Running Software in Albuquerque to Measure Censorship Anywhere - - PowerPoint PPT Presentation

running software in albuquerque to measure censorship
SMART_READER_LITE
LIVE PREVIEW

Running Software in Albuquerque to Measure Censorship Anywhere - - PowerPoint PPT Presentation

Feb 18, 2023 441 likes •717 views

Running Software in Albuquerque to Measure Censorship Anywhere Jeffrey Knockel Roya Ensafi Jedidiah Crandall Computer Science Department University of New Mexico When will Desert Storm invasion begin? No access to Pentagon Watch Dominos

slide-1
SLIDE 1

Running Software in Albuquerque to Measure Censorship Anywhere

Jeffrey Knockel Roya Ensafi Jedidiah Crandall Computer Science Department University of New Mexico

slide-2
SLIDE 2

When will Desert Storm invasion begin?

slide-3
SLIDE 3

No access to Pentagon

slide-4
SLIDE 4

Watch Dominos outside Pentagon

slide-5
SLIDE 5

Pentagon deliveries normally

slide-6
SLIDE 6

Night before an invasion

slide-7
SLIDE 7

Moral of the story

We can measure what is happening in a thing without being in that thing

slide-8
SLIDE 8

Question

Albuquerque Server Can clients connect to the server? Clients

slide-9
SLIDE 9

TCP Connection

Albuquerque Server Clients SYN SYNACK ACK

slide-10
SLIDE 10

Measurement

  • Run measurement software over there
  • Problem: cannot get software in there
  • Or:

– Not in the right city – Not right now

  • We don't need measurement software on

client, on server, or in between

slide-11
SLIDE 11

Client

  • Find client with globally incrementing IP ID
  • Windows XP, FreeBSD, etc. globally increment

this ID

IP Header Version / IHL / TOS Length ID Flags / Fragment Offset TTL / Protocol Checksum Source IP Destination IP

slide-12
SLIDE 12

Measure # of packets sent

  • Ping every second
  • 1006, 1007, 1008, 1009…

– 1, 1, 1… none sent

  • 3003, 3007, 3012, 3016…

– 4, 5, 4… some sent

  • 4000, 5000, 6200, 7300…

– 1000, 1200, 1100… lots sent

slide-13
SLIDE 13

Experiment

Albuquerque Server Client Forged SYN

slide-14
SLIDE 14

No censorship (+1)

Albuquerque Server Client Forged SYN SYNACK RST

slide-15
SLIDE 15

Server → Client censored (+0)

Albuquerque Server Client Forged SYN SYNACK SYNACK …

slide-16
SLIDE 16

Client → Server censored (+>1)

Albuquerque Server Client Forged SYN SYNACK RST SYNACK RST …

slide-17
SLIDE 17

ARIMA time series

slide-18
SLIDE 18

Iterative outlier removal

slide-19
SLIDE 19

Intervention analysis

Server → Client No censorship 5

Client → Server

15

Measured intervention: 15.1 Client → Server filtering!

slide-20
SLIDE 20

Ethical concerns

← Decrease clarity Decrease karma → Can clients sending RST's get them hurt? Ethical Knob

slide-21
SLIDE 21

Future

  • Gathering data
  • Using other shared finite resources

– Reassembly buffers – …

  • Other censorship

– DNS – DPI – …

slide-22
SLIDE 22

SpookyScan

Spooky scanning at a distance http://spookyscan.cs.unm.edu

slide-23
SLIDE 23

SpookyScan

slide-24
SLIDE 24

SpookyScan

slide-25
SLIDE 25

SpookyScan

slide-26
SLIDE 26

Acknowledgments

This material is based upon work supported by the U.S. National Science Foundation under Grant Nos. 0844880, 0905177, and 1017602. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the U.S. National Science Foundation.