PhD Proposal: Automating the Discovery of Censorship Evasion Strategies
Kevin Bock
Remote
Thursday, August 27, 2020, 11:00 am-1:00 pm 
Abstract
Researchers and censoring regimes have long engaged in a cat-and-mouse game, leading to increasingly sophisticated censorship techniques and methods to evade them. Unfortunately, censors have long had an inherent advantage in this arms race, because discovering new censorship evasion techniques has, to date, been a laborious, manual process. Details of censors' infrastructure and implementation are generally not publicly known, and thus researchers typically must first measure and develop an understanding of how a particular censor works before they can develop strategies to evade them.
I propose to evaluate the following thesis: It is possible to efficiently automate the discovery of censorship evasion techniques under all deployment scenarios. There are four possible ways to deploy a censorship evasion mechanism: at the client-side, at the server-side, at both, or at neither (via an o -path third-path). My work will develop techniques for automatically discovering evasion strategies in all of these deployment scenarios.
The foundation of my approach is my prior work Geneva, a genetic algorithm that discovers novel censorship evasion strategies that run at either the client or the server. Geneva has discovered dozens of new censorship evasion strategies against real-world censors, including the rst ever strategies that can be run exclusively from the server. In the first part of my proposal, I review the design of Geneva and its results from real deployments. In the second part, I propose developing automated censorship evasion techniques for the remaining two deployment scenarios: joint client/server evasion and o -path third-party evasion. I also propose to extend Geneva to be able to automatically identify new application-layer evasion techniques exclusively at the client or the server. 1
Examining Committee:
I propose to evaluate the following thesis: It is possible to efficiently automate the discovery of censorship evasion techniques under all deployment scenarios. There are four possible ways to deploy a censorship evasion mechanism: at the client-side, at the server-side, at both, or at neither (via an o -path third-path). My work will develop techniques for automatically discovering evasion strategies in all of these deployment scenarios.
The foundation of my approach is my prior work Geneva, a genetic algorithm that discovers novel censorship evasion strategies that run at either the client or the server. Geneva has discovered dozens of new censorship evasion strategies against real-world censors, including the rst ever strategies that can be run exclusively from the server. In the first part of my proposal, I review the design of Geneva and its results from real deployments. In the second part, I propose developing automated censorship evasion techniques for the remaining two deployment scenarios: joint client/server evasion and o -path third-party evasion. I also propose to extend Geneva to be able to automatically identify new application-layer evasion techniques exclusively at the client or the server. 1
Examining Committee:
Chair: Dr. Dave Levin
Dept rep: Dr. John Dickerson
Members: Dr. Neil Spring
Dr. Bobby Bhattacharjee
Dr. Eric Wustrow
Dept rep: Dr. John Dickerson
Members: Dr. Neil Spring
Dr. Bobby Bhattacharjee
Dr. Eric Wustrow
Bio
Kevin Bock is a computer science PhD student at the University of Maryland, studying network security and censorship, and is the instructor for HACS408T. Outside of school, he has a full time job as a programmer working for a government contractor, and loves to run and play frisbee. Kevin is also a double-Terp: he finished his Masters in 2018 and his BS in computer science in 2017!
This talk is organized by Tom Hurst