research-article

Open Access

Conjure: Summoning Proxies from Unused Address Space

Authors:
Sergey Frolov

University of Colorado Boulder, Boulder, CO, USA

University of Colorado Boulder, Boulder, CO, USA
View Profile

,
Jack Wampler

University of Colorado Boulder, Boulder, CO, USA

University of Colorado Boulder, Boulder, CO, USA
View Profile

,
Sze Chuen Tan

University of Illinois at Urbana-Champaign, Urbana-Champaign, IL, USA

University of Illinois at Urbana-Champaign, Urbana-Champaign, IL, USA
View Profile

,
J. Alex Halderman

University of Michigan, Ann Arbor, MI, USA

University of Michigan, Ann Arbor, MI, USA
View Profile

,
Nikita Borisov

University of Illinois at Urbana-Champaign, Urbana-Champaign, IL, USA

University of Illinois at Urbana-Champaign, Urbana-Champaign, IL, USA
View Profile

,
Eric Wustrow

University of Colorado Boulder, Boulder, CO, USA

University of Colorado Boulder, Boulder, CO, USA
View Profile

CCS '19: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications SecurityNovember 2019Pages 2215–2229https://doi.org/10.1145/3319535.3363218

Published:06 November 2019Publication History

CCS '19: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security

Pages 2215–2229

ABSTRACT

Refraction Networking (formerly known as "Decoy Routing") has emerged as a promising next-generation approach for circumventing Internet censorship. Rather than trying to hide individual circumvention proxy servers from censors, proxy functionality is implemented in the core of the network, at cooperating ISPs in friendly countries. Any connection that traverses these ISPs could be a conduit for the free flow of information, so censors cannot easily block access without also blocking many legitimate sites. While one Refraction scheme, TapDance, has recently been deployed at ISP-scale, it suffers from several problems: a limited number of "decoy" sites in realistic deployments, high technical complexity, and undesirable tradeoffs between performance and observability by the censor. These challenges may impede broader deployment and ultimately allow censors to block such techniques. We present Conjure, an improved Refraction Networking approach that overcomes these limitations by leveraging unused address space at deploying ISPs. Instead of using real websites as the decoy destinations for proxy connections, our scheme connects to IP addresses where no web server exists leveraging proxy functionality from the core of the network. These phantom hosts are difficult for a censor to distinguish from real ones, but can be used by clients as proxies. We define the Conjure protocol, analyze its security, and evaluate a prototype using an ISP testbed. Our results suggest that Conjure can be harder to block than TapDance, is simpler to maintain and deploy, and offers substantially better network performance.

