NEW: We present the largest measurement study to date of Turkmenistan’s web censorship, with a new Geneva-assisted measurement tool, and discover over 100,000 blocked domains.

Automating Evasion

Researchers and censoring regimes have long engaged in a cat-and-mouse game, leading to increasingly sophisticated Internet-scale censorship techniques and methods to evade them. In this work, we take a drastic departure from the previously manual evade/detect cycle by developing techniques to automate the discovery of censorship evasion strategies.

Our Approach

We developed Geneva (Genetic Evasion), a novel experimental genetic algorithm that evolves packet-manipulation-based censorship evasion strategies against nation-state level censors. Geneva re-derived virtually all previously published evasion strategies, and has discovered new ways of circumventing censorship in China, India, Iran, and Kazakhstan.

How it works

Geneva runs exclusively on one side of the connection: it does not require a proxy, bridge, or assistance from outside the censoring regime. It defeats censorship by modifying network traffic on the fly (by injecting traffic, modifying packets, etc) in such a way that censoring middleboxes are unable to interfere with forbidden connections, but without otherwise affecting the flow. Since Geneva works at the network layer, it can be used with any application; with Geneva running in the background, any web browser can become a censorship evasion tool. Geneva cannot be used to circumvent blocking of IP addresses.

Geneva composes four basic packet-level actions (drop, duplicate, fragment, tamper) together to represent censorship evasion strategies. By running directly against real censors, Geneva’s genetic algorithm evolves strategies that evade the censor.

Real World Deployments

Geneva has been deployed against real-world censors in China, India, Iran, and Kazahkstan. It has discovered dozens of strategies to defeat censorship, and found previously unknown bugs in censors.

Note that Geneva is a research prototype, and does not offer anonymization, encryption, or other protection from censors. Understand the risks in your country before trying to run Geneva.

All of these strategies and Geneva’s strategy engine and are open source: check them out on our Github page.

Learn more about how we designed and built Geneva here.

Who We Are

This project is done by students in Breakerspace, a lab at the University of Maryland dedicated to scaling-up undergraduate research in computer and network security.

This work is supported by the Open Technology Fund and the National Science Foundation.

Contact Us

Interested in working with us, learning more, getting Geneva running in your country, or incorporating some of Geneva’s strategies into your tool?

The easiest way to reach us is by email.

  • Dave: dml (at) cs.umd.edu (PGP key here)
  • Kevin: kbock (at) terpmail.umd.edu (PGP key here)

Recent Posts

Posts

Weaponizing Middleboxes for TCP Reflected Amplification

Censors pose an even greater threat to the Internet than previously understood. We demonstrate an off-path attack that exploits residual censorship, a feature by which a censor continues blocking traffic between two end-hosts for some time after a censorship event. Our attack sends spoofed packets with censored content, keeping two victim end-hosts separated by a censor from being able to communicate with one another. This attack allows anyone to weaponize censorship infrastructure to perform their own blocking.
read more
Posts

Weaponizing Censorship Infrastructure for Availability Attacks

We discover it is possible for an attacker to weaponize a censor to prevent any pair of hosts from communicating across its borders by abusing a little known feature of many censorship systems: residual censorship.
read more
Posts

Evading SNI Filtering in India with Geneva

In July of 2020, the Open Observatory of Network Interference (OONI) team discovered that Indian ISPs (Airtel and Reliance Jio) had started filtering HTTPS websites using the Server Name Indication (SNI) field in TLS. A year later, we revisit Airtel’s HTTPS censorship system, show how we trained Geneva against the new censorship system to discover evasion strategies, and learn more about how the censorship systems operate.
read more