censored planet
play

Censored Planet: Measuring Internet Censorship Globally and - PowerPoint PPT Presentation

Jul 25, 2023 •277 likes •780 views

Censored Planet: Measuring Internet Censorship Globally and Continuously Roya Ensafi AIMS 2018 1 Measuring Internet Censorship Globally PROBLEM: - How can we detect whether pairs of hosts around the world can talk to each other? user ?

  1. Censored Planet: Measuring Internet Censorship Globally and Continuously Roya Ensafi AIMS 2018 1

  2. Measuring Internet Censorship Globally PROBLEM: - How can we detect whether pairs of hosts around the world can talk to each other? user ? Site 2

  3. Measuring Internet Censorship Globally PROBLEM: - How can we detect whether pairs of hosts around the world can talk to each other? user STATE OF THE ART : ? Deploy hardware or software at hosts - (RIPE Atlas, OONI probe) Ask people on the ground, or use VPNs, or research networks - (PlanetLab) THREE KEY CHALLENGES: Site Coverage, ethics, and continuity 3

  4. Thinking Like an “Attacker” … These machines blindly follow Thinking Like an Attacker... Internet protocol rules such as TCP/IP. How can we leverage standard protocol behaviors to detect whether two distant hosts can communicate? 140 million public live IPv4 addresses 4

  5. Measuring Internet Censorship Globally … Remotely! PROBLEM: - How can we detect whether pairs of hosts around the world can talk to each other? user … from somewhere else in the world?. ? Impossible! Site 5

  6. Spooky Scan Spooky Scan uses TCP/IP side channels to detect whether a user and a site can communicate (and in which direction packets are blocked) user ? Goal: Detect blocking from off-path ? * TCP Idle Scan Antirez, (Bugtraq 1998) Site * Detecting Intentional Packet Drops on the Internet via TCP/IP Side Channels Roya Ensafi, Knockel, Alexander, and Crandall (PAM ’14) * Idle Port Scanning and Non-interference Analysis of Network Protocol Stacks Using Model Checking 6 Roya Ensafi , Park, Kapur, and Crandall (Usenix Security 2010)

  7. Augur Augur Augur is a follow up system that uses the same TCP/IP side channels to detect blocking from off-path. user ? Goal: Scalable, ethical, and statistically ? robust system to continuously detect blocking. Site * Augur: Internet-Wide Detection of Connectivity Disruption P. Pearce*, R. Ensafi*, F. Li, N. Feamster, V. Paxson (* joint first authors) 7

  8. TCP/IP TCP Handshake: SYN-ACK RST SYN [IP ID:X] Port status is open/closed SYN/ACK [IP ID: Y] ACK [IP ID:X+1] SYN SYN/ACK SYN/ACK SYN/ACK Port status is open 8

  9. Spooky Scan Requirements Site “User” (Reflector) Must maintain a Open port and global value for IP ID retransmitting SYN-ACKs Measurement Machine Must be able to spoof packets 9

  10. Spooky Scan Reflector IP ID Measurement Reflector machine Site 10

  11. Spooky Scan No direction blocked Reflector IP ID: SYN/ACK 1 7000 Measurement Reflector machine Site 11

  12. Spooky Scan Spooky Scan No direction blocked No direction blocked Reflector IP ID: SYN/ACK 1 7000 RST [IP ID: 7000] 2 Measurement Reflector machine Site 12

  13. Spooky Scan Spooky Scan No direction blocked Reflector IP ID: SYN/ACK 1 7000 RST [IP ID: 7000] 2 Measurement Reflector machine 3 Spoofed SYN [src: Reflector IP] Site 13

  14. Spooky Scan Spooky Scan No direction blocked Reflector IP ID: SYN/ACK 1 7000 RST [IP ID: 7000] 2 Measurement Reflector machine 3 Spoofed SYN [src: Reflector IP] SYN/ACK 4 Site 14

  15. Spooky Scan Spooky Scan No direction blocked Reflector IP ID: SYN/ACK 1 7000 RST [IP ID: 7000] 2 7001 Measurement Reflector machine 3 Spoofed SYN [src: Reflector IP] SYN/ACK 4 RST 5 [IP ID: 7001] Site 15

  16. Spooky Scan SYN/ACK 6 RST [IP ID: 7002] 7 No direction blocked Reflector IP ID: SYN/ACK 1 7000 RST [IP ID: 7000] 2 7001 7002 Measurement Reflector machine 3 Spoofed SYN [src: Reflector IP] SYN/ACK 4 RST 5 [IP ID: 7001] Site 16

