measuring and circumventing internet censorship and
play

Measuring and Circumventing Internet Censorship and Control Nick - PowerPoint PPT Presentation

Feb 09, 2024 •173 likes •570 views

Measuring and Circumventing Internet Censorship and Control Nick Feamster Georgia Tech http://www.cc.gatech.edu/~feamster/ Joint work with Sam Burnett, Santosh Vempala, Sathya Gunasekaran, Crisitan Lumezanu, Hans Klein, Wenke Lee, Phillipa

  1. Measuring and Circumventing Internet Censorship and Control Nick Feamster Georgia Tech http://www.cc.gatech.edu/~feamster/ Joint work with Sam Burnett, Santosh Vempala, Sathya Gunasekaran, Crisitan Lumezanu, Hans Klein, Wenke Lee, Phillipa Gill, and others

  2. Internet Censorship is Widespread • Practiced in 59 countries around the world – Many western countries – Several electoral democracies (e.g., S. Korea, Turkey) have significant censorship • YouTube blocked in Turkey for two years • Many North Korean sites blocked in South Korea • Twelve countries have centralized infrastructure for monitoring/blocking Source: Open Network Initiative

  3. Why do countries censor? • Political stability • National security • Social values

  4. Trend: Increasing Number of Users in Non-Western Regions

  5. Examples of Recent Trends • In 23 countries, a blogger or Internet user was arrested for content posted online – Chinese woman sent to labor camp for satirical Twitter message – Indonesian woman fined for an email complaining about a local hospital • Twelve countries instituted bans on Twitter, YouTube or some other online social media service

  6. Conventional Internet Censorship Censor ¡ Censor ¡ Firewall ¡ Bob Alice Block ¡Traffic ¡ Censored ¡net ¡ Uncensored ¡net ¡ Punish ¡User ¡ 6

  7. Technical Enforcement: Blocking • ISP acts on instructions from a judge, government official, etc. – Filtering: IP address, DNS – Keyword-based: search for keyword in URL • China, Iran, Tunisia have such systems in place • Common: Use of centralized infrastructure Source: Renesys (e.g., routing)

  8. Questions • How widespread is Internet censorship? • How do countries enforce censorship? – How does it evolve over time? – Does it coincide with other events? • How can citizens circumvent it? • How (else) might a government (or organization) exercise control over its citizens?

  9. Outline • Measuring censorship – Censorship is widespread, but the extent and evolution of practices are unknown • Circumventing censorship – Deniability is a key challenge – Bootstrapping remains significant open problem • Combating manipulation – Analysis of Twitter behavior of propagandists – Measurement and illustration of filter bubbles 9

  10. Monitoring Censorship • Herdict: Crowdsourcing reports of Internet censorship • Google Transparency Report: Monitor reachability of online services

  11. Monitoring Censorship: Challenges • “Censorship” is ill-defined – Personalization may be confused with censorship – Performance problems may be confused with censorship • Measurement tools can be blocked – Measurements may be blocked – Reports may be blocked • Measurements tough to characterize – Reports may be falsified • Running the tool may be incriminating

  12. Problems with Current Approaches • Biased by what users choose to report • Lack of corroborating, open measurements • Not general (focused only on limited services) • Not longitudinal • Do not cover a set of ISPs or access modes within a country • Do not run on a diversity of hardware 12

  13. Design Requirements • Easy to install and use: Should be easy to install and run on a variety of platforms. • Cross-platform: Tests should be write once, run anywhere. • Flexible: Should be capable of implementing a wide variety of experiments, including many from the test specifications from existing projects (e.g., OONI). • Secure: Arbitrary remote code execution is bad. • Extensible: Should be capable of incorporating new experiments. 13

  14. Censorscope: Design Overview https://github.com/projectbismark/censorscope • User installs base software and registers with server • Server periodically pushes upgrades • Client sends properties • Client downloads measurement script, written in a Lua-based DSL • Client returns measurement results 14

  15. Target Platforms Exploit Existing Deployments • BISmark: Home routers – 200+ home routers deployed in 20+ countries • Android: Mobile devices (MySpeedTest) – 5,000 installations in 30+ countries Expand to New Deployments • Linux/MAC OS X: End hosts • Fathom: Browsers 15

