research-article

A Churn for the Better: Localizing Censorship using Network-level Path Churn and Network Tomography

Authors:

Rishab Nithyanand,

Abbas Razaghpanah,

Phillipa GillAuthors Info & Claims

CoNEXT '17: Proceedings of the 13th International Conference on emerging Networking EXperiments and Technologies

Pages 81 - 87

https://doi.org/10.1145/3143361.3143386

Published: 28 November 2017 Publication History

Abstract

Recent years have seen the Internet become a key vehicle for citizens around the globe to express political opinions and organize protests. This fact has not gone unnoticed, with countries around the world repurposing network management tools (e.g., URL filtering products) and protocols (e.g., BGP, DNS) for censorship. Previous work has focused on identifying how censorship is performed. However, there is no major studies to identify, at a global scale, the networks responsible for performing censorship. Also, repurposing network products for censorship can have unintended international impact, which we refer to as "censorship leakage". While there have been anecdotal reports of censorship leakage, there has yet to be a systematic study of censorship leakage at a global scale.

In this paper, we combine a global censorship measurement platform (ICLab) with a general-purpose technique -- boolean network tomography -- to identify which AS on a network path is performing censorship. At a high-level, our approach exploits BGP churn to narrow down the set of potential censoring ASes by 97%. We identify 108 censoring ASes and find that the censorship introduced by 32 of the 108 censoring ASes has an impact on users located outside of the jurisdiction of the censoring AS, resulting in the leaking of regional censorship policies.

References

[1]

Anonymous. 2014. Towards a Comprehensive Picture of the Great Firewall's DNS Censorship. In 4th USENIX Workshop on Free and Open Communications on the Internet (FOCI 14). USENIX Association, San Diego, CA.

[2]

Simurgh Aryan, Homa Aryan, and J. Alex Halderman. 2013. Internet Censorship in Iran: A First Look. In Presented as part of the 3rd USENIX Workshop on Free and Open Communications on the Internet. USENIX, Washington, D.C.

[3]

Iljitsch Van Beijnum. 2010. China censorship leaks outside Great Firewall via root server. https://arstechnica.com/tech-policy/2010/03/china-censorship-leaks-outside-great-firewall-via-root-server/. (2010). Online; accessed June 2017.

[4]

Armin Biere. 2008. PicoSAT essentials. Journal on Satisfiability, Boolean Modeling and Computation 4 (2008), 75--97.

[5]

Martin A Brown. 2008. Renesys blog: Pakistan Hijacks YouTube. http://dyn.com/blog/pakistan-hijacks-youtube-1/. (2008). Online; accessed June 2017.

[6]

CAIDA. 2017. AS Classification. http://www.caida.org/data/as-classification/. (2017). Online; accessed June 2017.

[7]

CAIDA. 2017. IPv4 Routed /24 AS Links Dataset. http://www.caida.org/data/active/ipv4_routed_topology_aslinks_dataset.xml. (2017). Online; accessed June 2017.

[8]

Mark Coates, Alfred O. Hero III, Robert Nowak, and Bin Yu. 2002. Internet tomography. IEEE Signal Processing Magazine 19, 3 (May 2002), 47--65.

[9]

Mark Coates and Robert Nowak. 2000. Network loss inference using unicast end-to-end measurement. In ITC Conference on IP Traffic, Modeling and Management. 28--1.

[10]

Jakub Dalek, Bennett Haselton, Helmi Noman, Adam Senft, Masashi Crete-Nishihata, Phillipa Gill, and Ronald J. Deibert. 2013. A Method for Identifying and Confirming the Use of URL Filtering Products for Censorship. In Proceedings of the 2013 Conference on Internet Measurement Conference (IMC '13). ACM, New York, NY, USA, 23--30.

Digital Library

[11]

Amogh Dhamdhere, Renata Teixeira, Constantine Dovrolis, and Christophe Diot. 2007. Netdiagnoser: Troubleshooting network unreachabilities using end-to-end probes and routing data. In Proceedings of the 2007 ACM CoNEXT conference. ACM, 18.

Digital Library

[12]

Nick Feamster, David G Andersen, Hari Balakrishnan, and M Frans Kaashoek. 2003. Measuring the effects of Internet path faults on reactive routing. In ACM SIGMETRICS Performance Evaluation Review, Vol. 31. ACM, 126--137.

Digital Library

[13]

Anja Feldmann, Olaf Maennel, Z Morley Mao, Arthur Berger, and Bruce Maggs. 2004. Locating Internet routing instabilities. Proceedings of the 2004 conference on SIGCOMM, 205--218.

Digital Library

[14]

David Fifield and Lynn Tsai. 2016. Censors' Delay in Blocking Circumvention Proxies. In 6th USENIX Workshop on Free and Open Communications on the Internet (FOCI 16). USENIX Association, Austin, TX.