  17. Probe [IP ID: 7003] Spooky Scan SYN/ACK 6 RST [IP ID: 7002] 7 No direction blocked Reflector IP ID: SYN/ACK 1 7000 RST [IP ID: 7000] 2 7001 7002 7003 Measurement Reflector machine 3 Spoofed SYN [src: Reflector IP] SYN/ACK 4 RST 5 [IP ID: 7001] Site 17

  18. Probe [IP ID: 7002] Spooky Scan SYN/ACK 5 RST [IP ID: 7001] 6 Site-to-Reflector Reflector IP ID: SYN/ACK 1 7000 Blocked RST [IP ID: 7000] 2 7001 7002 Measurement Reflector machine 3 S p o [ o s r f e c d : C S l Y i e N SYN/ACK n t I 4 P ] Site 18

  19. Spooky Scan SYN/ACK 6 RST [IP ID: 7002] 7 Reflector-to-Site Reflector IP ID: SYN/ACK 1 7000 Blocked RST [IP ID: 7000] 2 7001 7002 Measurement machine 3 5 RST S p o [ o s r f e c d : C S l Y i SYN/ACK e N n t I 4 P ] Site 19

  20. Probe [IP ID: 7004] Spooky Scan SYN/ACK 6 RST [IP ID: 7002] 7 Reflector-to-Site Reflector IP ID: SYN/ACK 1 7000 Blocked RST [IP ID: 7000] 2 7001 7002 7003 Measurement 7004 machine 3 5 RST S p o [ o s r f e c d : C S l Y i SYN/ACK e N n t I 4 P ] Site 20

  21. Spooky Scan Site-to-Reflector No Direction Reflector-to-Site Blocked Blocked Blocked � IP ID1 = 1 � IP ID1 = 2 � IP ID1 = 2 � IP ID2 = 1 � IP ID2 = 1 � IP ID2 = 2 21

  22. Coping with Reflector IP ID Noise Reflector Amplifying the signal Effect of sending N spoofed SYNs: Site-to-Reflector Blocked No Direction Blocked Reflector-to-Site Blocked � IP ID1 = (1 + noise) � IP ID1 = (1 + N + noise) � IP ID1 = (1 + N + noise) � IP ID2 = noise � IP ID2 = noise � IP ID2 = (1 + N + noise) 22

  23. Coping with Reflector IP ID Noise Reflector Amplifying the signal Effect of sending N spoofed SYNs: Site-to-Reflector Blocked No Direction Blocked Reflector-to-Site Blocked � IP ID1 = (1 + noise) � IP ID1 = (1 + N + noise) � IP ID1 = (1 + N + noise) � IP ID2 = noise � IP ID2 = noise � IP ID2 = (1 + N + noise) Repeating the experiment To eliminate the effects of packet loss, sudden bursts of packets, ... 23

  24. Augur for Continuous Scanning Insight: Some measurements much noisier than others. 24

  25. Augur for Continuous Scanning Insight: Some measurements much noisier than others. Probing Methodology: Until we have high enough confidence (or up to): - For first 4s, query IPID every sec Run Send 10 spoofed SYNs - Query IPID - Query IPID 25

  26. Augur for Continuous Scanning Insight: Some measurements much noisier than others. Probing Methodology: Until we have high enough confidence (or up to): Repeat runs and - For first 4s, query IPID every sec use Seq. Hypothesis Testing Run Send 10 spoofed SYNs - Query IPID to gradually build confidence. - Query IPID 26

  27. Augur: Sequential Hypothesis Testing Defining a random variable: if no IPID acceleration occurs if IPID acceleration occurs 27

  28. Augur: Sequential Hypothesis Testing Defining a random variable: if no IPID acceleration occurs if IPID acceleration occurs Calculate known outcome probabilities (priors): Prior 1 : Prob. of no IPID acceleration when there is blocking Prior 2: Prob. of IPID acceleration when there is no blocking 28

  29. Augur: Sequential Hypothesis Testing Trial Update Maximum Likelihood Ratio Site-to-Ref blocking Based on , can we decide No Blocking the blocking case? Ref-to-Site blocking No Yes No Output Unknown 29

  30. Augur Framework 30

  31. Augur Framework All responsive Reflector IPs selection User input Detection Target Reflector Characterization countries 31