  16. Tests: Planned and In-Progress • DNS lookups • TCP connectivity • HTTP requests • DNS spoofing • DNS tampering • HTTP host tampering • Bridget • Block page detection • Web performance measurement Seeking help developing tests for a variety of platforms. 16

  17. Outline • Measuring censorship – Censorship is widespread, but the extent and evolution of practices are unknown • Circumventing censorship – Deniability is a key challenge – Bootstrapping remains significant open problem • Combating manipulation – Analysis of Twitter behavior of propagandists – Measurement and illustration of filter bubbles 17

  18. General Approach: Use a Helper Helper Firewall ¡ Bob Alice Censored ¡net ¡ Uncensored ¡net ¡ The helper sends messages to and from blocked hosts on your behalf 18

  19. Circumvention Systems • Anonymous routing systems • Community wireless networks • Distributed services

  20. Significant Challenge: Deniability • Easy to hide what you are getting – E.g., just use SSL or some other confidential channel • And sometimes easy to “get through” censors – Reflection (e.g., Tor) • But hard to hide that you are doing it! 2000 2002 2010 Proxies & Mixnets: Covert Channels over HTTP: Covert Channels Not Deniable Requires infrastructure over UGC 20

  21. Design Principles • Redundancy and hiding to thwart disruption – Erasure coding, steganography (from coding, message hiding) • Disguise content retrieval as innocuous activity – Distributed hash table lookup (from distributed systems) • Decouple sending and receiving of messages – User-generated content sites as drop sites (from the “real world”) 21

  22. Collage: Let User-Generated Content Help Defeat Censorship User-­‑generated ¡content ¡hosts ¡ Alice Bob, a Flickr user • Robust ¡by ¡using ¡redundancy ¡ • Users ¡generate ¡ innocuous-­‑looking ¡traffic ¡ • No ¡dedicated ¡infrastructure ¡ required ¡ S. Burnett and N. Feamster, “Chipping Away at Censorship with User-Generated Content” , USENIX Security Symposium, August 2010. 22

  23. Collage in Detail Embedded Vector Vector Message Alice Bob Content host Collage steps: 1. Obtain message 2. Pick message identifier 3. Obtain cover media Step ¡2: ¡Pick ¡message ¡idenQfier ¡ Step ¡7: ¡Decode ¡message ¡from ¡UGC ¡ Step ¡6: ¡Find ¡and ¡download ¡UGC ¡ Step ¡5: ¡Upload ¡UGC ¡to ¡content ¡host ¡ Step ¡4: ¡Embed ¡message ¡in ¡cover ¡ Step ¡3: ¡Obtain ¡cover ¡media ¡ Step ¡1: ¡Obtain ¡message ¡ 4. Embed message in cover 5. Upload UGC to content host • ¡ApplicaQon ¡specific ¡ • ¡Next ¡slide ¡ • ¡Your ¡personal ¡photos ¡ 6. Find and download UGC • ¡Only ¡intended ¡recipient ¡should ¡know ¡it ¡ ¡ • ¡Generous ¡users ¡ 23 7. Decode message from UGC

  24. Collage: Challenges • Determining how to embed the message – Discovery should be difficult – Disruption should be difficult • Agreeing on where to embed the message – Alice and Bob must agree on a message identifier • Designing the process to be deniable – Alice’s process of retrieval should look “normal” 24

  25. How to Embed the Message • Encrypt the message using the identifier • Generate chunks using erasure coding – Generate many chunks, recover from any k-subset – Allows splitting among many vectors, robustness • Embed chunks into vectors Steganography : hard to detect Collage steps: 1. Obtain message Watermarking : hard to remove 2. Pick message identifier 3. Obtain cover media 4. Embed message in cover Do the reverse to decode 5. Upload UGC to content host 6. Find and download UGC 25 7. Decode message from UGC

  26. Where to Embed the Message • Crawling all of Flickr is not an option • Must agree on a subset of content on user- generated content sites without any immediate communication Solution : A predictable way of mapping message identifiers to subsets of content hosts. Collage steps: 1. Obtain message 2. Pick message identifier 3. Obtain cover media 4. Embed message in cover 5. Upload UGC to content host 6. Find and download UGC 26 7. Decode message from UGC

