Automating Evasion

Researchers and censoring regimes have long engaged in a cat-and-mouse game, leading to increasingly sophisticated Internet-scale censorship techniques and methods to evade them. In this work, we take a drastic departure from the previously manual evade/detect cycle by developing techniques to automate the discovery of censorship evasion strategies.

Our Approach

We developed Geneva (Genetic Evasion), a novel experimental genetic algorithm that evolves packet-manipulation-based censorship evasion strategies against nation-state level censors. Geneva re-derived virtually all previously published evasion strategies, and has discovered new ways of circumventing censorship in China, India, Iran, and Kazakhstan.

How it works

Geneva runs exclusively on one side of the connection: it does not require a proxy, bridge, or assistance from outside the censoring regime. It defeats censorship by modifying network traffic on the fly (by injecting traffic, modifying packets, etc) in such a way that censoring middleboxes are unable to interfere with forbidden connections, but without otherwise affecting the flow. Since Geneva works at the network layer, it can be used with any application; with Geneva running in the background, any web browser can become a censorship evasion tool. Geneva cannot be used to circumvent blocking of IP addresses.

Geneva composes four basic packet-level actions (drop, duplicate, fragment, tamper) together to represent censorship evasion strategies. By running directly against real censors, Geneva’s genetic algorithm evolves strategies that evade the censor.

Real World Deployments

Geneva has been deployed against real-world censors in China, India, Iran, and Kazahkstan. It has discovered dozens of strategies to defeat censorship, and found previously unknown bugs in censors.

All of these strategies and Geneva’s strategy engine and are open source: check them out on our Github page.

Learn more about how we designed and built Geneva here.

Who We Are

This project is done by students in Breakerspace, a lab at the University of Maryland dedicated to scaling-up undergraduate research in computer and network security.

This work is supported by the Open Technology Fund and the National Science Foundation.

Contact Us

Interested in working with us, learning more, getting Geneva running in your country, or incorporating some of Geneva’s strategies into your tool?

The easiest way to reach us is by email.

  • Dave: dml (at) cs.umd.edu (PGP key here)
  • Kevin: kbock (at) terpmail.umd.edu (PGP key here)

Recent Posts

Posts

Geneva Code Release

We’re excited to announce the full code base of Geneva is now public! Click to read more about the code, how to use it, and why we are releasing it.
read more
Posts

Geneva @ OONI Internet Measurement Village

Tune in to our talk with the OONI Internet Measurement Village!
read more
Posts

Iran: A New Model for Censorship

Ahead of its February 21st elections and amidst the chaos of COVID-19, Iran quietly deployed a second censorship system: a protocol whitelister. Click read more to learn about how the protocol whitelister works and how we can circumvent it.
read more