Presentation is loading. Please wait.

Presentation is loading. Please wait.

CSE 592 INTERNET CENSORSHIP (FALL 2015) LECTURE 10 PHILLIPA GILL – STONY BROOK UNIVERSITY.

Published byArleen Harper Modified over 9 years ago

Similar presentations

Presentation on theme: "CSE 592 INTERNET CENSORSHIP (FALL 2015) LECTURE 10 PHILLIPA GILL – STONY BROOK UNIVERSITY."— Presentation transcript:

1 CSE 592 INTERNET CENSORSHIP (FALL 2015) LECTURE 10 PHILLIPA GILL – STONY BROOK UNIVERSITY

2 WHERE WE ARE Last time: Case study: Iran + Pakistan Questions? Revisit hands on activity … RIPEstat page for AS 12880: https://stat.ripe.net/AS12880#tabId=at-a-glance Try looking up other Iranian networks NDT data in Google http://www.google.com/publicdata/explore?ds=e9krd11m38onf_&ctype=l&str ail=false&bcs=d&nselm=h&met_y=download_throughput&scale_y=lin&ind_y =false&rdim=country&idim=country:364&ifdim=country&ind=false OOKLA Speed test: http://www.google.com/publicdata/explore?ds=z8ii06k9csels2_&ctype=l&met _y=avg_download_speed

3 ASSIGNMENT 1 DISCUSSION Some questions led to confusion Part 1 Q2 who are the source and destination (most people got this): Source ICSI ; Destination Baidu (accepted anything from the destination whois since it was a weird looking record). Q3 Why did Wireshark flag Packet 8 as a retransmission? Q4 What is unusual about the response in packet 9? (there was a typo in this question, I reduced total by 3 for it) Q5 (most people got this): Is it the same device responding to packet 8 as the first GET (packet 4)?

4 ASSIGNMENT 1 DISCUSSION Some questions led to confusion Part 2 Q2 What is missing from the TCP connection? Handshake! Q3 Flow or packet level censor? (a lot of people had trouble with this!) Q4 What is returned in response to the HTTP GET? Part 3 On path or in path censor? Why?

5 TEST YOUR KNOWLEDGE (IRAN) 1.How did the government assert control over the Internet in 2001? 2.What were the conflicting goals of Iran in implementing censorship? 3.What was the end result of these? 4.What is the `campaign for halal Internet’? Why did people fear this? 5.What is the purpose of IP addresses designated in RFC1918? 6.What are two techniques used by Anderson to map an internal 10.x.x.x address to an external IP? 7.What is the idea of “dimming the Internet”? 8.How can “dimming” be measured? 9.How did the pseudonymous paper identify filtering based on the host header? 10.What type of proxy did they find?

6 TEST YOUR KNOWLEDGE (PAKISTAN) 1.Why is censorship in Pakistan well known? 2.Which protocol allowed collateral damage when they censored YouTube? 3.What is the main form of censorship in Pakistan identified by the Web censorship paper? 4.What are the most common circumvention techniques in Pakistan? 5.What are some circumvention techniques that were found to work for Pakistan censorship? 6.Which product did CitizenLab find in Pakistan? 7.How did they find the IP of installations of the product? 8.How did they verify that the installations were used for censorship?

7 TODAY Case Study: China Background (ONI report) Concept Doppler (Crandall et al.) http://www.csd.uoc.gr/~hy558/papers/conceptdoppler.pdf Locating the censors (Xu et al.) http://pam2011.gatech.edu/papers/pam2011--Xu.pdf Great Cannon  Seminar Tuesday October 13 @ 1pm!