  27. Making the Embedding Deniable Message Identifier Tasks 1 http://nytimes.com 1. Hash the identifier 2. Hash the tasks 3. Map identifier to closest tasks • Receivers perform these tasks Search for blue flowers on Flickr 11 11 to get vectors • Senders publish vectors so that when receivers perform tasks, they get the sender’s vectors Look at JohnDoe ’s videos on YouTube 9 9 3 Collage steps: 1. Obtain message 2. Pick message identifier 3. Obtain cover media Tasks 4. Embed message in cover 5. Upload UGC to content host 6 6. Find and download UGC 27 7. Decode message from UGC

  28. Feasibility Case Study News Articles Covert Tweets Content host Flickr Twitter Message size 30 KB 140 Bytes Vectors needed 5 30 Storage needed 600 KB 4 KB Sending traffic 1,200 KB 1,100 KB Sending time 5 minutes 60 minutes Receiving traffic 6,000 KB 600 KB Receiving time 2 minutes ½ minute Experiments performed on a 768/128 Kbps DSL connection 28

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Censored Planet Observatory Measuring Internet censorship globally, continuously, and remotely

Censored Planet Observatory Measuring Internet censorship globally, continuously, and remotely

Censored Planet Observatory Measuring Internet censorship globally, continuously, and remotely Internet Measurement Village 2020 Ram Sundara Raman June 26, 2020 Measuring Censorship is a Complex Problem! Internet censorship practices are

644 views • 52 slides
Circumventing Internet censorship with Tor Philipp Winter The Tor Project What Tor Browser does

Circumventing Internet censorship with Tor Philipp Winter The Tor Project What Tor Browser does

Circumventing Internet censorship with Tor Philipp Winter The Tor Project What Tor Browser does Standard Tor is easy to block GetTor helps you get Tor Browser GetTor helps you get Tor Browser Tor Browser ships with default

567 views • 24 slides
Censored Planet: Measuring Internet Censorship Globally and Continuously Roya Ensafi AIMS 2018

Censored Planet: Measuring Internet Censorship Globally and Continuously Roya Ensafi AIMS 2018

Censored Planet: Measuring Internet Censorship Globally and Continuously Roya Ensafi AIMS 2018 1 Measuring Internet Censorship Globally PROBLEM: - How can we detect whether pairs of hosts around the world can talk to each other? user ?

780 views • 49 slides
Measuring Internet Censorship Maria Xynou, 10th June 2020 Internet Measurement Village 2020

Measuring Internet Censorship Maria Xynou, 10th June 2020 Internet Measurement Village 2020

Measuring Internet Censorship Maria Xynou, 10th June 2020 Internet Measurement Village 2020 Its harder to notice the blocking of less popular sites & services Internet censorship often differs from network to network within a

602 views • 34 slides
TEST LISTS FOR MEASURING INTERNET CENSORSHIP APPLICABILITY, PROBLEMS & SOLUTIONS IMPROVING

TEST LISTS FOR MEASURING INTERNET CENSORSHIP APPLICABILITY, PROBLEMS & SOLUTIONS IMPROVING

TEST LISTS FOR MEASURING INTERNET CENSORSHIP APPLICABILITY, PROBLEMS & SOLUTIONS IMPROVING LISTS OF CENSORED ONLINE CONTENT Update test lists for 48 states in Latin America, Africa, MENA, Asia and CIS Develop methodology

444 views • 31 slides
Andrs E. Azprua #imv2020 Internet Censorship, DNS poisoning and Phishing in Venezuela

Andrs E. Azprua #imv2020 Internet Censorship, DNS poisoning and Phishing in Venezuela

Andrs E. Azprua #imv2020 Internet Censorship, DNS poisoning and Phishing in Venezuela Measuring from censorship to state-sponsored attacks Andrs E. Azprua #imv2020 @VEsinFiltro VEsinFiltro.com VENEZUELAN CONTEXT Critical failure

833 views • 56 slides
Measuring Internet filters and their unexpected impact Leonid Evdokimov nullcon, Goa, March

Measuring Internet filters and their unexpected impact Leonid Evdokimov nullcon, Goa, March

