Your Censor is My Censor: Weaponizing Censorship Infrastructure for Availability Attacks
Description
Repository for scripts for the WOOT 2021 paper: "Your Censor is My Censor: Weaponizing Censorship Infrastructure for Availability Attacks" for Artifact Evaluation.
Paper Abstract: Nationwide Internet censorship threatens free and open access to communication and information for millions of users living inside of censoring regimes. In this paper, we show that this poses an even greater threat to the Internet than previously understood. We demonstrate an attack that exploits a little-studied but widespread feature of many censoring infrastructures: what we call residual censorship, in which a censor continues blocking traffic between two end-hosts for some time after a censorship event. Our attack sends spoofed packets with censored content, keeping two victim end-hosts separated by a censor from being able to communicate with one another.
Although conceptually simple, this attack has several challenges, which we address. We demonstrate the feasibility of the attack through two studies: one to capture the current state of residual censorship, and another to actually launch the attack (against machines we control). We show that the attack can be launched despite stateful TCP tracking used by many censors, and that it also works against those who censor by null-routing. Our code is publicly available.
Files
Artifact_Evaluation_Submission.pdf
Files
(114.3 kB)
Name | Size | Download all |
---|---|---|
md5:0b64047e6cc2b876a78ce06ecc3a69a4
|
78.5 kB | Preview Download |
md5:6d48af50131365b930bbd1b8b7720018
|
125 Bytes | Download |
md5:276f90a0c16c9752628879bd01d42e6b
|
1.5 kB | Download |
md5:0c32cd2dfbbb3c05dcb650d7a0fd50c2
|
8.2 kB | Preview Download |
md5:6d7a7f9656f675681aaba39c9edb2db7
|
58 Bytes | Preview Download |
md5:817c7dd26f83cb396e08bbc7e9aad560
|
17.9 kB | Download |
md5:61b5ca5be3a768e6799ffda1a14493ab
|
8.0 kB | Download |
Additional details
Funding
- SaTC: CORE: Small: Collaborative: Building Sophisticated Services with Programmable Anonymity Networks 1816802
- National Science Foundation