8 BACKGROUND China: one-party state, ruled by the Chinese Communist Party (CCP) Conflict between IT development and ability to contain sensitive or threatening information Several milestones challenged gov’t control: Anniversary of Tibetan Uprising in 2008: Protests in Lhasa 2008 Beijing Olympics, pressures to lessen censorship Foreign reporters had unprecedented access within the country Domestic news still highly restricted Unfettered Internet access for foreign journalists restricted to “games-related” Web sites 2009 Riots in Urumqi led to Internet restrictions to “quench the riot … and prevent violent” State sponsored Web site access (31 sites) slowly restored but Internet access in Xinjiang was effectively severed for 10 months

9 BACKGROUND 2 2010 Google refuses to comply with legal requirements of content filtering in China Attempts to hack gmail accounts of human rights activists Google wanted to establish a truly free and open search engine or officially close Google.cn Google’s actions placed PRC’s censorship practices in the international spotlight China’s population means that even at 28.9% Internet penetration the country has the most Internet users in the world Mobile networking is important for bridging the rural/urban divide 10% of users access the Internet only on a mobile device Widespread use of Internet has led to a change in the public discourse and exposing corruption of government officials and even dismissal of senior officials

10 INTERNET FILTERING IN CHINA Initial project: Green Dam Youth Escort project Filtering at the level of the user’s computer Analysis by ONI + StopBadware showed that it wasn’t effective in blocking all pornography and would unpredictably block political and religious content Follow on project: “Blue Dam” with more features mandated to be installed by ISPs Server side/ISP-level blocking of content deemed to be inappropriate Blog services are also responsible for policing content on their sites Must install keyword filters + delete accounts of violating users More on this in the online social networking lecture …

11 TODAY’S READINGS ConceptDoppler: A Weather Tracker for Internet Censorship. Crandall et al. 2006 Internet Censorship in China: Where Does the Filtering Occur? Xu et al. 2011

12 CONCEPTDOPPLER Goals: Develop the capability to monitor both the technical censorship mechanism and how it is used E.g., to answer questions such as why was “keyword blocked” in a given place and time Focus on keyword blocking: less collateral damage, less negative fall out than blunt censorship techniques Specific aim to monitor the set of blocked keywords over time and monitor for variations between regions Useful for circumvention (e.g., encoding keywords to make them unidentifiable to DPI boxes). The need for continuous monitoring of censored keywords requires efficient probing: Latent semantic analysis + techniques from Web search to minimize the set of keywords that must be probed.

13 EXPERIMENT 1 TEST GFC 72 hours of HTTP GETs to www.yahoo.cnwww.yahoo.cn 1.Send FALUN (blocked keyword) until a RST is received 2.Switch to send TEST (benign word) until a valid HTTP response is received Observation: hosts are blocked from communicating for 90 seconds after sending the bad keyword.

14 RESULTS: BLOCKING IS NOT 100% RELIABLE White = not blocked; grey = blocked X = 0 is 15:00 in Beijing Y = # of probes Diurnal trends in filtering effectiveness

15 EXPERIMENT 2: FIND GFC FIREWALLS Target URLs probed = top 100 URLs returned by Google for the queries: site:x where X=.cn,.com.cn,.edu.cn,.org.cn, and.net.cn No RSTs observed if the connection was not open -> GFC is stateful

16 WHERE ARE THE CENSORS?

17 FINDING KEYWORDS EFFICIENTLY Latent semantic analysis (LSA) to find keywords related to concepts the government might filter Details of LSA in the paper. Experimental set up: Gather all the pages of Chinese language Wikipedia 12 term lists based on 12 general concepts (terms are selected to be most related to the concept via LSA) Probed 2,500 terms from each of the 12 lists

18 NUMBER OF KEYWORDS FOUND X axis = bins of 250 keywords Y axis = # of blocked keywords found Key takeaway: 2,500 tested terms selected via LSA contains many more Blocked keywords than randomly chosen terms

19 LIMITATIONS Scale: Querying each 2,500 word list takes 1.2 - 6.7 hours; heavy use of network resources False positives + false negatives No way to claim these lists are exhaustive … Potentials for evation: If we know what keywords are filtered when we observe them we can be clever and hide them E.g., fragment IP packets on the keyword, HTML comments in the word: fa lun Use different encodings for keywords: F%61lun Gong Put keywords in Captchas or insert other characters: f@lun g0ng

20 READING 2: MAPPING THE GFC Presentation

21 HANDS ON ACTIVITY Online reports of Chinese censorship: https://en.greatfire.org/ http://www.herdict.org/explore/indepth?fc=CN http://www.google.com/transparencyreport/traffic/explorer/?r=CN &l=EVERYTHING China Chats data: https://china-chats.net/ Video chat censorship: https://www.usenix.org/sites/default/files/conference/protected- files/foci15_slides_knockel.pdf

Download ppt "CSE 592 INTERNET CENSORSHIP (FALL 2015) LECTURE 10 PHILLIPA GILL – STONY BROOK UNIVERSITY."

