethereum Overlay. Mittels eines solchen Angriffs kann ein Angreifer die Verbreitung von Transaktionen und Blöcken behindern und Netzwerkteilnehmer aus dem Overlay ausschließen. Des weiteren wird das IPFS-Netzwerk umfassend analysiert und kartografiert mithilfe (1) systematischer Crawls der DHT sowie (2) des Mitschneidens von Anfragenachrichten für Daten. Erkenntlich wird hierbei, dass die hybride Overlay-Struktur von IPFS Segen und Fluch zugleich ist, da das Gesamtsystem zwar robust gegen Angriffe ist, gleichzeitig aber eine umfassende Überwachung der Netzwerkteilnehmer ermöglicht wird. Im Rahmen der wertstabilen Kryptowährungen wird ein Klassifikations-Framework vorgestellt und auf aktuelle Entwicklungen im Gebiet der "Stablecoins" angewandt. Mit diesem Framework wird somit (1) der aktuelle Zustand der Stablecoin-Landschaft sortiert und (2) ein Mittel zur Verfügung gestellt, um auch zukünftige Designs einzuordnen und zu verstehen.The inception of Bitcoin has sparked a large interest in decentralized systems. In particular, popular narratives imply that decentralization automatically leads to a high security and resilience against attacks, even against powerful adversaries. In this thesis, we investigate whether these ascriptions are appropriate and if decentralized applications are as robust as they are made out to be. To this end, we exemplarily analyze three widely-used systems that function as building blocks for blockchain applications: Ethereum as basic infrastructure, IPFS for distributed storage and lastly "stablecoins" as tokens with a stable value. As reoccurring building blocks for decentralized applications these examples significantly determine the security and resilience of the overall application. Furthermore, focusing on these building blocks allows us to look past individual applications and focus on inherent systemic properties. The analysis is driven by a strong empirical, mostly network-layer based perspective; enriched with an economic point of view in the context of monetary stabilization. The resulting practical understanding allows us to delve into the systems' inherent properties. The fundamental results of this thesis include the demonstration of a network-layer Eclipse attack on the Ethereum overlay which can be leveraged to impede the delivery of transaction and blocks with dire consequences for applications built on top of Ethereum. Furthermore, we extensively map the IPFS network through (1) systematic crawling of its DHT, as well as (2) monitoring content requests. We show that while IPFS' hybrid overlay structure renders it quite robust against attacks, this virtue of the overlay is simultaneously a curse, as it allows for extensive monitoring of participating peers and the data they request. Lastly, we exchange the network-layer perspective for a mostly economic one in the context of monetary stabilization. We present a classification framework to (1) map out the stablecoin landscape and (2) provide means to pigeon-hole future system designs. With our work we not only scrutinize ascriptions attributed to decentral technologies; we also reached out to IPFS and Ethereum developers to discuss results and remedy potential attack vectors

Perspective Access Networks

Perspective Access Networks provide an infrastructure from which users can specify the location from which they wish to view the Internet. The ability to specify location has become necessary as the Internet has become increasingly inconsistent. An increasing preponderance of middleboxes, location-dependent services, and large-scale content filtering have contributed to this situation. Our work offers the following contributions. First, we propose an infrastructure that routes traffic to a location from which a given resource can be viewed, taking instructions from user-specified attributes describing the desired location. Second, we analyze the tradeoff between the expressivity of user requests and the finite resources available within the network for propagating metadata about available perspectives. Third, we stipulate a set of real scenarios that fall within the limits of what can reasonably be handled by a system appropriately tuned to manage the tradeoff, and we argue that the specific algorithm we propose can handle the scenarios effectively.Engineering and Applied Science

“Scholarly Communications at Duke” Blog, December 2006-April 2016

This work contains all of the blog posts spanning the years 2006-2016 from the "Scholarly Communications @ Duke" blog by Kevin L. Smith, M.L.S, J.D. It is being made available in both PDF and XML formats to facilitate use of the material.The "Scholarly Communications at Duke" blog addressed current issues in scholarly communications, and also tried to provide information, from the most basic to complex issues, about how copyright law impacted higher education as it moved more fully into a digital age