Evading Censorship with Browser-Based Proxies

  • David Fifield
  • Nate Hardison
  • Jonathan Ellithorpe
  • Emily Stark
  • Dan Boneh
  • Roger Dingledine
  • Phil Porras
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7384)

Abstract

While Internet access to certain sites is blocked in some parts of the world, these restrictions are often circumvented using proxies outside the censored region. Often these proxies are blocked as soon as they are discovered. In this paper we propose a browser-based proxy creation system that generates a large number of short-lived proxies. Clients using the system seamlessly hop from one proxy to the next as these browser-based proxies appear and disappear. We discuss a number of technical challenges that had to be overcome for this system to work and report on its performance and security. We show that browser-based short-lived proxies provide adequate bandwidth for video delivery and argue that blocking them can be challenging.

Keywords

Defense Advance Research Project Agency Network Address Translation Visit Duration USENIX Security Symposium Rendezvous Protocol 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    The OpenNet Initiative: OpenNet Initiative Internet censorship data (2011), http://opennet.net/research/data
  2. 2.
    Dingledine, R., Mathewson, N., Syverson, P.: Tor: The second-generation onion router. In: Proceedings of the 13th USENIX Security Symposium (August 2004)Google Scholar
  3. 3.
    Wustrow, E., Wolchok, S., Goldberg, I., Halderman, J.A.: Telex: Anticensorship in the network infrastructure. In: Proc. 20th USENIX Security Symposium (2011)Google Scholar
  4. 4.
    Ultrareach Internet Corp.: Ultrasurf proxy, http://www.ultrasurf.us/
  5. 5.
    Dingledine, R., Mathewson, N.: Design of a blocking-resistant anonymity system. Technical Report 2006-1, The Tor Project (November 2006)Google Scholar
  6. 6.
    Kadianakis, G., Mathewson, N.: Obfsproxy architecture (2011), https://www.torproject.org/projects/obfsproxy
  7. 7.
    Weinberg, Z., Wang, J., Yegneswaran, V., Briesemeister, L., Boneh, D., Wang, F. (StegoTorus: A camouflage proxy for the Tor anonymity system)Google Scholar
  8. 8.
    Tor Metrics Portal: Users (2011), https://metrics.torproject.org/users.html
  9. 9.
    Lewman, A.: Tor partially blocked in China (September 2009), https://blog.torproject.org/blog/tor-partially-blocked-china
  10. 10.
    McLachlan, J., Hopper, N.: On the risks of serving whenever you surf: Vulnerabilities in Tor’s blocking resistance design. In: Proceedings of the Workshop on Privacy in the Electronic Society (WPES 2009). ACM (November 2009)Google Scholar
  11. 11.
    Wilde, T.: Knock knock knockin’ on bridges’ doors (January 2012), https://blog.torproject.org/blog/knock-knock-knockin-bridges-doors
  12. 12.
    Winter, P., Lindskog, S.: How China is blocking Tor. Technical report, Karlstad University (April 2012)Google Scholar
  13. 13.
    Appelbaum, J., Mathewson, N.: Pluggable transports for circumvention (October 2010), https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/180-pluggable-transport.txt
  14. 14.
    W3C: Cross-origin resource sharing (April 2012), http://www.w3.org/TR/cors/
  15. 15.
  16. 16.
    Tor Metrics Portal: Time in seconds to complete 5 MiB request (2012), https://metrics.torproject.org/performance.html
  17. 17.
  18. 18.
    Arlitt, M.F., Williamson, C.L.: Internet web servers: workload characterization and performance implications. IEEE/ACM Transactions on Networking 5 (October 1997)Google Scholar
  19. 19.
    Paxson, V., Floyd, S.: Wide area traffic: the failure of Poisson modeling. IEEE/ACM Trans. Netw. 3, 226–244 (1995)CrossRefGoogle Scholar
  20. 20.
    Little, J.D.C.: A proof of the queuing formula L = λW (1960)Google Scholar
  21. 21.
    Rosenberg, J., Mahy, R., Matthews, P., Wing, D.: Session Traversal Utilities for NAT (STUN). RFC 5389 (Proposed Standard) (October 2008)Google Scholar
  22. 22.
    Adobe Systems Incorporated: Real Time Media Flow Protocol (October 2008), http://labs.adobe.com/technologies/cirrus/
  23. 23.
    Müller, A., Evans, N., Grothoff, C., Kamkar, S.: Autonomous NAT traversal. In: 10th IEEE International Conference on Peer-to-Peer Computing (P2P) (2010)Google Scholar
  24. 24.
    W3C: WebRTC 1.0: Real-time communication between browsers (January 2012), http://dev.w3.org/2011/webrtc/editor/webrtc.html
  25. 25.
    Lynn, B.: PBC library, http://crypto.stanford.edu/pbc/
  26. 26.
    Feamster, N., Balazinska, M., Harfst, G., Balakrishnan, H., Karger, D.: Infranet: Circumventing web censorship and surveillance. In: Proceedings of the 11th USENIX Security Symposium (2002)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • David Fifield
    • 1
  • Nate Hardison
    • 1
  • Jonathan Ellithorpe
    • 1
  • Emily Stark
    • 2
  • Dan Boneh
    • 1
  • Roger Dingledine
    • 3
  • Phil Porras
    • 4
  1. 1.Stanford UniversityUSA
  2. 2.Massachusetts Institute of TechnologyUSA
  3. 3.The Tor ProjectUSA
  4. 4.SRI InternationalUSA

Personalised recommendations