Sciweavers

CCS
2015
ACM

Seeing through Network-Protocol Obfuscation

8 years 7 months ago
Seeing through Network-Protocol Obfuscation
Censorship-circumvention systems are designed to help users bypass Internet censorship. As more sophisticated deep-packetinspection (DPI) mechanisms have been deployed by censors to detect circumvention tools, activists and researchers have responded by developing network protocol obfuscation tools. These have proved to be effective in practice against existing DPI and are now distributed with systems such as Tor. In this work, we provide the first in-depth investigation of the detectability of in-use protocol obfuscators by DPI. We build a framework for evaluation that uses real network traffic captures to evaluate detectability, based on metrics such as the false-positive rate against background (i.e., non obfuscated) traffic. We first exercise our framework to show that some previously proposed attacks from the literature are not as effective as a censor might like. We go on to develop new attacks against five obfuscation tools as they are configured in Tor, including: two va...
Liang Wang, Kevin P. Dyer, Aditya Akella, Thomas R
Added 17 Apr 2016
Updated 17 Apr 2016
Type Journal
Year 2015
Where CCS
Authors Liang Wang, Kevin P. Dyer, Aditya Akella, Thomas Ristenpart, Thomas Shrimpton
Comments (0)