Blocking-resistant communication through domain fronting

[1] Akamai. http://www.akamai.com/.Search in Google Scholar

[2] P. Alpha. Google disrupted prior to Tiananmen anniversary; mirror sites enable uncensored access to information, June 2014. https://en.greatfire.org/blog/2014/jun/google-disrupted-prior-tiananmen-anniversary-mirror-sites-enable-uncensored-access.Search in Google Scholar

[3] Amazon CloudFront. https://aws.amazon.com/cloudfront/.Search in Google Scholar

[4] Y. Angel and P. Winter. obfs4 (the obfourscator), May 2014. https://gitweb.torproject.org/pluggable-transports/obfs4.git/tree/doc/obfs4-spec.txt.Search in Google Scholar

[5] J. Appelbaum and N. Mathewson. Pluggable transport specification, Oct. 2010. https://gitweb.torproject.org/torspec.git/tree/pt-spec.txt.Search in Google Scholar

[6] ASL19 and Psiphon. Information controls: Iran’s presidential elections. Technical report, 2013. https://asl19.org/cctr/iran-2013election-report/.Search in Google Scholar

[7] D. J. Bernstein, T. Lange, and P. Schwabe. Public-key authenticated encryption: crypto_box, Aug. 2010. http://nacl.cr.yp.to/box.html.Search in Google Scholar

[8] B. Boe. Bypassing Gogo’s inflight Internet authentication, Mar. 2012. http://bryceboe.com/2012/03/12/bypassing-gogos-inflight-internet-authentication/.Search in Google Scholar

[9] BridgeDB. https://bridges.torproject.org/.Search in Google Scholar

[10] C. Brubaker, A. Houmansadr, and V. Shmatikov. Cloud-Transport: Using cloud storage for censorship-resistant networking. In Proceedings of the 14th Privacy Enhancing Technologies Symposium (PETS), July 2014. http://www.cs.utexas.edu/~amir/papers/CloudTransport.pdf.10.1007/978-3-319-08506-7_1Search in Google Scholar

[11] S. Burnett, N. Feamster, and S. Vempala. Chipping away at censorship firewalls with user-generated content. In USENIX Security Symposium, Washington, DC, USA, Aug. 2010. USENIX. https://www.usenix.org/event/sec10/tech/full_papers/Burnett.pdf.Search in Google Scholar

[12] CloudFlare. https://www.cloudflare.com/.Search in Google Scholar

[13] T. Dierks and E. Rescorla. RFC 5246: The Transport Layer Security (TLS) Protocol Version 1.2, Aug. 2008. https://tools.ietf.org/html/rfc5246.10.17487/rfc5246Search in Google Scholar

[14] R. Dingledine. Obfsproxy: the next step in the censorship arms race, Feb. 2012. https://blog.torproject.org/blog/obfsproxy-next-step-censorship-arms-race.Search in Google Scholar

[15] R. Dingledine and N. Mathewson. Design of a blocking-resistant anonymity system. Technical Report 2006-11-001, Tor Project, Nov. 2006. https://research.torproject.org/techreports/blocking-2006-11.pdf.Search in Google Scholar

[16] E. Dou and A. Barr. U.S. cloud providers face backlash from China’s censors. Wall Street Journal, Mar. 2015. http://www.wsj.com/articles/u-s-cloud-providers-face-backlash-from-chinas-censors-1426541126.Search in Google Scholar

[17] K. P. Dyer, S. E. Coull, T. Ristenpart, and T. Shrimpton. Protocol misidentification made easy with format-transforming encryption. In Proceedings of the 20th ACM conference on Computer and Communications Security (CCS), Nov. 2013. https://kpdyer.com/publications/ccs2013-fte.pdf.10.1145/2508859.2516657Search in Google Scholar

[18] D. Eastlake. RFC 6066: Transport Layer Security (TLS) extensions: Extension definitions, Jan. 2011. https://tools.ietf.org/html/rfc6066.10.17487/rfc6066Search in Google Scholar

[19] Fastly. http://www.fastly.com/.Search in Google Scholar

[20] R. Fielding, J. Gettys, J. Mogul, H. Frystyk, L. Masinter, P. Leach, and T. Berners-Lee. RFC 2616: Hypertext transfer protocol — HTTP/1.1, June 1999. https://tools.ietf.org/html/rfc2616.10.17487/rfc2616Search in Google Scholar

[21] D. Fifield. Summary of meek’s costs, April 2015, May 2015. https://lists.torproject.org/pipermail/tor-dev/2015-May/008767.html.Search in Google Scholar