[15]

Arturo Filasto and Jacob Appelbaum. 2012. OONI: Open Observatory of Network Interference. In FOCI. 2nd USENIX Workshop on Free and Open Communications on the Internet.

[16]

Freedom House. 2016. Freedom on the Net 2016. https://freedomhouse.org/report/freedom-net/freedom-net-2016. (2016). Online; accessed June 2017.

[17]

Umar Javed, Italo Cunha, David Choffnes, Ethan Katz-Bassett, Thomas Anderson, and Arvind Krishnamurthy. 2013. Poiroot: Investigating the root cause of interdomain path changes. In Proceedings of the ACM SIGCOMM 2013 conference on SIGCOMM. ACM, 183--194.

Digital Library

[18]

Ben Jones, Tzu-Wen Lee, Nick Feamster, and Phillipa Gill. 2014. Automated detection and fingerprinting of censorship block pages. In Proceedings of the 2014 Conference on Internet Measurement Conference. ACM, 299--304.

Digital Library

[19]

Ethan Katz-Bassett, Colin Scott, David R Choffnes, Ítalo Cunha, Vytautas Valancius, Nick Feamster, Harsha V Madhyastha, Thomas Anderson, and Arvind Krishnamurthy. 2012. LIFEGUARD: Practical repair of persistent route failures. ACM SIGCOMM Computer Communication Review 42, 4 (2012), 395--406.

Digital Library

[20]

Sheharbano Khattak, Mobin Javed, Philip D. Anderson, and Vern Paxson. 2013. Towards Illuminating a Censorship Monitor's Model to Facilitate Evasion. In Presented as part of the 3rd USENIX Workshop on Free and Open Communications on the Internet. USENIX, Washington, D.C.

[21]

Philip Levis. 2012. The collateral damage of internet censorship by dns injection. ACM SIGCOMM Computer Communication Review 42, 3 (2012), 21--27.

Digital Library

[22]

M-Lab. 2017. M-Lab Data. Overview. https://www.measurementlab.net/data/. (2017). Online; accessed June 2017.

[23]

Liang Ma, Ting He, Ananthram Swami, Don Towsley, and Kin K Leung. 2017. Network capability in localizing node failures via end-to-end path measurements. IEEE/ACM Transactions on Networking 25, 1 (2017), 434--450.

Digital Library

[24]

McAfee. 2017. Customer URL Ticketing System. www.trustedsource.org/en/feedback/url?action=checklist. (2017). Online; accessed June 2017.

[25]

Zubair Nabi. 2013. The Anatomy of Web Censorship in Pakistan. In Free and Open Communications on the Internet. USENIX. http://censorbib.nymity.ch/pdf/Nabi2013a.pdf

[26]

OONI. 2017. Open Observatory of Network Interference. https://ooni.torproject.org/. (2017). Online; accessed June 2017.

[27]

Dan Pei, Matt Azuma, Dan Massey, and Lixia Zhang. 2005. BGP-RCN: Improving BGP convergence through root cause notification. Computer Networks 48, 2 (2005), 175--194.

Digital Library

[28]

Abbas Razaghpanah, Anke Li, Arturo Filastò, Rishab Nithyanand, Vasilis Ververis, Will Scott, and Phillipa Gill. 2016. Exploring the Design Space of Longitudinal Censorship Measurement Platforms. CoRR abs/1606.01979 (2016). http://arxiv.org/abs/1606.01979

[29]

Robert Swiecki. 2017. Enumeration of IP hops using existing TCP connections. https://github.com/robertswiecki/intrace. (2017). Online; accessed June 2017.

[30]

Yixin Sun, Anne Edmundson, Laurent Vanbever, Oscar Li, Jennifer Rexford, Mung Chiang, and Prateek Mittal. 2015. RAPTOR: Routing Attacks on Privacy in Tor. In USENIX Security Symposium. 271--286.

Digital Library

[31]

Renata Teixeira and Jennifer Rexford. 2004. A measurement framework for pin-pointing routing changes. In Proceedings of the ACM SIGCOMM workshop on Network troubleshooting: research, theory and operations practice meet malfunctioning reality. ACM, 313--318.

Digital Library

[32]

Yolanda Tsang, Mark Coates, and R.D. Nowak. 2003. Network Delay Tomography. Trans. Sig. Proc. 51, 8 (Aug. 2003), 2125--2136.

Digital Library

[33]

Yehuda Vardi. 1996. Network Tomography: Estimating Source-Destination Traffic Intensities from Link Data. J. Amer. Statist. Assoc. 91, 433 (1996), 365--377.

[34]

Nicholas Weaver, Robin Sommer, and Vern Paxson. 2009. Detecting Forged TCP Reset Packets. In 16th Network and Distributed System Security Symposium (NDSS2009). Internet Society.

