ECEN 5003/CSCI 7000 Censorship Circumvention

Course info

In this course, we will discuss and read papers on a wide range of censorship and circumvention techniques, systems, and measurements, including: anonymity, web filtering, censorship across the world (including the "Great Firewall of China"), circumvention proxies, online privacy, private communication, and more.

Location:	HLMS 211
Time:	Mon/Wed/Fri 10:00 AM - 10:50 AM
Professor:	Eric Wustrow <ewust@colorado.edu> ECOT 352
Office Hours:	Wed 1-2pm or by appointment

Grading

This course will include reading 3-4 papers per week, with written reviews and in-class discussion on the topics. Each student must complete an open-ended final project related to Internet censorship, with the goal of submitting it to a computer security conference or workshop.

• 50% - Final project
• 25% - In-class topic presentation
• 20% - Paper reviews
• 5% - Participation

Paper reviews

For each paper we read, please submit a short (~150-300 word) summary that describes the paper, and some of your comments about the paper; for example, insights, questions, future directions, or what lessons are learned, etc. Please send these to ewust@colorado.edu with the subject "5003 reading", and include your review as inline text in the email. It's ok to include multiple reviews in the same email, just make the separation clear.

In-class presentations

Working with a partner, pick a topic (or propose a new one!) and present it to the class. Presentations should be 10 minutes, and we will have a short Q&A session. Send an email to me (ewust@colorado.edu) with your top 2 choices and who your partner will be by class on Friday, September 8th.

• Tor Demonstrate the details of Tor, including hidden services, guard relays, and bridge nodes. Build a classifier that tells if a particular user is connected to Tor by observing their packets. Bonus: extend the classifier to detect bridge nodes.
• Censorship probing Send network probes to a deployed Internet censor (e.g. China or Iran are good candidates). Find at least 2 seperate network locations, and describe the behavior of these boxes. Do they poison DNS, block certain TCP/IP hosts, send TCP RSTs? We'll read papers that answer these questions, but in this presetation, do these probes yourself and verify! Measure where these firewalls exist in the network (i.e. TTL hop). Bonus: provide an entire map of where firewalls for an entire country exist.
• Website Fingerprinting Build a classifier that takes a packet capture from a user browsing websites over HTTPS, and outputs the exact pages that the user visited. You are allowed to limit this to a "closed world" model of at least 50 web pages. Bonus: extend this to observing what website a Tor user is browsing.
• Dining Cryptographers network Develop an anonymous messaging program for n>2 users using a dining cryptographers network. Demonstrate how keys are established, messages are sent, and show why this is anonymous.
• Takedown notices Collect content takedown notice reports from a large content provider, such as Google, Facebook, or Twitter. Describe trends of countries/regions, trends over time, or over different services. How often are these requests complied with? What are the types of requests not complied with? Contrast this to copyright takedowns in specific countries.
• Freenet Demonstrate the details of Freenet, including location swapping, and "darknet" mode. Describe how Freenet is both anonymous and censorship resistant. Discuss attacks on each of these. Can a censor tell if users are connected to one another using Freenet? Bonus: implement one of these attacks and demonstrate it.
• Signal Describe in detail the Signal protocol that implements OTR. Include the Axolotol/Double Ratchet algorithm, the X3DH protocol, how Signal desktop trades key information with the phone to allow additional devices to read Signal messages, and how Signal's anticensorship feature works. Note: This is going to involve reading code! Some of this detail does not exist anywhere else, but you can start here. Bonus: implement a way to block Signal's anticensorship method.
• Obfuscation attacks Implement an attack on an obfuscation protocol we talk about in class (e.g. Skypemorph, Stegotorus, Scramblesuit, FTE). Describe how to defend against it.

Final Project

Each group will give a 10-15 minute presentation in class (TBD), describing what problem they are solving, how they solved it, and anything they plan to do by the due date of the final project. There will be a couple minutes for Q&A for each group. Final papers will be due TBD 11:59PM MDT. Please submit papers in USENIX format as a single PDF, 5-8 pages in length, including references.