  32. Augur Framework All responsive Reflector IPs selection User input Detection Target Reflector Characterization countries Site Site address characterization 32

  33. Augur Framework All responsive Reflector IPs selection User input Detection Target Reflector Characterization countries Probing Site Site address Scheduler characterization 33

  34. Augur Framework All System output responsive Reflector IPs selection Detection/ Ref-to-Site User input Validation blocking — OR — Detection Site-to-Ref Target Reflector blocking Characterization countries — OR — Probing No blocking — OR — Site Error Site address Scheduler characterization 34

  35. THREE KEY CHALLENGES: Coverage, ethics, and continuity Scanning IPv4 on port 80: Coverage - 22.7 million potential reflectors! Compare: 10,000 in prior work (RIPE Atlas) Challenge : Need global vantage points from which to measure 35

  36. Ethics Reflector IP ID: 1000 1001 1002 Reflector SYN/ACK 4 Challenge : Probing RST 5 banned sites from [IP ID: 1001] users’ machines creates risk Site 36

  37. THREE KEY CHALLENGES: Coverage, ethics, and continuity Ethics Use only infrastructure devices to source probes Internet Challenge : Probing User banned sites from users’ machines Global IP ID 22.7 million 236 countries (and creates risk dependent territories) Two hops back from end user 53,000 180 countries 37

  38. THREE KEY CHALLENGES: Coverage, ethics, and continuity Continuity Augur doesn’t depend on end users’ availability, and routers have less downtime, allowing us to collect measurements continuously. Challenge : Need to repeat measurements over time 38

  39. Running Augur Reflectors: 2,050 In the Wild Sites: 2,134 (Citizen Lab list + Alexa Top-10K) Mix of sensitive and popular sites Duration : 17 days Measurements per reflector-site : 47 Overall # of measurements: 207.6 million 39

  40. Top Site-to-Reflector blocking Blocked Sites Reflector Site-to-Reflector Blocked Site Interesting example: - amtrak.com was blocked for 21% of reflectors, 57% of countries (ranked 6) → Collateral damage 40

Recommend

Censored Planet Observatory Measuring Internet censorship globally, continuously, and remotely

Censored Planet Observatory Measuring Internet censorship globally, continuously, and remotely

Censored Planet Observatory Measuring Internet censorship globally, continuously, and remotely Internet Measurement Village 2020 Ram Sundara Raman June 26, 2020 Measuring Censorship is a Complex Problem! Internet censorship practices are

644 views • 52 slides
own Planet Image Source: NASA What makes a planet a planet? There are 3 rules for a celestial

own Planet Image Source: NASA What makes a planet a planet? There are 3 rules for a celestial

Trio Sci Cymru Design your own Planet Image Source: NASA What makes a planet a planet? There are 3 rules for a celestial object to be classified as a planet 1. It must orbit a star. 2. It must have enough mass that its rounded by its own

338 views • 15 slides
Which Websites are Censored, Anyway? Zachary Weinberg zackw@cmu.edu Carnegie Mellon University

Which Websites are Censored, Anyway? Zachary Weinberg zackw@cmu.edu Carnegie Mellon University

Which Websites are Censored, Anyway? Zachary Weinberg zackw@cmu.edu Carnegie Mellon University 17 July 2014 Sources Herdict , 20092014: 65,000 URLs reported as inaccessible (not necessarily censored) by users worldwide Citizen Lab ,

359 views • 7 slides
There is no Planet B. We only have one Earth. We only get one chance. We need to keep in

There is no Planet B. We only have one Earth. We only get one chance. We need to keep in

There is no Planet B. We only have one Earth. We only get one chance. We need to keep in mind the nature of our larger problem. https://environmentaljusticetv.wordpress.com/2012/08/16/people- Tim Weiskel - 2 and-planet-speech-only/

839 views • 59 slides
Planet 13 Holdings Inc. Corporate Presentation Planet 13 Holdings Inc. 1 1 September 2018

Planet 13 Holdings Inc. Corporate Presentation Planet 13 Holdings Inc. 1 1 September 2018

Planet 13 Holdings Inc. Corporate Presentation Planet 13 Holdings Inc. 1 1 September 2018 DISCLAIMER This confidential presentation has been prepared by Planet 13 Holdings Inc. (Planet 13 Holdings or the Company) solely fo r

430 views • 17 slides
Gaussian Process Regression with Perry Groot , Peter Lucas Censored Data Using Expectation