[22] D. Fifield, N. Hardison, J. Ellithorpe, E. Stark, R. Dingledine, P. Porras, and D. Boneh. Evading censorship with browser-based proxies. In Proceedings of the 12th Privacy Enhancing Technologies Symposium (PETS). Springer, July 2012. https://crypto.stanford.edu/flashproxy/flashproxy.pdf.10.1007/978-3-642-31680-7_13Search in Google Scholar

[23] J. Geddes, M. Schuchard, and N. Hopper. Cover your ACKs: Pitfalls of covert channel censorship circumvention. In Proceedings of the 20th ACM conference on Computer and Communications Security (CCS), Nov. 2013. http://www-users.cs.umn.edu/~hopper/ccs13-cya.pdf.10.1145/2508859.2516742Search in Google Scholar

[24] GoAgent. https://github.com/goagent/goagent.Search in Google Scholar

[25] Google. Google Transparency Report: China, all products, May 31, 2014–present, July 2014. https://www.google.com/transparencyreport/traffic/disruptions/124/.Search in Google Scholar

[26] Google App Engine. https://cloud.google.com/appengine/.Search in Google Scholar

[27] GreatFire.org. https://a248.e.akamai.net is 100% blocked in China. https://en.greatfire.org/https/a248.e.akamai.net.Search in Google Scholar

[28] A. Houmansadr, C. Brubaker, and V. Shmatikov. The parrot is dead: Observing unobservable network communications. In Proceedings of the 2013 IEEE Symposium on Security and Privacy, May 2013. http://www.cs.utexas.edu/~amir/papers/parrot.pdf.10.1109/SP.2013.14Search in Google Scholar

[29] A. Houmansadr, G. T. K. Nguyen, M. Caesar, and N. Borisov. Cirripede: Circumvention infrastructure using router redirection with plausible deniability. In Proceedings of the 18th ACM conference on Computer and Communications Security (CCS), Oct. 2011. http://hatswitch.org/~nikita/papers/cirripede-ccs11.pdf.10.1145/2046707.2046730Search in Google Scholar

[30] A. Houmansadr, T. Riedl, N. Borisov, and A. Singer. I want my voice to be heard: IP over voice-over-IP for unobservable censorship circumvention. In Proceedings of the 20th Network and Distributed System Security Symposium (NDSS). Internet Society, Feb. 2013. http://www.cs.utexas.edu/~amir/papers/FreeWave.pdf.Search in Google Scholar

[31] A. Houmansadr, E. L. Wong, and V. Shmatikov. No direction home: The true cost of routing around decoys. In Proceedings of the 21st Network and Distributed Security Symposium (NDSS). Internet Society, Feb. 2014. http://www.cs.utexas.edu/~amir/papers/DecoyCosts.pdf.10.14722/ndss.2014.23292Search in Google Scholar

[32] The ICSI certificate notary. http://notary.icsi.berkeley.edu/.Search in Google Scholar

[33] G. Kadianakis and N. Mathewson. obfs2 (the twobfuscator), Jan. 2011. https://gitweb.torproject.org/pluggabletransports/obfsproxy.git/tree/doc/obfs2/obfs2-protocolspec.txt.Search in Google Scholar

[34] G. Kadianakis and N. Mathewson. obfs3 (the threebfuscator), Jan. 2013. https://gitweb.torproject.org/pluggabletransports/obfsproxy.git/tree/doc/obfs3/obfs3-protocolspec.txt.Search in Google Scholar

[35] J. Karlin, D. Ellard, A. W. Jackson, C. E. Jones, G. Lauer, D. P. Mankins, and W. T. Strayer. Decoy routing: Toward unblockable internet communication. In Proceedings of the USENIX Workshop on Free and Open Communications on the Internet (FOCI), Aug. 2011. https://www.usenix.org/events/foci11/tech/final_files/Karlin.pdf.Search in Google Scholar

[36] Lantern. connpool. https://github.com/getlantern/connpool.Search in Google Scholar

[37] Lantern. enproxy. https://github.com/getlantern/enproxy.Search in Google Scholar

[38] Lantern. flashlight. https://github.com/getlantern/flashlight-build.Search in Google Scholar

[39] Lantern. fronted. https://github.com/getlantern/fronted.Search in Google Scholar

[40] Lantern. https://getlantern.org/.Search in Google Scholar

[41] B. Leidl. obfuscated-openssh, Apr. 2010. https://github.com/brl/obfuscated-openssh.Search in Google Scholar