Supplemental Material

p2215-wampler.webm

webm

76.1 MB

Download

References

Alexa Internet, Inc. 2019. Alexa Top 500 Global Sites. https://www.alexa.com/topsites.Google Scholar
Daniel J Bernstein, Mike Hamburg, Anna Krasnova, and Tanja Lange. 2013. Elligator: Elliptic-curve points indistinguishable from uniform random strings. In 20th ACM Conference on Computer and Communications Security (CCS). 967--980.Google ScholarDigital Library
Cecylia Bocovich and Ian Goldberg. 2016. Slitheen: Perfectly imitated decoyrouting through traffic replacement. In 23rd ACM Conference on Computer and Communications Security (CCS). 1702--1714.Google ScholarDigital Library
Cecylia Bocovich and Ian Goldberg. 2018. Secure asymmetry and deployability for decoy routing systems. Proceedings on Privacy Enhancing Technologies 2018,3 (2018), 43--62.Google ScholarCross Ref
Chad Brubaker, Amir Houmansadr, and Vitaly Shmatikov. 2014. Cloud Transport: Using Cloud Storage for Censorship-Resistant Networking. In The 14th Privacy Enhancing Technologies Symposium (PETS).Google Scholar
Jacopo Cesareo, Josh Karlin, Michael Shapira, and Jennifer Rexford. 2012. Optimizing the Placement of Implicit Proxies.Google Scholar
Roger Dingledine. 2011. Research problems: Ten ways to discover Tor bridges. https://blog.torproject.org/research-problems-ten-ways-discover-tor-bridgesGoogle Scholar
Roger Dingledine, Nick Mathewson, and Paul Syverson. 2004. Tor: The Second-Generation Onion Router. In13th USENIX Security Symposium. 303--320.Google ScholarCross Ref
Frederick Douglas, Rorshach, Weiyang Pan, and Matthew Caesar. 2016. Salmon:Robust Proxy Distribution for Censorship Circumvention. PoPETs 2016, 4 (2016),4--20.Google Scholar
Arun Dunna, Ciarán O'Brien, and Phillipa Gill. 2018. Analyzing China's Blocking of Unpublished Tor Bridges. In Free and Open Communications on the Internet. 8th USENIX Workshop on Free and Open Communications on the Internet (FOCI18).Google Scholar
Zakir Durumeric, Eric Wustrow, and J. Alex Halderman. 2013. ZMap: Fast Internet-Wide Scanning and its Security Applications. In 22nd USENIX Security Symposium.Google Scholar
K. P. Dyer, S. E. Coull, T. Ristenpart, and T Shrimpton. 2013. Protocol misidentification made easy with format-transforming encryption. In 20th ACM Conference on Computer and Communications Security (CCS). 61--72.Google ScholarDigital Library
Daniel Ellard, Alden Jackson, Christine Jones, Victoria Manfredi, W. Timothy Strayer, Bishal Thapa, and Megan Van Welie. 2015. Rebound: Decoy routing on asymmetric routes via error messages. In 40th IEEE Conference on Local Computer Networks (LCN). 91--99.Google ScholarDigital Library
R. Ensafi, D. Fifield, P. Winter, N. Feamster, N. Weaver, and V. Paxson. 2015. Examining How the Great Firewall Discovers Hidden Circumvention Servers. In 15th ACM Internet Measurement Conference (IMC). 445--458.Google Scholar
David Fifield. 2017. Threat modeling and circumvention of Internet censorship. Ph.D. Dissertation. University of California, Berkeley.Google Scholar
David Fifield, Nate Hardison, Jonathan Ellithorpe, Emily Stark, Roger Dingledine, Phil Porras, and Dan Boneh. 2012. Evading Censorship with Browser-Based Proxies. In 12th Privacy Enhancing Technologies Symposium (PETS). 239--258.Google Scholar
David Fifield, Chang Lan, Rod Hynes, Percy Wegmann, and Vern Paxson. 2015. Blocking-resistant communication through domain fronting. Proceedings on Privacy Enhancing Technologies 2015, 2 (2015), 46--64.Google ScholarCross Ref
Pawel Foremski, David Plonka, and Arthur Berger. 2016. Entropy/ip: Uncovering structure in ipv6 addresses. In Proceedings of the 2016 Internet Measurement Conference. ACM, 167--181.Google ScholarDigital Library
Freedom House. 2018. Freedom on the Net 2018: The Rise of Digital Authoritarianism. https://freedomhouse.org/sites/default/files/FOTN_2018_FinalBooklet_11_1_2018.pdf .Google Scholar
Sergey Frolov, Fred Douglas, Will Scott, Allison McDonald, Benjamin Vander Sloot, Rod Hynes, Adam Kruger, Michalis Kallitsis, David Robinson, Nikita Borisov, J. Alex Halderman, and Eric Wustrow. 2017. An ISP-scale deployment of Tap-Dance. Free and Open Communications on the Internet (FOCI)(2017), 49.Google Scholar
Sergey Frolov and Eric Wustrow. 2019. The use of TLS in Censorship Circumvention. In 2019 Network and Distributed System Security Symposium (NDSS).Google ScholarCross Ref
Devashish Gosain, Anshika Agarwal, Sambuddho Chakravarty, and H. B. Acharya. 2017. The Devil's in The Details: Placing Decoy Routers in the Internet. In Proceedings of the 33rd Annual Computer Security Applications Conference (ACSAC 2017). ACM, 577--589.Google ScholarDigital Library
Serene Han. 2017. Snowflake. https://trac.torproject.org/projects/tor/wiki/doc/Snowflake.Google Scholar
Jamie Hayes and George Danezis. 2016. k-fingerprinting: A robust scalable website fingerprinting technique. In 25th USENIX Security Symposium. 1187--1203.Google Scholar
Amir Houmansadr, Chad Brubaker, and Vitaly Shmatikov. 2013. The Parrotis Dead: Observing Unobservable Network Communications. In The 34th IEEE Symposium on Security and Privacy.Google Scholar
Amir Houmansadr, Giang T. K. Nguyen, Matthew Caesar, and Nikita Borisov. 2011. Cirripede: Circumvention infrastructure using router redirection with plausible deniability. In 18th ACM Conference on Computer and Communications Security (CCS). 187--200.Google ScholarDigital Library
Amir Houmansadr, Edmund L. Wong, and Vitaly Shmatikov. 2014. No Direction Home: The True Cost of Routing Around Decoys. In 21st Annual Network and Distributed System Security Symposium, NDSS 2014. The Internet Society.Google Scholar
Amir Houmansadr, Wenxuan Zhou, Matthew Caesar, and Nikita Borisov. 2017. SWEET: Serving the Web by Exploiting Email Tunnels. IEEE/ACM Transactions on Networking 25, 3 (Jan 2017).Google ScholarDigital Library
Josh Karlin, Daniel Ellard, Alden W. Jackson, Christine E. Jones, Greg Lauer, David P. Mankins, and W. Timothy Strayer. 2011. Decoy Routing: Toward Unblockable Internet Communication. In 1st USENIX Workshop on Free and Open Communications on the Internet (FOCI).Google Scholar
Redis Labs. 2019. Redis is open source, in-memory data structure store. https://redis.io/.Google Scholar
Bruce Leidl. 2009. Obfuscated SSH. https://github.com/brl/obfuscated-opensshGoogle Scholar
Patrick Lincoln, Ian Mason, Phillip A Porras, Vinod Yegneswaran, Zachary Weinberg, Jeroen Massar, William Allen Simpson, Paul Vixie, and Dan Boneh. 2012. Bootstrapping Communications into an Anti-Censorship System. In 2nd USENIX Workshop on Free and Open Communications on the Internet. USENIX.Google Scholar
Colm MacCarthaigh. 2018. Enhanced Domain Protections for Amazon Cloud-Front Requests. https://aws.amazon.com/blogs/security/enhanced-domain-protections-for-amazon-cloudfront-requests/.Google Scholar
Victoria Manfredi and Pi Songkuntham. 2018. MultiFlow: Cross-Connection Decoy Routing using TLS 1.3 Session Resumption. In 8th USENIX Workshop on Free and Open Communications on the Internet (FOCI 18). USENIX Association.Google Scholar
Bill Marczak, Nicholas Weaver, Jakub Dalek, Roya Ensafi, David Fifield, Sarah McKune, Arn Rey, John Scott-Railton, Ron Deibert, and Vern Paxson. 2015. An analysis of China's "Great Cannon". FOCI. USENIX(2015), 37.Google Scholar
Moxie Marlinspike. 2016. Doodles, stickers, and censorship circumvention for Signal Android. https://signal.org/blog/doodles-stickers-censorship/.Google Scholar
Moxie Marlinspike. 2018. Amazon threatens to suspend Signal's AWS accountover censorship circumvention. https://signal.org/blog/looking-back-on-the-front/.Google Scholar
Damon McCoy, Jose Andre Morales, and Kirill Levchenko. 2012. Proximax: Measurement-driven Proxy Dissemination (Short Paper). In Proceedings of the 15th International Conference on Financial Cryptography and Data Security (FC'11). Springer-Verlag, Berlin, Heidelberg, 260--267.Google ScholarDigital Library
Milad Nasr and Amir Houmansadr. 2016. GAME OF DECOYS: Optimal Decoy Routing Through Game Theory. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria, October 24--28,2016. ACM, 1727--1738.Google ScholarDigital Library
Milad Nasr, Hadi Zolfaghari, and Amir Houmansadr. 2017. The waterfall of liberty: Decoy routing circumvention that resists routing attacks. In 24th ACM Conference on Computer and Communications Security (CCS). 2037--2052.Google ScholarDigital Library
Refraction Networking. 2019. uTLS-fork of the Go standard TLS library, providing low-level access to the Client Hello for mimicry purposes. https://github.com/refraction-networking/utls/.Google Scholar
Ntop. PF_RING. http://www.ntop.org/products/pf_ring.Google Scholar
Open Whisper Systems. Signal Private Messenger. https://signal.org/.Google Scholar
Psiphon. Psiphon. https://psiphon.ca.Google Scholar
Refraction Routing Site [n.d.]. Refraction Networking: Internet freedom in the network's core. https://refraction.network/.Google Scholar
Eric Rescorla. 2018. The Transport Layer Security (TLS) Protocol Version 1.3.RFC 8446.Google Scholar
Eric Rescorla, Kazuho Oku, Nick Sullivan, and Christopher A. Wood. 2018. Encrypted Server Name Indication for TLS 1.3. Internet-Draft draft-ietf-tls-esni-02. Internet Engineering Task Force. Work in Progress.Google Scholar
David Robinson, Harlan Yu, and Anne An. 2013. Collateral freedom: A snapshot of chinese Internet users circumventing censorship. Open Internet Tools Project Report(2013).Google Scholar
Max Schuchard, John Geddes, Christopher Thompson, and Nicholas Hopper. 2012. Routing around decoys. In 19th ACM Conference on Computer and Communications Security (CCS). 85--96.Google ScholarDigital Library
Shadowsocks. 2019. Shadowsocks: A secure SOCKS5 proxy.Google Scholar
Payap Sirinam, Mohsen Imani, Marc Juarez, and Matthew Wright. 2018. Deep fingerprinting: Undermining website fingerprinting defenses with deep learning. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. ACM, 1928--1943.Google ScholarDigital Library
The Tor Project. obfs4 Specification. https://gitweb.torproject.org/pluggable-transports/obfs4.git/tree/doc/obfs4-spec.txt.Google Scholar
Liang Wang, Kevin P Dyer, Aditya Akella, Thomas Ristenpart, and Thomas Shrimpton. 2015. Seeing through network-protocol obfuscation. In 22nd ACM Conference on Computer and Communications Security (CCS). ACM, 57--69.Google ScholarDigital Library
Qiyan Wang, Xun Gong, Giang T. K. Nguyen, Amir Houmansadr, and Nikita Borisov. 2012. Censor Spoofer: Asymmetric Communication using IP Spoofing for Censorship-Resistant Web Browsing. In Computer and Communications Security. ACM.Google Scholar
Qiyan Wang, Zi Lin, Nikita Borisov, and Nicholas Hopper. 2013. rBridge: User Reputation based Tor Bridge Distribution with Privacy Preservation. In 20th Annual Network and Distributed System Security Symposium, NDSS 2013. The Internet Society.Google Scholar
Tao Wang, Xiang Cai, Rishab Nithyanand, Rob Johnson, and Ian Goldberg. 2014. Effective attacks and provable defenses for website fingerprinting. In 23rd USENIX Security Symposium. 143--157.Google Scholar
Tim Wilde. Jan. 7, 2012. Knock knock knockin' on bridges' doors. Tor Blog. https://blog.torproject.org/blog/knock-knock-knockin-bridges-doors.Google Scholar
Philipp Winter and Stefan Lindskog. 2012. How the Great Firewall of China is Blocking Tor. In 2nd USENIX Workshop on Free and Open Communications on the Internet. USENIX.Google Scholar
Eric Wustrow, Colleen M. Swanson, and J. Alex Halderman. 2014. Tap Dance: End-to-Middle Anticensorship without Flow Blocking. In 23rd USENIX Security Symposium. 159--174.Google Scholar
Eric Wustrow, Scott Wolchok, Ian Goldberg, and J. Alex Halderman. 2011. Telex: Anti-censorship in the Network Infrastructure. In 20th USENIX Security Symposium.Google Scholar
ZeroMQ. ZeroMQ Distributed Messaging. http://zeromq.org/.Google Scholar