[35]

Jian Wu, Zhuoqing Morley Mao, Jennifer Rexford, and Jia Wang. 2005. Finding a needle in a haystack: Pinpointing significant BGP routing changes in an IP network. In Proceedings of the 2nd conference on Symposium on Networked Systems Design & Implementation-Volume 2. USENIX Association, 1--14.

Digital Library

Cited By

Kon PGattani ASaharia DCao TBarradas DChen ASherr MUjcich B(2024)NetShuffle: Circumventing Censorship with Shuffle Proxies at the Edge2024 IEEE Symposium on Security and Privacy (SP)10.1109/SP54263.2024.00036(3497-3514)Online publication date: 19-May-2024
https://doi.org/10.1109/SP54263.2024.00036
Deng HPan S(2023)Evaluating Network Boolean Tomography Under Byzantine AttacksGLOBECOM 2023 - 2023 IEEE Global Communications Conference10.1109/GLOBECOM54140.2023.10436865(7574-7579)Online publication date: 4-Dec-2023
https://doi.org/10.1109/GLOBECOM54140.2023.10436865
Waheed AQunaibi SBarradas DWeinberg ZHong YWang L(2022)Darwin's Theory of CensorshipProceedings of the 21st Workshop on Privacy in the Electronic Society10.1145/3559613.3563206(103-108)Online publication date: 7-Nov-2022
https://dl.acm.org/doi/10.1145/3559613.3563206
Show More Cited By

Index Terms

A Churn for the Better: Localizing Censorship using Network-level Path Churn and Network Tomography
1. Networks
  1. Network performance evaluation
    1. Network measurement
  2. Network properties
    1. Network dynamics

Recommendations

Push-button-autocracy in Tunisia: Analysing the role of Internet infrastructure, institutions and international markets in creating a Tunisian censorship regime

Internet censorship and control have been commonplace in Tunisia since the Internet became available to then public in 1996. It was not until the last days of the Jasmine revolution in January 2011 that the Tunisian government shut down the censorship ...
RETRACTED: Government regulation of the Internet as instrument of digital protectionism in case of developing countries
Internet Censorship detection

Internet Censorship is a phenomenon that crosses several study fields, from computer networking and computer security to social sciences; together with censorship detection and censorship circumvention it has impact on Internet infrastructure, protocols ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

CoNEXT '17: Proceedings of the 13th International Conference on emerging Networking EXperiments and Technologies

November 2017

492 pages

ISBN:9781450354226

DOI:10.1145/3143361

Copyright © 2017 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGCOMM: ACM Special Interest Group on Data Communication

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 28 November 2017

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

CoNEXT '17

Sponsor:

SIGCOMM

CoNEXT '17: The 13th International Conference on emerging Networking EXperiments and Technologies

December 12 - 15, 2017

Incheon, Republic of Korea

Acceptance Rates

Overall Acceptance Rate 198 of 789 submissions, 25%

Upcoming Conference

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
255
Total Downloads

Downloads (Last 12 months)18
Downloads (Last 6 weeks)4

Reflects downloads up to 19 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Kon PGattani ASaharia DCao TBarradas DChen ASherr MUjcich B(2024)NetShuffle: Circumventing Censorship with Shuffle Proxies at the Edge2024 IEEE Symposium on Security and Privacy (SP)10.1109/SP54263.2024.00036(3497-3514)Online publication date: 19-May-2024
https://doi.org/10.1109/SP54263.2024.00036
Deng HPan S(2023)Evaluating Network Boolean Tomography Under Byzantine AttacksGLOBECOM 2023 - 2023 IEEE Global Communications Conference10.1109/GLOBECOM54140.2023.10436865(7574-7579)Online publication date: 4-Dec-2023
https://doi.org/10.1109/GLOBECOM54140.2023.10436865
Waheed AQunaibi SBarradas DWeinberg ZHong YWang L(2022)Darwin's Theory of CensorshipProceedings of the 21st Workshop on Privacy in the Electronic Society10.1145/3559613.3563206(103-108)Online publication date: 7-Nov-2022
https://dl.acm.org/doi/10.1145/3559613.3563206
Gray CMosig CBush RPelsser CRoughan MSchmidt TWahlisch M(2020)BGP Beacons, Network Tomography, and Bayesian Computation to Locate Route Flap DampingProceedings of the ACM Internet Measurement Conference10.1145/3419394.3423624(492-505)Online publication date: 27-Oct-2020
https://dl.acm.org/doi/10.1145/3419394.3423624
Garrett TBona LDuarte E(2020)Exploiting AS-level Routing Properties to Locate Traffic Differentiation in the Internet2020 IEEE Symposium on Computers and Communications (ISCC)10.1109/ISCC50000.2020.9219665(1-6)Online publication date: Jul-2020
https://doi.org/10.1109/ISCC50000.2020.9219665

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents