Search CORE

5 research outputs found

Systemization of Pluggable Transports for Censorship Resistance

Author: Khattak Sheharbano
Murdoch Steven J.
Simon Laurent
Publication venue
Publication date: 29/07/2016
Field of study

An increasing number of countries implement Internet censorship at different scales and for a variety of reasons. In particular, the link between the censored client and entry point to the uncensored network is a frequent target of censorship due to the ease with which a nation-state censor can control it. A number of censorship resistance systems have been developed thus far to help circumvent blocking on this link, which we refer to as link circumvention systems (LCs). The variety and profusion of attack vectors available to a censor has led to an arms race, leading to a dramatic speed of evolution of LCs. Despite their inherent complexity and the breadth of work in this area, there is no systematic way to evaluate link circumvention systems and compare them against each other. In this paper, we (i) sketch an attack model to comprehensively explore a censor's capabilities, (ii) present an abstract model of a LC, a system that helps a censored client communicate with a server over the Internet while resisting censorship, (iii) describe an evaluation stack that underscores a layered approach to evaluate LCs, and (iv) systemize and evaluate existing censorship resistance systems that provide link circumvention. We highlight open challenges in the evaluation and development of LCs and discuss possible mitigations.Comment: Content from this paper was published in Proceedings on Privacy Enhancing Technologies (PoPETS), Volume 2016, Issue 4 (July 2016) as "SoK: Making Sense of Censorship Resistance Systems" by Sheharbano Khattak, Tariq Elahi, Laurent Simon, Colleen M. Swanson, Steven J. Murdoch and Ian Goldberg (DOI 10.1515/popets-2016-0028

arXiv.org e-Print Archive

CiteSeerX

SoK: Making Sense of Censorship Resistance Systems

Author: Elahi T
Goldberg I
Khattak S
Murdoch SJ
Simon L
Swanson CM
Publication venue: 'Walter de Gruyter GmbH'
Publication date: 01/10/2016
Field of study

An increasing number of countries implement Internet censorship at different scales and for a variety of reasons. Several censorship resistance systems (CRSs) have emerged to help bypass such blocks. The diversity of the censor’s attack landscape has led to an arms race, leading to a dramatic speed of evolution of CRSs. The inherent complexity of CRSs and the breadth of work in this area makes it hard to contextualize the censor’s capabilities and censorship resistance strategies. To address these challenges, we conducted a comprehensive survey of CRSs-deployed tools as well as those discussed in academic literature-to systematize censorship resistance systems by their threat model and corresponding defenses. To this end, we first sketch a comprehensive attack model to set out the censor’s capabilities, coupled with discussion on the scope of censorship, and the dynamics that influence the censor’s decision. Next, we present an evaluation framework to systematize censorship resistance systems by their security, privacy, performance and deployability properties, and show how these systems map to the attack model. We do this for each of the functional phases that we identify for censorship resistance systems: communication establishment, which involves distribution and retrieval of information necessary for a client to join the censorship resistance system; and conversation, where actual exchange of information takes place. Our evaluation leads us to identify gaps in the literature, question the assumptions at play, and explore possible mitigations

UCL Discovery

SoK: Making Sense of Censorship Resistance Systems

Author: Anderson
Anderson
Anderson
Anderson
Bamman
Bamman
Barr
Barr
Biryukov
Biryukov
Bissias
Bissias
Bond
Bond
Bridges
Bridges
Burnett
Burnett
Clarke
Clarke
Clayton
Clayton
Clayton
Clayton
Connolly
Connolly
Dainotti
Dainotti
Dingledine
Dingledine
Dingledine
Dingledine
Dingledine
Dingledine
Dingledine
Dingledine
Dorfinger
Dorfinger
Dyer
Dyer
Dyer
Dyer
Elahi
Elahi
Elahi
Elahi
Elahi
Elahi
Ellard
Ellard
Feamster
Feamster
Feamster
Feamster
Fifield
Fifield
Fifield
Fifield
Fifield
Fifield
Fifield
Fifield
Fisher
Fisher
Gardner
Gardner
Geddes
Geddes
Goldberg
Goldberg
Green
Green
GTunnel
GTunnel
Hahn
Hahn
Hintz
Hintz
Holowczak
Holowczak
Houmansadr
Houmansadr
Houmansadr
Houmansadr
Houmansadr
Houmansadr
House
House
Invernizzi
Invernizzi
Johnson
Johnson
Jones
Jones
Karlin
Karlin
Khattak
Khattak
Khattak
Khattak
Knockel
Knockel
Köpsell
Köpsell
Laurie
Laurie
Leberknight
Leberknight
Leidl
Leidl
Li
Li
Lincoln
Lincoln
Luchaup
Luchaup
MailMyWeb
MailMyWeb
Massar
Massar
MiscBrubaker
MiscBrubaker
Mohajeri Moghaddam
Mohajeri Moghaddam
Nobori
Nobori
Panchenko
Panchenko
Perng
Perng
Pluggable
Pluggable
Psiphon
Psiphon
Renesys
Renesys
Rife
Rife
Ruffing
Ruffing
Salowey
Salowey
Schuchard
Schuchard
Serjantov
Serjantov
Shield
Shield
SIGCOMM
SIGCOMM
Sommer
Sommer
Sun
Sun
Torbati
Torbati
Tschantz
Tschantz
Tschantz
Tschantz
Ultrasurf
Ultrasurf
Vines
Vines
Waldman
Waldman
Wang
Wang
Wang
Wang
Weinberg
Weinberg
Wilde
Wilde
Wiley
Wiley
Wiley
Wiley
Winter
Winter
Winter
Winter
Wright
Wright
Wustrow
Wustrow
Wustrow
Wustrow
Zhang
Zhang
Zhoun
Zhoun
Zhu
Zhu
Zhu
Zhu
Publication venue: 'Walter de Gruyter GmbH'
Publication date: 14/07/2016
Field of study