Similar presentations

By Brian Langone. Internet censorship is essentially a method used by corporations, governments and others in order to filter what a user can view on.

By Brian Langone. Internet censorship is essentially a method used by corporations, governments and others in order to filter what a user can view on.
Lesson 1. Course Outline E-Commerce and its types, Internet and WWW Basics, Internet standards and protocols, IP addressing, Data communication on internet,

Lesson 1. Course Outline E-Commerce and its types, Internet and WWW Basics, Internet standards and protocols, IP addressing, Data communication on internet,
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
Topic 2: Information Communication Internet Censorship in China From July 2009 Ürümqi Riots point of view Dan Ru ISYM-540-P 07/09/2009.

Topic 2: Information Communication Internet Censorship in China From July 2009 Ürümqi Riots point of view Dan Ru ISYM-540-P 07/09/2009.
THE INTERNET IN CHINA 384 million users by the end of 2009 (Xinhua News Agency, Jan. 15, 2010) Top three uses are online music, online news and search.

THE INTERNET IN CHINA 384 million users by the end of 2009 (Xinhua News Agency, Jan. 15, 2010) Top three uses are online music, online news and search.
Skills: none Concepts: log, IP address, URL, packet header and body, geo-location, anonymity, proxy server, advertising signals, hacking, social graph.

Skills: none Concepts: log, IP address, URL, packet header and body, geo-location, anonymity, proxy server, advertising signals, hacking, social graph.
 Firewalls and Application Level Gateways (ALGs)  Usually configured to protect from at least two types of attack ▪ Control sites which local users.

 Firewalls and Application Level Gateways (ALGs)  Usually configured to protect from at least two types of attack ▪ Control sites which local users.
Censorship Traditionally: Deletion of materials that the gorvernment or media considers to be objectionable Internet censorship often just blocks access.

Censorship Traditionally: Deletion of materials that the gorvernment or media considers to be objectionable Internet censorship often just blocks access.
Anonymity on the Internet Jess Wilson. Anonymizing Proxy What is a proxy? – An intermediary between you and the internet How does it make you anonymous?

Anonymity on the Internet Jess Wilson. Anonymizing Proxy What is a proxy? – An intermediary between you and the internet How does it make you anonymous?
Forced Internet Filtering Thomas Mahoney. Internet Filtering ► Techniques  Technical blocking  Search result removal  Take-Down  Self-Censorship ►

Forced Internet Filtering Thomas Mahoney. Internet Filtering ► Techniques  Technical blocking  Search result removal  Take-Down  Self-Censorship ►
Concept Doppler: A weather Tracker For Internet Censorship Author: Jedidiah R. Crandall, Danial Zinn, Michael Byrd, Earl Barr, Rich East Presented At:

Concept Doppler: A weather Tracker For Internet Censorship Author: Jedidiah R. Crandall, Danial Zinn, Michael Byrd, Earl Barr, Rich East Presented At:
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Internet Basics.

Internet Basics.
Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.

Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
Mohammed Saiyeedur Rahman.  E-commerce is buying and selling goods over the internet. This could include selling/buying mobile phones, clothes or DVD’s.

Mohammed Saiyeedur Rahman.  E-commerce is buying and selling goods over the internet. This could include selling/buying mobile phones, clothes or DVD’s.
By: Colby Shifflett Dr. Grossman Computer Science 420 12/01/2009.

By: Colby Shifflett Dr. Grossman Computer Science /01/2009.
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.
Internet Censorship in China By Shipeng Xu. What content is censored? Social networks: Facebook, Twitter, Youtube and Flikr etc. Any news sources contains.

Internet Censorship in China By Shipeng Xu. What content is censored? Social networks: Facebook, Twitter, Youtube and Flikr etc. Any news sources contains.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Similar presentations

Ads by Google