Automating the Discovery of Censorship Evasion Strategies

dc.contributor.advisorLevin, Daveen_US
dc.contributor.authorBock, Kevinen_US
dc.contributor.departmentComputer Scienceen_US
dc.contributor.publisherDigital Repository at the University of Marylanden_US
dc.contributor.publisherUniversity of Maryland (College Park, Md.)en_US
dc.date.accessioned2022-09-23T05:32:28Z
dc.date.available2022-09-23T05:32:28Z
dc.date.issued2022en_US
dc.description.abstractCensoring nation-states deploy complex network infrastructure to regulate what content citizens can access, and such restrictions to open sharing of information threaten the freedoms of billions of users worldwide, especially marginalized groups. Researchers and censoring regimes have long engaged in a cat-and-mouse game, leading to increasingly sophisticated Internet-scale censorship techniques and methods to evade them. In this dissertation, I study the technology that underpins this Internet censorship: middleboxes (e.g. firewalls). I argue the following thesis: It is possible to automatically discover packet sequence modifications that render deployed censorship middleboxes ineffective across multiple application-layer protocols. To evaluate this thesis, I develop Geneva, a novel genetic algorithm that discovers packet-manipulation-based censorship evasion strategies automatically against nation-state level censors. Training directly against a live adversary, Geneva com- poses, mutates, and evolves sophisticated strategies out of four basic packet manipulation primitives (drop, tamper, duplicate, and fragment). I show that Geneva can be effective across different application layer protocols (HTTP, HTTPS+SNI, HTTPS+ESNI, DNS, SMTP, FTP), censoring regimes (China, Iran, India, and Kazakhstan), and deployment contexts (client-side, server- side), even in cases where multiple middleboxes work in parallel to perform censorship. In total, I present 112 client-side strategies (85 of which work by modifying application layer data), and the first ever server-side strategies (11 in total). Finally, I use Geneva to discover two novel attacks that show censoring middleboxes can be weaponized to launch attacks against innocent hosts anywhere on the Internet. Collectively, my work shows that censorship evasion can be automated and that censorship infrastructures pose a greater threat to Internet availability than previously understood.en_US
dc.identifierhttps://doi.org/10.13016/lirq-dsqf
dc.identifier.urihttp://hdl.handle.net/1903/29247
dc.language.isoenen_US
dc.subject.pqcontrolledComputer scienceen_US
dc.subject.pquncontrolledamplificationen_US
dc.subject.pquncontrolledcensorshipen_US
dc.subject.pquncontrolledevadingen_US
dc.subject.pquncontrolledgenevaen_US
dc.subject.pquncontrolledgfwen_US
dc.subject.pquncontrolledweaponizingen_US
dc.titleAutomating the Discovery of Censorship Evasion Strategiesen_US
dc.typeDissertationen_US

Files

Original bundle
Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
Bock_umd_0117E_22647.pdf
Size:
1.99 MB
Format:
Adobe Portable Document Format