Augur: Internet-Wide Detection of Connectivity Disruptions

Anecdotes, news reports, and policy briefings collectively suggest that Internet censorship practices are pervasive. The scale and diversity of Internet censorship practices makes it difficult to precisely monitor where, when, and how censorship occurs, as well as what is censored. The potential risks in performing the measurements make this problem even more challenging. As a result, many accounts of censorship begin—and end—with anecdotes or short-term studies from only a handful of vantage points. We seek to instead continuously monitor information about Internet reachability, to capture the onset or termination of censorship across regions and ISPs. To achieve this goal, we introduce Augur, a method and accompanying system that utilizes TCP/IP side channels to measure reachability between two Internet locations without directly controlling a measurement vantage point at either location. Using these side channels, coupled with techniques to ensure safety by not implicating individual users, we develop scalable, statistically robust methods to infer network-layer filtering, and implement a corresponding system capable of performing continuous monitoring of global censorship. We validate our measurements of Internet-wide disruption in nearly 180 countries over 17 days against sites known to be frequently blocked, we also identify the countries where connectivity disruption is most prevalent.

[1]  Benjamin Edelman,et al.  Internet Filtering in China , 2003, IEEE Internet Comput..

[2]  Hari Balakrishnan,et al.  Fast portscan detection using sequential hypothesis testing , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[3]  Donald F. Towsley,et al.  Exploiting the IPID Field to Infer Network Path and End-System Characteristics , 2005, PAM.

[4]  Bogdan M. Wilamowski,et al.  The Transmission Control Protocol , 2005, The Industrial Information Technology Handbook.

[5]  Robert N. M. Watson,et al.  Ignoring the Great Firewall of China , 2006, Privacy Enhancing Technologies.

[6]  Stefan Savage,et al.  Inferring Internet denial-of-service activity , 2001, TOCS.

[7]  G. Lowe,et al.  The Great DNS Wall of China , 2007 .

[8]  Deepak Kapur,et al.  Idle Port Scanning and Non-interference Analysis of Network Protocol Stacks Using Model Checking , 2010, USENIX Security Symposium.

[9]  Jedidiah R. Crandall,et al.  Empirical Study of a National-Scale Distributed Intrusion Detection System: Backbone-Level Filtering of HTML Responses in China , 2010, 2010 IEEE 30th International Conference on Distributed Computing Systems.

[10]  Fang Yu,et al.  Investigation of Triangular Spamming: A Stealthy and Efficient Spamming Technique , 2010, 2010 IEEE Symposium on Security and Privacy.

[11]  Sotiris Ioannidis,et al.  CensMon: A Web Censorship Monitor , 2011, FOCI.

[12]  Zhuoqing Morley Mao,et al.  Internet Censorship in China: Where Does the Filtering Occur? , 2011, PAM.

[13]  kc claffy,et al.  Geocompare: a comparison of public and commercial geolocation databases - Technical Report , 2011 .

[14]  Jacob Appelbaum,et al.  OONI: Open Observatory of Network Interference , 2012, FOCI.

[15]  Stefan Lindskog,et al.  How the Great Firewall of China is Blocking Tor , 2012, FOCI.

[16]  D. Dittrich,et al.  The Menlo Report: Ethical Principles Guiding Information and Communication Technology Research , 2012 .

[17]  J. Alex Halderman,et al.  Internet Censorship in Iran: A First Look , 2013, FOCI.

[18]  Collin Anderson,et al.  Dimming the Internet: Detecting Throttling as a Mechanism of Censorship in Iran , 2013, ArXiv.

[19]  Zubair Nabi The Anatomy of Web Censorship in Pakistan , 2013, FOCI.

[20]  Eric Wustrow,et al.  ZMap: Fast Internet-wide Scanning and Its Security Applications , 2013, USENIX Security Symposium.

[21]  Vern Paxson,et al.  Towards Illuminating a Censorship Monitor's Model to Facilitate Evasion , 2013, FOCI.

[22]  Adam Senft,et al.  A method for identifying and confirming the use of URL filtering products for censorship , 2013, Internet Measurement Conference.

[23]  Marco Chiesa,et al.  Analysis of country-wide internet outages caused by censorship , 2011, IMC '11.

[24]  Towards a Comprehensive Picture of the Great Firewall's DNS Censorship , 2014, FOCI.

[25]  J. Brady,et al.  The Belmont Report. Ethical principles and guidelines for the protection of human subjects of research. , 2015, The Journal of the American College of Dentists.

[26]  Nick Feamster,et al.  Automated Detection and Fingerprinting of Censorship Block Pages , 2014, Internet Measurement Conference.

[27]  Emiliano De Cristofaro,et al.  Censorship in the Wild: Analyzing Internet Filtering in Syria , 2014, Internet Measurement Conference.

[28]  Jeffrey Knockel,et al.  Detecting Intentional Packet Drops on the Internet via TCP/IP Side Channels , 2014, PAM.

[29]  Xu Zhang,et al.  Original SYN: Finding machines hidden behind firewalls , 2015, 2015 IEEE Conference on Computer Communications (INFOCOM).

[30]  Nick Feamster,et al.  Encore: Lightweight Measurement of Web Censorship with Cross-Origin Requests , 2015, Comput. Commun. Rev..

[31]  Nick Feamster,et al.  Examining How the Great Firewall Discovers Hidden Circumvention Servers , 2015, Internet Measurement Conference.

[32]  Nick Feamster,et al.  Monitoring Internet Censorship with UBICA , 2015, TMA.

[33]  Philipp Winter,et al.  Analyzing the Great Firewall of China Over Space and Time , 2015, Proc. Priv. Enhancing Technol..

[34]  Nick Feamster,et al.  Detecting DNS Root Manipulation , 2016, PAM.

[35]  Steven J. Murdoch,et al.  Do You See What I See? Differential Treatment of Anonymous Users , 2016, NDSS.

[36]  Vern Paxson,et al.  SoK: Towards Grounding Censorship Circumvention in Empiricism , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[37]  David Fifield,et al.  Censors' Delay in Blocking Circumvention Proxies , 2016, FOCI.

[38]  Dario Rossi,et al.  Latency-Based Anycast Geolocation: Algorithms, Software, and Data Sets , 2016, IEEE Journal on Selected Areas in Communications.

[39]  Matthew J. Salganik,et al.  Bit by bit: social research in the digital age , 2019, The Journal of mathematical sociology.