[42] Level 3. http://www.level3.com.Search in Google Scholar

[43] K. Loesing. Counting daily bridge users. Technical Report 2012-10-001, Tor Project, Oct. 2012. https://research.torproject.org/techreports/counting-daily-bridge-users-2012-10-24.pdf.Search in Google Scholar

[44] M. Majkowski. SSL fingerprinting for p0f, June 2012. https://idea.popcount.org/2012-06-17-ssl-fingerprinting-for-p0f/.Search in Google Scholar

[45] B. Marczak, N. Weaver, J. Dalek, R. Ensafi, D. Fifield, S. McKune, A. Rey, J. Scott-Railton, R. Deibert, and V. Paxson. China’s Great Cannon. https://citizenlab.org/2015/04/chinas-great-cannon/.Search in Google Scholar

[46] Microsoft Azure. https://azure.microsoft.com/.Search in Google Scholar

[47] H. M. Moghaddam, B. Li, M. Derakhshani, and I. Goldberg. SkypeMorph: Protocol obfuscation for Tor bridges. In Proceedings of the 19th ACM conference on Computer and Communications Security (CCS), Oct. 2012. https://cs.uwaterloo.ca/~iang/pubs/skypemorph-ccs.pdf.Search in Google Scholar

[48] J. Newland. Large scale DDoS attack on github.com. https://github.com/blog/1981-large-scale-ddos-attack-on-githubcom.Search in Google Scholar

[49] E. Nygren, R. K. Sitaraman, and J. Sun. The Akamai network: A platform for high-performance Internet applications. ACM SIGOPS Operating Systems Review, 44(3):2–19, 2010. http://www.akamai.com/dl/technical_publications/network_overview_osr.pdf.10.1145/1842733.1842736Search in Google Scholar

[50] M. Perry. Tor Browser 4.0 is released, Oct. 2014. https://blog.torproject.org/blog/tor-browser-40-released.Search in Google Scholar

[51] M. Perry, E. Clark, and S. Murdoch. The design and implementation of the Tor Browser. Technical report, Tor Project, Mar. 2013. https://www.torproject.org/projects/torbrowser/design/.Search in Google Scholar

[52] Psiphon Team. A technical description of Psiphon, Mar. 2014. https://psiphon.ca/en/blog/psiphon-a-technicaldescription.Search in Google Scholar

[53] D. Robinson, H. Yu, and A. An. Collateral freedom: A snapshot of Chinese users circumventing censorship. Technical report, Open Internet Tools Project, May 2013. https://openitp.org/pdfs/CollateralFreedom.pdf.Search in Google Scholar

[54] M. Schuchard, J. Geddes, C. Thompson, and N. Hopper. Routing around decoys. In Proceedings of the 19th ACM conference on Computer and Communications Security (CCS), Oct. 2012. http://www-users.cs.umn.edu/~hopper/decoy-ccs12.pdf.10.1145/2382196.2382209Search in Google Scholar

[55] C. Smith. We are under attack, Mar. 2015. https://en.greatfire.org/blog/2015/mar/we-are-under-attack.10.1016/S1353-4858(15)70002-4Search in Google Scholar

[56] Y. Sovran, J. Li, and L. Submaranian. Unblocking the Internet: Social networks foil censors. Technical Report TR2008-918, Computer Science Department, New York University, Sept. 2009. http://kscope.news.cs.nyu.edu/pub/TR-2008-918.pdf.Search in Google Scholar

[57] Tor Project. #4744: GFW probes based on Tor’s SSL cipher list, Dec. 2011. https://bugs.torproject.org/4744.Search in Google Scholar

[58] Tor Project. #8860: Registration over App Engine, May 2013. https://bugs.torproject.org/8860.Search in Google Scholar

[59] Tor Project. #12778: Put meek HTTP headers on a diet, Aug. 2014. https://bugs.torproject.org/12778.Search in Google Scholar

[60] Tor Project. Bridge users using transport meek, May 2015. https://metrics.torproject.org/userstats-bridge-transport.html?graph=userstats-bridge-transport&end=2015-05-15&transport=meek.Search in Google Scholar

[61] Tor Project. Bridge users using transport obfs3, May 2015. https://metrics.torproject.org/userstats-bridge-transport.html?graph=userstats-bridge-transport&end=2015-05-15&transport=obfs3.Search in Google Scholar

[62] Q. Wang, X. Gong, G. T. K. Nguyen, A. Houmansadr, and N. Borisov. CensorSpoofer: Asymmetric communication using IP spoofing for censorship-resistant web browsing. In Proceedings of the 19th ACM conference on Computer and Communications Security (CCS), Oct. 2012. https://netfiles.uiuc.edu/qwang26/www/publications/censorspoofer.pdf.10.1145/2382196.2382212Search in Google Scholar