Gaussian Process Regression with Perry Groot , Peter Lucas Censored Data Using Expectation

GP Regression with Censored Data using EP Gaussian Process Regression with Perry Groot , Peter Lucas Censored Data Using Expectation Introduction Propagation Problem Setting Bayesian Framework Perry Groot , Peter Lucas Prior - GPs

554 views • 17 slides
Welcome! Developed by the PLANET MassCONECT Team, 2018 Funded by NCI (U54 CA156732) PLANET

Welcome! Developed by the PLANET MassCONECT Team, 2018 Funded by NCI (U54 CA156732) PLANET

Welcome! Developed by the PLANET MassCONECT Team, 2018 Funded by NCI (U54 CA156732) PLANET MassCONECT U54 Outreach Core of the U54 Partnership What we ask Training Engagement Toolkit Surveys Technical assistance What we provide Online

767 views • 51 slides
Rigorous Global Optimization of Impulsive Planet-to-Planet Transfers R. Armellin, P. Di Lizia,

Rigorous Global Optimization of Impulsive Planet-to-Planet Transfers R. Armellin, P. Di Lizia,

Rigorous Global Optimization of Impulsive Planet-to-Planet Transfers R. Armellin, P. Di Lizia, Politecnico di Milano K. Makino, M. Berz Michigan State University 5th International Workshop on Taylor Model Methods Toronto, May 20 23, 2008

308 views • 28 slides
Censored Survival Data: Simulation and Kernel Estimates Ji r Zelinka Department of

Censored Survival Data: Simulation and Kernel Estimates Ji r Zelinka Department of

Compstat2010, Paris, August 2227 Censored Survival Data: Simulation and Kernel Estimates Ji r Zelinka Department of Mathematics and Statistics Faculty of Science, Masaryk University Brno, Czech Republic Supported by M SMT

275 views • 23 slides
The heteroscedastic odd log-logistic generalized gamma regression model for censored data F

The heteroscedastic odd log-logistic generalized gamma regression model for censored data F

The heteroscedastic odd log-logistic generalized gamma regression model for censored data F abio Prataviera Edwin M. M. Ortega Gauss M. Cordeiro Altemir da Silva Braga VIII - Encontro dos Alunos da P os Gradua c ao em Estat

865 views • 39 slides
Accurate Regression Parameters and Summary Statistics Estimation in Data with Censored Missing

Accurate Regression Parameters and Summary Statistics Estimation in Data with Censored Missing

Accurate Regression Parameters and Summary Statistics Estimation in Data with Censored Missing Values Yuliya Karpievitch Imputation And Censored Values Yuliya Karpievitch Missing Values and Imputation Some algorithms expect a

531 views • 16 slides
Machine Learning for Healthcare 6.871, HST.956 Lecture 5: Learning with noisy or censored labels

Machine Learning for Healthcare 6.871, HST.956 Lecture 5: Learning with noisy or censored labels

Machine Learning for Healthcare 6.871, HST.956 Lecture 5: Learning with noisy or censored labels David Sontag Course announcements No recitation this Friday, but will be an extra office instead (2pm, 1-390) Problem set 1 due Mon Feb 24

419 views • 30 slides
Investor Meet March, 2019 Cooling the Planet 1. Company Introduction 2. Business Outlook 2.

Investor Meet March, 2019 Cooling the Planet 1. Company Introduction 2. Business Outlook 2.

Cooling the Planet Cooling the Planet Investor Meet March, 2019 Cooling the Planet 1. Company Introduction 2. Business Outlook 2. Subros Business 4. Past Performance and Future Plan 2 Cooling the Planet Cooling the Planet About Subros

645 views • 41 slides
Characterizing uncertainty of the exposure point concentration based on left-censored data

Characterizing uncertainty of the exposure point concentration based on left-censored data

1 Characterizing uncertainty of the exposure point concentration based on left-censored data Niloofar Shoari PhD candidate Jean-Sbastien Dub, Ph.D Department of Construction Engineering 27 April 2016 Montreal, Canada 2 What are

767 views • 18 slides
Computational treatment of the error distribution in nonparametric regression with right-censored

Computational treatment of the error distribution in nonparametric regression with right-censored

Estimation Asymptotic results Bandwidth selection Simulations Data Analysis Computational treatment of the error distribution in nonparametric regression with right-censored and selection-biased data Graldine LAURENT Jointly with Cdric

