Mending Wall: On the Implementation of Censorship in India

This paper presents a study of the Internet infrastructure in India from the point of view of censorship. First, we show that the current state of affairs---where each ISP implements its own content filters (nominally as per a governmental blacklist)---results in dramatic differences in the censorship experienced by customers. In practice, a well-informed Indian citizen can escape censorship through a judicious choice of service provider. We then consider the question of whether India might potentially follow the Chinese model and institute a single, government-controlled filter. This would not be difficult, as the Indian Internet is quite centralized already. A few "key" ASes (approx 1% of Indian ASes) collectively intercept approx 95% of paths to the censored sites we sample in our study, and also to all publicly-visible DNS servers. 5,000 routers spanning these key ASes would suffice to carry out IP or DNS filtering for the entire country; approx 70% of these routers belong to only two private ISPs. If the government is willing to employ more powerful measures, such as an IP Prefix Hijacking attack, any one of several key ASes can censor traffic for nearly all Indian users. Finally, we demonstrate that such federated censorship by India would cause substantial collateral damage to non-Indian ASes whose traffic passes through Indian cyberspace (which do not legally come under Indian jurisdiction at all).

[1]  Leman Akoglu,et al.  The Politics of Routing: Investigating the Relationship between AS Connectivity and Internet Freedom , 2016, FOCI.

[2]  Zhuoqing Morley Mao,et al.  Accurate Real-time Identification of IP Prefix Hijacking , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[3]  Benjamin Edelman,et al.  Internet in China , 2003 .

[4]  Matthew J. Luckie,et al.  Spurious routes in public BGP data , 2014, CCRV.

[5]  G. Feng,et al.  Understanding Support for Internet Censorship in China: An Elaboration of the Theory of Reasoned Action , 2012 .

[6]  Benjamin Edelman,et al.  Internet Filtering in China , 2003, IEEE Internet Comput..

[7]  Quentin Jacquemart,et al.  Towards uncovering BGP hijacking attacks , 2015 .

[8]  Rebecca MacKinnon Flatter world and thicker walls? Blogs, censorship and civic discourse in China , 2007 .

[9]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[10]  Stefan Lindskog,et al.  How the Great Firewall of China is Blocking Tor , 2012, FOCI.

[11]  Minaxi Gupta,et al.  Inferring Mechanics of Web Censorship Around the World , 2012, FOCI.

[12]  Nick Feamster,et al.  Detecting DNS Root Manipulation , 2016, PAM.

[13]  J. Alex Halderman,et al.  Internet Censorship in Iran: A First Look , 2013, FOCI.

[14]  Paul Francis,et al.  A study of prefix hijacking and interception in the internet , 2007, SIGCOMM '07.

[15]  A. Dammer How Secure are Secure Interdomain Routing Protocols , 2011 .

[16]  Zhuoqing Morley Mao,et al.  Internet Censorship in China: Where Does the Filtering Occur? , 2011, PAM.

[17]  Miguel Rio,et al.  Network topologies: inference, modeling, and generation , 2008, IEEE Communications Surveys & Tutorials.

[18]  Zubair Nabi The Anatomy of Web Censorship in Pakistan , 2013, FOCI.

[19]  Franck Le,et al.  Detecting Network-Wide and Router-Specific Misconfigurations Through Data Mining , 2009, IEEE/ACM Transactions on Networking.

[20]  Lixin Gao On inferring autonomous system relationships in the internet , 2001, TNET.

[21]  C. Leberknight A Taxonomy of Internet Censorship and Anti-Censorship Draft Version December 31 , 2010 , 2011 .

[22]  Arun Venkataramani,et al.  iPlane: an information plane for distributed services , 2006, OSDI '06.

[23]  Ratul Mahajan,et al.  Understanding BGP misconfiguration , 2002, SIGCOMM '02.

[24]  Christopher Stevenson,et al.  Breaching the Great Firewall: China’s Internet Censorship and the Quest for Freedom of Expression in a Connected World , 2007 .

[25]  Lixin Gao,et al.  Detecting bogus BGP route information: Going beyond prefix hijacking , 2007, 2007 Third International Conference on Security and Privacy in Communications Networks and the Workshops - SecureComm 2007.

[26]  Jedidiah R. Crandall,et al.  ConceptDoppler: a weather tracker for internet censorship , 2007, CCS '07.

[27]  Adam Senft,et al.  A method for identifying and confirming the use of URL filtering products for censorship , 2013, Internet Measurement Conference.

[28]  Neo,et al.  The collateral damage of internet censorship by DNS injection , 2012, Comput. Commun. Rev..

[29]  Lixin Gao,et al.  CAM04-4: AS Path Inference by Exploiting Known AS Paths , 2006, IEEE Globecom 2006.

[30]  Patrick D. McDaniel,et al.  A Survey of BGP Security Issues and Solutions , 2010, Proceedings of the IEEE.