Measuring Internet filters and their unexpected impact Leonid Evdokimov nullcon, Goa, March 2018 WHAT IS I N T E R N E T C E N S O R S H I P? Internet Censorship |ntnt snsrp| 1. a distortion of the reality of the Internet

327 views • 31 slides
Your State is Not Mine: A Closer Look at Evading Stateful Internet Censorship Zhongjie Wang , Yue

Your State is Not Mine: A Closer Look at Evading Stateful Internet Censorship Zhongjie Wang , Yue

Your State is Not Mine: A Closer Look at Evading Stateful Internet Censorship Zhongjie Wang , Yue Cao, Zhiyun Qian, Chengyu Song, Srikanth V Krishnamurthy University of California, Riverside 1 Internet Censorship Key technology: Deep Packet

528 views • 33 slides
Measuring the Internet Project Introduction Mat Ford / David Belson measuring@isoc.org

Measuring the Internet Project Introduction Mat Ford / David Belson measuring@isoc.org

14 September, 2020 African Internet Summit Measuring the Internet Project Introduction Mat Ford / David Belson measuring@isoc.org Presentation title Client name Measuring the Internet Why? The Internet Societys efforts focus on

336 views • 9 slides
Security and Internet Security Censorship Hacker Viruses Computer Literacy 1 Lecture

Security and Internet Security Censorship Hacker Viruses Computer Literacy 1 Lecture

Topics Security and Internet Security Censorship Hacker Viruses Computer Literacy 1 Lecture 24 Phishing 13/11/2008 Firewall Censorship of the Internet 2 Examples Hacking or Cracking Virus Cracking = Subverting

462 views • 6 slides
Internet censorship is everywhere Source:

Internet censorship is everywhere Source:

Internet censorship is everywhere Source: https://freedomhouse.org/report/freedom-net/freedom-net-2016 Commonly censored content Unapproved news (Fake News!!111) Wikipedia (usually partially) Facebook Google (all services), YouTube

539 views • 37 slides
Pushback vs Censorship Fighting Internet Shutdowns in Africa BEFORE WE DIVE INTO THE SUBJECT,

Pushback vs Censorship Fighting Internet Shutdowns in Africa BEFORE WE DIVE INTO THE SUBJECT,

JULIE OWONO - JUNE 25, 2020 Pushback vs Censorship Fighting Internet Shutdowns in Africa BEFORE WE DIVE INTO THE SUBJECT, What is Internet Sans Frontires ? Its a French non-pro f it organization, and a network of local organizations in

125 views • 8 slides
Circumventing Impossibility Partial Synchrony Circumventing Impossibility Consensus is an

Circumventing Impossibility Partial Synchrony Circumventing Impossibility Consensus is an

Circumventing Impossibility Partial Synchrony Circumventing Impossibility Consensus is an important building block for fault-tolerant computing Universal: any deterministic fault-tolerant service can be implemented on top of it

349 views • 12 slides
The Collateral Damage of Internet Censorship by DNS Injection Anonymous

The Collateral Damage of Internet Censorship by DNS Injection Anonymous

The Collateral Damage of Internet Censorship by DNS Injection Anonymous <zion.vlab@gmail.com> presented by Philip Levis 1 Basic Summary Great Firewall of China injects DNS responses to restrict access to domain names This

574 views • 43 slides
Incentivizing Censorship Measurements via Circumvention Ihsan Ayyub Qazi Aqib Nisar* Zartash A.

Incentivizing Censorship Measurements via Circumvention Ihsan Ayyub Qazi Aqib Nisar* Zartash A.

Incentivizing Censorship Measurements via Circumvention Ihsan Ayyub Qazi Aqib Nisar* Zartash A. Uzmi Aqsa Kashaf** * Now at USC ** Now at CMU Internet censorship is pervasive! - Over 70 countries restrict Internet access Often due to

745 views • 39 slides
FilterMap: Measuring Censorship Filters at Global Scale Ram Sundara Raman 1 , Adrian Stoll 1 ,

FilterMap: Measuring Censorship Filters at Global Scale Ram Sundara Raman 1 , Adrian Stoll 1 ,

FilterMap: Measuring Censorship Filters at Global Scale Ram Sundara Raman 1 , Adrian Stoll 1 , Jakub Dalek 2 , Reethika Ramesh 1 , Will Scott 3 , Roya Ensafi 1 University of Michigan 1 , The Citizen Lab 2 , Independent 3 24 February 2020 Content

922 views • 69 slides
Rasmussen invariant and normalization of the canonical classes Taketo Sano The University of

Rasmussen invariant and normalization of the canonical classes Taketo Sano The University of

Rasmussen invariant and normalization of the canonical classes Taketo Sano The University of Tokyo 2018-12-26 Outline 1. Overview 2. Review: Khovanov homology theory 3. Generalized Lees class 4. Divisibility of Lees class and the

678 views • 37 slides
An algebraic approach to canonical formulas Nick Bezhanishvili Imperial College London Joint

An algebraic approach to canonical formulas Nick Bezhanishvili Imperial College London Joint

An algebraic approach to canonical formulas Nick Bezhanishvili Imperial College London Joint work with Guram Bezhanishvili New Mexico State University 1 / 41 Jankov formulas Refutation patterns play an important role in developing axiomatic

858 views • 41 slides
REST: Intro, Patterns & Anti-Patterns Stefan Tilkov | innoQ | stefan.tilkov@innoq.com What

REST: Intro, Patterns & Anti-Patterns Stefan Tilkov | innoQ | stefan.tilkov@innoq.com What

REST: Intro, Patterns & Anti-Patterns Stefan Tilkov | innoQ | stefan.tilkov@innoq.com What is REST? 3 Definitions 1 REST: An Architectural Style One of a number of architectural styles ... described by Roy Fielding in his

981 views • 74 slides
Klt varieties with trivial canonical class Holonomy, differential forms, and fundamental

Klt varieties with trivial canonical class Holonomy, differential forms, and fundamental

Klt varieties with trivial canonical class Holonomy, differential forms, and fundamental groups II Analytic aspects Henri Guenancia joint work with Daniel Greb and Stefan Kebekus April 2020 H. Guenancia Holonomy of singular Ricci-flat

148 views • 14 slides
CENSORSHIP RESISTANCE CMSC 414 APR 17 2018 CENSORSHIP COMES IN MANY FORMS DROPPING PACKETS

CENSORSHIP RESISTANCE CMSC 414 APR 17 2018 CENSORSHIP COMES IN MANY FORMS DROPPING PACKETS

CENSORSHIP RESISTANCE CMSC 414 APR 17 2018 CENSORSHIP COMES IN MANY FORMS DROPPING PACKETS Network operators : Block traffic in their own networks/countries Off-path attackers : Inject TCP RST packets (next week) Routing-capable adversaries

654 views • 44 slides
On the Feasibility of a Censorship Resistant Decentralized Name System Matthias Wachs Martin

On the Feasibility of a Censorship Resistant Decentralized Name System Matthias Wachs Martin

On the Feasibility of a Censorship Resistant Decentralized Name System Matthias Wachs Martin Schanzenbach Christian Grothoff Technische Universit at M unchen The Sixth International Symposium on Foundations & Practice of Security

293 views • 12 slides
Formal Analysis of a Proof-of-Stake Blockchain Wai Yan M. M. Thin, Naipeng Dong, Guangdong Bai ,

Formal Analysis of a Proof-of-Stake Blockchain Wai Yan M. M. Thin, Naipeng Dong, Guangdong Bai ,

Formal Analysis of a Proof-of-Stake Blockchain Wai Yan M. M. Thin, Naipeng Dong, Guangdong Bai , Jin Song Dong National University of Singapore Griffith University Dec 12, 2018 Outline Problem Statement Background Tendermint

678 views • 34 slides
OPEN OBSERVATORY OF NETWORK INTERFERENCE (OONI) Vasilis Ververis (andz@torproject.org)

OPEN OBSERVATORY OF NETWORK INTERFERENCE (OONI) Vasilis Ververis (andz@torproject.org)

OPEN OBSERVATORY OF NETWORK INTERFERENCE (OONI) Vasilis Ververis (andz@torproject.org) Language: English, Portuguese Since 2012, OONI has collected millions of network measurements across more than 190 countries around the world, shedding

774 views • 32 slides

More recommend