528 views • 38 slides
Models for our Planet Metaphors for our World Islands: Models for our Planet Metaphors for

Models for our Planet Metaphors for our World Islands: Models for our Planet Metaphors for

Models for our Planet Metaphors for our World Islands: Models for our Planet Metaphors for our World Interdisciplinary lecture series Institute for Interdisciplinary Studies (University of Amsterdam) Islands: Models for our Planet

200 views • 4 slides
Planet Earth: Plate Tectonics Recommended Books: An Introduction to Our Dynamic Planet ( ODP ),

Planet Earth: Plate Tectonics Recommended Books: An Introduction to Our Dynamic Planet ( ODP ),

Planet Earth: Plate Tectonics Recommended Books: An Introduction to Our Dynamic Planet ( ODP ), 2007, Rogers, N. et al. (Eds.), Cambridge University Press, 390 pp. An Introduction to Global Geophysics ( GG ), 2004, C. R. M. Fowler, Cambridge

558 views • 51 slides
ROBUST LOCATION AND SCALE ESTIMATION WITH CENSORED OUTCOMES Jerome H. Friedman Stanford

ROBUST LOCATION AND SCALE ESTIMATION WITH CENSORED OUTCOMES Jerome H. Friedman Stanford

ROBUST LOCATION AND SCALE ESTIMATION WITH CENSORED OUTCOMES Jerome H. Friedman Stanford University MACHINE LEARNING y = F ( x , z ) y = outcome variable x = ( x 1 , x p ) observed predictor variables z = ( z 1 , z 2 , ) other

739 views • 53 slides
Regression modelling of misclassified correlated interval-censored data Workshop on Flexible

Regression modelling of misclassified correlated interval-censored data Workshop on Flexible

Arno st Kom arek Dept. of Probability and Mathematical Statistics Regression modelling of misclassified correlated interval-censored data Workshop on Flexible Models for Longitudinal and Survival Data with Applications in Biostatistics

1.35k views • 100 slides
MassBrowser Unblock cking the Censored Web fo for the Masses, by the Masses Milad Nasr, Hadi

MassBrowser Unblock cking the Censored Web fo for the Masses, by the Masses Milad Nasr, Hadi

MassBrowser Unblock cking the Censored Web fo for the Masses, by the Masses Milad Nasr, Hadi Zolfaghari, Amir Houmansadr, Amirhossein Ghafari University of Massachusetts, Amherst 1 Internet Censorship 2 Censorship Circumvention Tools 3

827 views • 30 slides
Conditional density estimation in a censored single-index regression model Olivier Bouaziz 1 and

Conditional density estimation in a censored single-index regression model Olivier Bouaziz 1 and

Conditional density estimation in a censored single-index regression model Olivier Bouaziz 1 and Olivier Lopez 2 1 Laboratoire de Statistique Thorique et Applique 2 Crest-Ensai, Irmar, and Weierstrass Institute (Berlin) International Workshop

716 views • 33 slides
The Planet Mars The Planet Mars (Red Planet) Ivan Ivanov SSH3-13b Ivan Ivanov SSH3-23b

The Planet Mars The Planet Mars (Red Planet) Ivan Ivanov SSH3-13b Ivan Ivanov SSH3-23b

The Planet Mars The Planet Mars (Red Planet) Ivan Ivanov SSH3-13b Ivan Ivanov SSH3-23b Structure of Presentation 1. The Structure of Mars 1. General Information 2. Different Satellites of Mars 2. The Structure of Mars 3. The Topography

630 views • 6 slides
Problems for Multivariate Data Analysis Censored data. Riffle: an R Package for Nonmetric

Problems for Multivariate Data Analysis Censored data. Riffle: an R Package for Nonmetric

Problems for Multivariate Data Analysis Censored data. Riffle: an R Package for Nonmetric Clustering Tied ranks and reduced variance when < 5 5. Geoffrey B. Matthews and Robin A. Matthews Systematic bias when

155 views • 4 slides
Qantas Future Planet - UX Report Melinda Sobol Qantas Future Planet - UX Report The Brief The

Qantas Future Planet - UX Report Melinda Sobol Qantas Future Planet - UX Report The Brief The

Qantas Future Planet - UX Report Melinda Sobol Qantas Future Planet - UX Report The Brief The aim of this project is to enhance the usability of the Carbon offset calculator and/or create a new blue sky feature. The calculator is

553 views • 22 slides

More recommend