log in  |  register  |  feedback?  |  help  |  web accessibility
PhD Defense: Automating the Discovery of Censorship Evasion Strategies
Kevin Bock
4109 and via zoom https://umd.zoom.us/j/8266983021
Tuesday, April 26, 2022, 4:00-6:00 pm Calendar
  • You are subscribed to this talk through .
  • You are watching this talk through .
  • You are subscribed to this talk. (unsubscribe, watch)
  • You are watching this talk. (unwatch, subscribe)
  • You are not subscribed to this talk. (watch, subscribe)


Censoring nation-states deploy complex network infrastructure to regulate what content citizens can access, and such restrictions to open sharing of information threaten the freedoms of billions of users worldwide, especially marginalized groups. Researchers and censoring regimes have long engaged in a cat-and-mouse game, leading to increasingly sophisticated Internet-scale censorship techniques and methods to evade them. In this dissertation, I study the technology that underpins this Internet censorship: middleboxes (e.g. firewalls). I argue the following thesis: It is possible to automatically discover packet sequence modifications that render deployed censorship middleboxes ineffective across multiple application-layer protocols.

To evaluate this thesis, I develop Geneva, a novel genetic algorithm that discovers packet-manipulation-based censorship evasion strategies automatically against nation-state level censors. Training directly against a live adversary, Geneva composes, mutates, and evolves sophisticated strategies out of four basic packet manipulation primitives (drop, tamper, duplicate, and fragment).

I show that Geneva can be effective across different application layer protocols (HTTP, HTTPS+SNI, HTTPS+ESNI, DNS, SMTP, FTP), censoring regimes (China, Iran, India, and Kazakhstan), and deployment contexts (client-side, server-side), even in cases where multiple middleboxes work in parallel to perform censorship. In total, I present 27 client-side strategies, the first ever server-side strategies (11 in total), and 85 strategies that work by modifying application layer data. Finally, I use Geneva to discover two novel attacks that show censoring middleboxes can be weaponized to launch attacks against innocent hosts anywhere on the Internet.

Collectively, my work shows that censorship evasion can be automated and that censorship infrastructures pose a greater threat to Internet availability than previously understood.

Examining Committee:
Dean's Representative:
Dr. Dave Levin
Dr. Michel Cukier
Dr. Eric Wustrow
Dr. Bobby Bhattacharjee
Dr. John Dickerson

Kevin Bock is a PhD candidate at the University of Maryland, advised by Dave Levin. His work focuses on enabling open communication, improving network security, and evading censorship. Kevin is passionate about scaling up undergraduate research, and has advised 26 undergraduate students to date on his anti-censorship team. Kevin has also worked as adjunct faculty for the University of Maryland, where he created and teaches an upper-level undergraduate security course on Penetration Testing every Spring. Kevin's website is available at https://ter.ps/kevinbock.

This talk is organized by Tom Hurst