GET /out: Automated Discovery of Application-Layer Censorship Evasion Strategies

In this paper, we present the first techniques to automate the discovery of new
censorship evasion techniques purely in the application layer. We present a
general solution and apply it specifically to HTTP and DNS censorship in China,
India, and Kazakhstan. Our automated techniques discovered a total of 77 unique
evasion strategies for HTTP and 9 for DNS, all of which require only
application-layer modifications, making them easier to incorporate into apps and
deploy. We analyze these strategies and shed new light into the inner workings
of the censors. We find that the success of application-layer strategies can
depend heavily on the type and version of the destination server. Surprisingly,
a large class of our evasion strategies exploit instances in which censors are
more RFC-compliant than popular application servers.

For the purposes of the artifact evaluation, our artifacts are (1) the strategies we
present in the paper and (2) the code used to implement them. We developed our
fuzzer by building off of the open-source Geneva project
(https://github.com/Kkevsterrr/geneva), but our code has not yet merged into
that repository publicly. For this reason, the code is uploaded here, and once 
it merges, the final stable URL will be replaced with a stable ref to Geneva's 
repository.

For this artifact evaluation, we demonstrate how the reader can evaluate (1)
that our strategies can generate modified requests; (2) that our strategies can
evade censorship. Optionally, the evaluator can test for themselves that our
tool can fuzz HTTP requests.