On Network Neutrality Measurements

Network level surveillance, censorship, and various man-in-the-middle attacks target only specific types of network traffic (e.g., HTTP, HTTPS, VoIP, or Email). Therefore, packets of these types will likely receive “special” treatment by a transit network or a man-in-the-middle attacker. A transit Internet Service Provider (ISP) or an attacker may pass the targeted traffic through special software or equipment to gather data or perform an attack. This creates a measurable difference between the performance of the targeted traffic versus the general case. In networking terms, it violates the principle of “network neutrality,” which states that all traffic should be treated equally. Many techniques were designed to detect network neutrality violations, and some have naturally suggested using them to detect surveillance and censorship. In this article, we show that the existing network neutrality measurement techniques can be easily detected and therefore circumvented. We then briefly propose a new approach to overcome the drawbacks of current measurement techniques.

[1]  Partha Kanuparthy,et al.  DiffProbe: Detecting ISP Service Discrimination , 2010, 2010 Proceedings IEEE INFOCOM.

[2]  Partha Kanuparthy,et al.  ShaperProbe: end-to-end detection of ISP traffic shaping using active methods , 2011, IMC '11.

[3]  Moni Naor,et al.  Pricing via Processing or Combatting Junk Mail , 1992, CRYPTO.

[4]  Nick Feamster,et al.  Detecting network neutrality violations with causal inference , 2009, CoNEXT '09.

[5]  Ming Zhang,et al.  Detecting traffic differentiation in backbone ISPs with NetPolice , 2009, IMC '09.

[6]  Marcel Dischinger,et al.  Detecting bittorrent blocking , 2008, IMC '08.

[7]  Xing Li,et al.  End-to-End Inference of Router Packet Forwarding Priority , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.

[8]  G. Urvoy-Keller,et al.  Passive capacity estimation: Comparison of existing tools , 2008, 2008 International Symposium on Performance Evaluation of Computer and Telecommunication Systems.

[9]  Werner Almesberger,et al.  Linux Network Traffic Control -- Implementation Overview , 1999 .

[10]  Tim Wu,et al.  Network Neutrality, Broadband Discrimination , 2003, J. Telecommun. High Technol. Law.

[11]  Xing Li,et al.  POPI: A User-Level Tool for Inferring Router Packet Forwarding Priority , 2010, IEEE/ACM Transactions on Networking.

[12]  Marcel Dischinger,et al.  Glasnost: Enabling End Users to Detect Traffic Differentiation , 2010, NSDI.

[13]  Adam Senft,et al.  Characterizing Web Censorship Worldwide: Another Look at the OpenNet Initiative Data , 2015, TWEB.

[14]  Ying Zhang,et al.  iSPY: Detecting IP Prefix Hijacking on My Own , 2010, IEEE/ACM Trans. Netw..

[15]  Sebastian Zander,et al.  A survey of covert channels and countermeasures in computer network protocols , 2007, IEEE Communications Surveys & Tutorials.

[16]  Anne Marsden,et al.  International Organization for Standardization , 2014 .

[17]  Xuxian Jiang,et al.  On the feasibility of launching the man-in-the-middle attacks on VoIP from remote attackers , 2009, ASIACCS '09.

[18]  Robert Beverly,et al.  Understanding the efficacy of deployed internet source address validation filtering , 2009, IMC '09.

[19]  Ítalo S. Cunha,et al.  DTRACK: A System to Predict and Track Internet Path Changes , 2014, IEEE/ACM Transactions on Networking.

[20]  Gustavus J. Simmons,et al.  The Prisoners' Problem and the Subliminal Channel , 1983, CRYPTO.

[21]  Guillaume Urvoy-Keller,et al.  PPrate: A Passive Capacity Estimation Tool , 2006, 2006 4th IEEE/IFIP Workshop on End-to-End Monitoring Techniques and Services.

[22]  S. Hemminger Network Emulation with NetEm , 2022 .

[23]  Robert Ricci,et al.  Modeling and Emulation of Internet Paths , 2009, NSDI.

[24]  Sotiris Ioannidis,et al.  CensMon: A Web Censorship Monitor , 2011, FOCI.

[25]  Parameswaran Ramanathan,et al.  Packet-dispersion techniques and a capacity-estimation methodology , 2004, IEEE/ACM Transactions on Networking.