Readings

Date	Topic	Readings
Week 1
Mon, Aug 28	Introduction	No reading Introduction to Internet Censorship
Wed, Aug 30	Censorship overview	Inferring Mechanics of Web Censorship Around the World
Fri, Sep 1	Circumvention overview	SoK: Making Sense of Censorship Resistance Systems Optional: Slipping Past the Cordon: A Systematization of Internet Censorship Resistance
Week 2
Mon, Sep 4	Labor Day	No class / No reading
Wed, Sep 6	China	Internet Censorship in China: Where Does the Filtering Occur? Optional Measuring Decentralization of Chinese Keyword Censorship via Mobile Games China's Internet: Topology mapping and geolocating
Fri, Sep 8	Syria	Censorship in the Wild: Analyzing Internet Filtering in Syria
Week 3
Mon, Sep 11	Iran	Internet Censorship in Iran: A First Look Optional Understanding Internet Censorship Policy: The Case of Greece
Wed, Sep 13	Pakistan	The Anatomy of Web Censorship in Pakistan Optional Censorship and Co-option of the Internet Infrastructure (Egypt) In and Out of Cuba
Fri, Sep 15	Anonymity	Tor: The Second-Generation Onion Router Dingledine, Mathewson, and Syverson
Week 4
Mon, Sep 18	Anonymity Attacks	Users Get Routed: Traffic Correlation on Tor by Realistic Adversaries Johnson, Wacek, Jansen, Sherr, and Syverson
Wed, Sep 20	Distributed Anonymity	Freenet: A Distributed Anonymous Information Storage and Retrieval System
Fri, Sep 22	Private communication	Off-the-Record Communication, or, Why Not To Use PGP Optional SoK: Secure Messaging
Week 5
Mon, Sep 25	Metadata	DP5: A Private Presence Service Optional Pond
Wed, Sep 27	DC nets	DC Net topic presentation Dissent in Numbers: Making Strong Anonymity Scale Optional Vuvuzela: Scalable Private Messaging Resistant to Traffic Analysis
Fri, Sep 29	Obfuscation	Obfsproxy obfs3 spec
Week 6
Mon, Oct 2	Obfuscation	Tor topic presentation SkypeMorph: Protocol Obfuscation for Tor Bridges
Wed, Oct 4	Obfuscation	StegoTorus: A Camouflage Proxy for the Tor Anonymity System
Fri, Oct 6	Obfuscation	Final project topic proposals due via email Scramblesuit: A Polymorphic Network Protocol to Circumvent Censorship
Week 7
Mon, Oct 9	Attacking obfuscation	Signal topic presentation The Parrot is Dead: Observing Unobservable Network Communications
Wed, Oct 11	Attacking obfuscation	Seeing through Network-Protocol Obfuscation
Fri, Oct 13	Arms race	Censors' Delay in Blocking Circumvention Proxies
Week 8
Mon, Oct 16	Project proposals	No reading Groups present proposals, 4-5 minutes per project
Wed, Oct 18	Content censorship	Chipping Away at Censorship Firewalls with User-Generated Content
Fri, Oct 20	No class
Week 9
Mon, Oct 23	Censorship-resistant storage	Takedown notices topic presentation Tangler: A Censorship-Resistant Publishing System Based On Document Entanglements
Wed, Oct 25	Clever protocols	Blocking-resistant communication through domain fronting Optional Facade: High-Throughput, Deniable Censorship Circumvention Using Web Search
Fri, Oct 27	Clever protocols	website fingerprinting topic presentation Evading Censorship with Browser-Based Proxies Optional DNS-sly: Avoiding Censorship through Network Complexity
Week 10
Mon, Oct 30	Clever protocols	Protocol Misidentification Made Easy with Format-Transforming Encryption
Wed, Nov 1	Clever protocols	CacheBrowser: Bypassing Chinese Censorship without Proxies Using Cached Content
Fri, Nov 3	Measurement	Global Measurement of DNS Manipulation
Week 11
Mon, Nov 6	Measurement	Detecting Intentional Packet Drops on the Internet via TCP/IP Side Channels Optional Global Network Interference Detection over the RIPE Atlas Network
Wed, Nov 8	Measurement	Encore: Lightweight Measurement of Web Censorship with Cross-Origin Requests
Fri, Nov 10	Measurement	Satellite: Joint Analysis of CDNs and Network-Level Interference
Week 12
Mon, Nov 13	Advancing censors	An Analysis of China’s "Great Cannon"
Wed, Nov 15	Advancing censors	Examining How the Great Firewall Discovers Hidden Circumvention Servers
Fri, Nov 17	Refraction	Project checkpoint due via email Telex: Anticensorship in the Network Infrastructure Optional Cirripede: Circumvention Infrastructure using Router Redirection with Plausible Deniability Decoy Routing: Toward Unblockable Internet Communication
Week 13
Mon, Nov 20	Fall break	No class
Wed, Nov 22	Fall break	No class
Fri, Nov 24	Fall break	No class
Week 14
Mon, Nov 27	Refraction	TapDance: End-to-Middle Anticensorship without Flow Blocking Optional An ISP-Scale Deployment of TapDance
Wed, Nov 29	Refraction	Slitheen: Perfectly Imitated Decoy Routing through Traffic Replacement
Fri, Dec 1	Refraction attacks	Routing Around Decoys Optional No Direction Home: The True Cost of Routing Around Decoys
Week 15
Mon, Dec 4	Web fingerprinting	Effective Attacks and Provable Defenses for Website Fingerprinting
Wed, Dec 6	Web fingerprinting	Touching from a Distance: Website Fingerprinting Attacks and Defenses
Fri, Dec 8	Fingerprinting defenses	No class, work on projects. No review due. Optional Peek-a-Boo, I Still See You: Why Efficient Traffic Analysis Countermeasures Fail S-BuFLO: A Congestion Sensitive Website Fingerprinting Defense
Final week
Mon, Dec 11	Final presentations	Each group ~10 minutes
Wed, Dec 13	Final presentations	Each group ~10 minutes

Final Project written proposals

Each group will send an email containing the name(s) of the group members, the title of a proposed topic final project, and a ~300 word abstract describing the problem and solution of the proposed research. Be sure to describe why the problem is important, and what you specifically plan to do. For example, what tool will you build, and how does it help? How will it work? What data will you collect, and how will you collect it?

Final Project in-class proposal

Each group will present a short overview (~5 minutes) of their proposed project. This should include what you described in the written abstract, in some more detail, and also touch on related work (keep in mind this may include papers we don't read in class).

Final project written checkpoint

About 6 weeks in, each group will send a brief email update on the progress of their project. Of the proposed work, what has been done so far, and what remains to be done? Have you run into any snags or problems, or had to change direction? It's ok to realize an initial approach isn't going to work (this is research!), but have a plan or effort toward what you will do to change directions or fix the problem.

Final project presentations

In the last week of class, each group will be given 10 minutes to present the results of their final project. This should include the motivation (what they problem is, why it's important), previous related work (and why it was insufficient), your solution, and results. We'll have 2-3 minutes for Q & A from the class for each group.

Final project papers

Each group will submit a 5-8 page paper (in USENIX format), due Sat, Dec 16, 11:59pm This should look similar to some of the papers we read: in the Introdction, set up the problem and briefly describe your solution. Describe your system or study, and evaluate it or the results in depth. Describe related work, and also potential future work that might build off your work.