Lirias

Crossref

Directory of Open Access Journals

Edinburgh Research Explorer

Towards more Effective Censorship Resistance Systems

Author: Elahi Mohammad Tariq
Publication venue: 'University of Waterloo'
Publication date: 01/01/2015
Field of study

Internet censorship resistance systems (CRSs) have so far been designed in an ad-hoc manner. The fundamentals are unclear and the foundations are shaky. Censors are, more and more, able to take advantage of this situation. Future censorship resistance systems ought to be built from strong theoretical underpinnings and be based on empirical evidence. Our approach is based on systematizing the CRS field and its players. Informed by this systematization we develop frameworks that have broad scope, from which we gain general insight as well as answers to specific questions. We develop theoretical and simulation-based analysis tools 1) for learning how to manipulate censor behavior using game-theoretic tactics, 2) for learning about CRS-client activity levels on CRS networks, and finally 3) for evaluating security parameters in CRS designs. We learn that there are gaps in the CRS designer's arsenal: certain censor attacks go unmitigated and the dynamics of the censorship arms race are not modeled. Our game-theoretic analysis highlights how managing the base rate of CRS traffic can cause stable equilibriums where the censor allows some amount of CRS communication to occur. We design and deploy a privacy-preserving data gathering tool, and use it to collect statistics to help answer questions about the prevalence of CRS-related traffic in actual CRS communication networks. Finally, our security evaluation of a popular CRS exposes suboptimal settings, which have since been optimized according to our recommendations. All of these contributions help support the thesis that more formal and empirically driven CRS designs can have better outcomes than the current state of the art

University of Waterloo's Institutional Repository

Toward Open and Programmable Wireless Network Edge

Author: Uddin Mostafa
Publication venue: ODU Digital Commons
Publication date: 01/07/2016
Field of study

Increasingly, the last hop connecting users to their enterprise and home networks is wireless. Wireless is becoming ubiquitous not only in homes and enterprises but in public venues such as coffee shops, hospitals, and airports. However, most of the publicly and privately available wireless networks are proprietary and closed in operation. Also, there is little effort from industries to move forward on a path to greater openness for the requirement of innovation. Therefore, we believe it is the domain of university researchers to enable innovation through openness. In this thesis work, we introduce and defines the importance of open framework in addressing the complexity of the wireless network. The Software Defined Network (SDN) framework has emerged as a popular solution for the data center network. However, the promise of the SDN framework is to make the network open, flexible and programmable. In order to deliver on the promise, SDN must work for all users and across all networks, both wired and wireless. Therefore, we proposed to create new modules and APIs to extend the standard SDN framework all the way to the end-devices (i.e., mobile devices, APs). Thus, we want to provide an extensible and programmable abstraction of the wireless network as part of the current SDN-based solution. In this thesis work, we design and develop a framework, weSDN (wireless extension of SDN), that extends the SDN control capability all the way to the end devices to support client-network interaction capabilities and new services. weSDN enables the control-plane of wireless networks to be extended to mobile devices and allows for top-level decisions to be made from an SDN controller with knowledge of the network as a whole, rather than device centric configurations. In addition, weSDN easily obtains user application information, as well as the ability to monitor and control application flows dynamically. Based on the weSDN framework, we demonstrate new services such as application-aware traffic management, WLAN virtualization, and security management

Old Dominion University