Index Terms

Conjure: Summoning Proxies from Unused Address Space
1. Social and professional topics
  1. Computing / technology policy
    1. Censorship

Recommendations

The Waterfall of Liberty: Decoy Routing Circumvention that Resists Routing Attacks
CCS '17: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security

Decoy routing is an emerging approach for censorship circumvention in which circumvention is implemented with help from a number of volunteer Internet autonomous systems, called decoy ASes. Recent studies on decoy routing consider all decoy routing ...
Read More
Routing around decoys
CCS '12: Proceedings of the 2012 ACM conference on Computer and communications security

Decoy Routing is a new approach to Internet censorship circumvention that was recently and independently proposed at FOCI'11, USENIX Security'11 and CCS'11. Decoy routing aims to hamper nation-state level Internet censorship by having routers, rather ...
Read More
Thwarting E-mail Spam Laundering

Laundering e-mail spam through open-proxies or compromised PCs is a widely-used trick to conceal real spam sources and reduce spamming cost in the underground e-mail spam industry. Spammers have plagued the Internet by exploiting a large number of spam ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
CCS '19: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security
November 2019
2755 pages
ISBN:9781450367479
DOI:10.1145/3319535
General Chairs:
Lorenzo Cavallaro
King's College London, UK
,
Johannes Kinder
Bundeswehr University Munich, Germany
,
Program Chairs:
XiaoFeng Wang
Indiana University, USA
,
Jonathan Katz
George Mason University, USA
Copyright © 2019 Owner/Author
This work is licensed under a Creative Commons Attribution International 4.0 License.
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 6 November 2019
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
censorship
censorship circumvention
decoy routing
proxy
refraction networking
Qualifiers
- research-article
Conference

Acceptance Rates
CCS '19 Paper Acceptance Rate149of934submissions,16%Overall Acceptance Rate1,261of6,999submissions,18%
More
Upcoming Conference
CCS '24

Sponsor:

sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 14 - 18, 2024

Salt Lake City , UT , USA
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 8
  Total Citations
  View Citations
- 1,097
  Total Downloads
- Downloads (Last 12 months)208
- Downloads (Last 6 weeks)20
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Conjure: Summoning Proxies from Unused Address Space

CCS '19: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security

ABSTRACT

Supplemental Material

References

Cited By

Index Terms

Recommendations

The Waterfall of Liberty: Decoy Routing Circumvention that Resists Routing Attacks

Routing around decoys

Thwarting E-mail Spam Laundering