[63] Z. Weinberg, J. Wang, V. Yegneswaran, L. Briesemeister, S. Cheung, F. Wang, and D. Boneh. StegoTorus: A camouflage proxy for the Tor anonymity system. In Proceedings of the 19th ACM conference on Computer and Communications Security (CCS), Oct. 2012. http://www.owlfolio.org/media/2010/05/stegotorus.pdf.10.1145/2382196.2382211Search in Google Scholar

[64] T. Wilde. Great Firewall Tor probing circa 09 DEC 2011. Technical report, Team Cymru, Jan. 2012. https://gist.github.com/da3c7a9af01d74cd7de7.Search in Google Scholar

[65] B. Wiley. Dust: A blocking-resistant internet transport protocol. Technical report, School of Information, University of Texas at Austin, 2011. http://blanu.net/Dust.pdfhttps://github.com/blanu/Dust/blob/master/hs/README.Search in Google Scholar

[66] P. Winter and S. Lindskog. How the Great Firewall of China is blocking Tor. In Proceedings of the USENIX Workshop on Free and Open Communications on the Internet (FOCI), Aug. 2012. https://www.usenix.org/system/files/conference/foci12/foci12-final2.pdf.Search in Google Scholar

[67] P. Winter, T. Pulls, and J. Fuss. ScrambleSuit: A polymorphic network protocol to circumvent censorship. In Proceedings of the Workshop on Privacy in the Electronic Society (WPES). ACM, Nov. 2013. http://www.cs.kau.se/philwint/pdf/wpes2013.pdf.10.1145/2517840.2517856Search in Google Scholar

[68] C. Wright, S. Coull, and F. Monrose. Traffic morphing: An efficient defense against statistical traffic analysis. In Proceedings of the 16th Network and Distributed Security Symposium (NDSS). IEEE, Feb. 2009. https://www.internetsociety.org/sites/default/files/wright.pdf.Search in Google Scholar

[69] E. Wustrow, C. M. Swanson, and J. A. Halderman. Tap-Dance: End-to-middle anticensorship without flow blocking. In Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, Aug. 2014. USENIX Association. https://jhalderm.com/pub/papers/tapdance-sec14.pdf.Search in Google Scholar

[70] E. Wustrow, S. Wolchok, I. Goldberg, and J. A. Halderman. Telex: Anticensorship in the network infrastructure. In Proceedings of the 20th USENIX Security Symposium, Aug. 2011. https://www.usenix.org/events/sec/tech/full_papers/Wustrow.pdf.Search in Google Scholar

• Understanding Privacy-Related Advice on Stack Overflow

• Revisiting Identification Issues in GDPR ‘Right Of Access’ Policies: A Technical and Longitudinal Analysis

• Employees’ privacy perceptions: exploring the dimensionality and antecedents of personal data sensitivity and willingness to disclose

• Visualizing Privacy-Utility Trade-Offs in Differentially Private Data Releases

• Analyzing the Feasibility and Generalizability of Fingerprinting Internet of Things Devices

• CoverDrop: Blowing the Whistle Through A News App

• Building a Privacy-Preserving Smart Camera System

• FP-Radar: Longitudinal Measurement and Early Detection of Browser Fingerprinting

• Are iPhones Really Better for Privacy? A Comparative Study of iOS and Android Apps

• How to prove any NP statement jointly? Efficient Distributed-prover Zero-Knowledge Protocols

• Editors’ Introduction

• PUBA: Privacy-Preserving User-Data Bookkeeping and Analytics

• Who Knows I Like Jelly Beans? An Investigation Into Search Privacy

• SoK: Plausibly Deniable Storage

• d3p - A Python Package for Differentially-Private Probabilistic Programming

• Updatable Private Set Intersection

• Knowledge Cross-Distillation for Membership Privacy

• RegulaTor: A Straightforward Website Fingerprinting Defense

• Privacy-Preserving Positioning in Wi-Fi Fine Timing Measurement

• Efficient Set Membership Proofs using MPC-in-the-Head

• Checking Websites’ GDPR Consent Compliance for Marketing Emails

• Comprehensive Analysis of Privacy Leakage in Vertical Federated Learning During Prediction

• Understanding Utility and Privacy of Demographic Data in Education Technology by Causal Analysis and Adversarial-Censoring

• User-Level Label Leakage from Gradients in Federated Learning

• Privacy-preserving training of tree ensembles over continuous data

• Differentially Private Simple Linear Regression

• Increasing Adoption of Tor Browser Using Informational and Planning Nudges