Change search
ReferencesLink to record
Permanent link

Direct link
Enhancing Censorship Resistance in the Tor Anonymity Network
2014 (English)Licentiate thesis, comprehensive summary (Other academic)
Abstract [en]

Baksidestext

The Tor network was originally designed as low-latency anonymity network.However, as the years progressed, Tor earned a reputation as also being a useful tool to circumvent Internet censorship. At times, the network counted 30,000 users only from China. Censors reacted by tightening their grip on the national communication infrastructure. In particular, they developed techniques to prevent people from being able to access the Tor network. This arms race now counts several iterations and no end is in sight.

This thesis contributes to a censorship-resistant Tor network in two ways. First, it analyses how existing censorship systems work. In particular, the Great Firewall of China is analysed in order to obtain an understanding of its capabilities as well as to explore circumvention opportunities. Second, this thesis proposes practical countermeasures to circumvent Internet censorship. In particular, it presents a novel network protocol which is resistant to the Great Firewall's active probing attacks.

Place, publisher, year, pages
Karlstad: Karlstads universitet, 2014.
Series
Karlstad University Studies, ISSN 1403-8099 ; 2014:5
Keyword [en]
tor, censorship, anonymity, network
National Category
Computer Systems
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-30752 (URN)978-91-7063-534-2 (ISBN)oai:DiVA.org:kau-30752 (OAI)diva2:680558 (DiVA)
Presentation
2014-02-27, 10:00 (English)
Opponent
Supervisors
Available from2014-01-22 Created:2013-12-18 Last updated:2014-01-22Bibliographically approved
List of papers
1. Towards a Censorship Analyser for Tor
Open this publication in new window or tab >>Towards a Censorship Analyser for Tor
2013 (English)In: Conference paper (Refereed)
Abstract [en]

Analysing censorship incidents targeting popular circumvention tools such as Tor can be a tedious task. Access to censoring networks is typically difficult to obtainand remote analysis is not always possible. Analysis is however feasible if users behind the censoring networks are given the opportunity to help. In this paper, we propose a lightweight censorship analyser for Tor which is meant to be run by volunteering users. The analyser automatically gathers relevant data and the final report is sent back to the Tor developers. Our design builds on existing software and should be easy to bundle and deploy.

Publisher, range
USENIX - The Advanced Computing Systems Association, 2013
Keyword
censorship, network measurement, tor, censorship analysis
National Category
Computer Systems
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-29025 (URN)
Conference
3rd USENIX Workshop on Free and Open Communications on the Internet
Available from2013-09-13 Created:2013-09-13 Last updated:2014-01-22Bibliographically approved
2. How the Great Firewall of China is Blocking Tor
Open this publication in new window or tab >>How the Great Firewall of China is Blocking Tor
2012 (English)In: , 7-Conference paper (Refereed)
Abstract [en]

Internet censorship in China is not just limited to the web: the Great Firewall of China prevents thousands of potential Tor users from accessing the network. In this paper, we investigate how the blocking mechanism is implemented, we conjecture how China's Tor blocking infrastructure is designed and we propose circumvention techniques. Our work bolsters the understanding of China's censorship capabilities and thus paves the way towards more effective circumvention techniques.

Publisher, range
USENIX - The Advanced Computing Systems Association, 2012
National Category
Communication Systems
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-14559 (URN)
Conference
2nd USENIX Workshop on Free and Open Communications on the Internet, Bellevue, WA
Available from2012-10-31 Created:2012-08-23 Last updated:2014-01-22Bibliographically approved
3. ScrambleSuit
Open this publication in new window or tab >>ScrambleSuit : A Polymorph Network Protocol to Circumvent Censorship
2013 (English)Report (Other academic)
Abstract [en]

Deep packet inspection technology became a cornerstone of Internet censorship by facilitating cheap and effective filtering of what censors consider undesired information. Moreover, filtering is not limited to simple pattern matching but makes use of sophisticated techniques such as active probing and protocol classification to block access to popular circumvention tools such as Tor.

In this paper, we propose ScrambleSuit; a thin protocol layer above TCP whose purpose is to obfuscate the transported application data. By using morphing techniques and a secret exchanged out-of-band, we show that ScrambleSuit can defend against active probing and other fingerprinting techniques such as protocol classification and regular expressions.

We finally demonstrate that our prototype exhibits little overhead and enables effective and lightweight obfuscation for application layer protocols.

Publisher, range
12 p.
Keyword
Tor, bridge, pluggable transport, active probing, censorship, circumvention
National Category
Computer Systems
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-27221 (URN)
Available from2013-05-15 Created:2013-05-15 Last updated:2014-01-22Bibliographically approved

Open Access in DiVA

fulltext(1150 kB)389 downloads
File information
File name FULLTEXT01.pdfFile size 1150 kBChecksum SHA-512
cb2e6656197d3326a6a99cfd51aa3858b78a03630b6fbfe801c25808da72a072717d8782603ea8485b5b254201ccfa8851644fe75289505c7457289823687418
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Winter, Philipp
By organisation
Department of Mathematics and Computer Science
Computer Systems

Search outside of DiVA

GoogleGoogle Scholar
Total: 389 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 449 hits
ReferencesLink to record
Permanent link

Direct link