BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//project/author//NONSGML v1.0//EN
CALSCALE:GREGORIAN
BEGIN:VEVENT
DTEND:20210730T120000Z
UID:b6c69b0de1e8a14e1a1cc7d28435df5f-183
DTSTAMP:19700101T120014Z
DESCRIPTION:Network Anonymity, Privacy, (Anti-) Censorship and the Whole Nine Yards.
URL;VALUE=URI:https://www.csa.iisc.ac.in/newweb/event/183/network-anonymity-privacy-anti-censorship-and-the-whole-nine-yards/
SUMMARY:In the second decade of the century (circa the Arab Springs of 2011), the Internet is the new battlefield where wars between politicians, media, (h)activists, lawyers and the military, shape the destiny of millions of people. Historically incepted as the ARPANET,  it was engineered to serve as means of communication, even in the face of calamities and wars. Political will often plays antithetical to this very attribute.  For instance, countries like China, Iran and UAE use (homebrewed) firewalling infrastructure to censor web traffic -- sometimes with the pretext of preserving cultural and religious values, at other times to prevent political dissent. No wonder a large body of network censorship measurements focuses on these two countries. While such countries are inherently (constitutionally) undemocratic, free speech over the Internet is, in recent years, being regularly suppressed even in democracies like India. Such evolutions are positioned on concerns otherwise paramount to the preservation of human rights -- e.g., policing child pornography. But state control of communication channels has been abuse to silence dissent, even in India where the supreme court deems freedom of speech on the Internet a fundamental right.
&lt;br&gt;
In this context, it is natural to ask how free and open is the Internet and how robust it is to censorship by countries like India, that in the recent years has evolved a sophisticated censorship infrastructure.
&lt;br&gt;
In this talk I present an overview our work over the years that has focussed on evolution of Indians Internet censorship infrastructure, how it censors traffic (and now apps.), how various ISPs implement it. Further, I also present some research efforts to evade censorship (and also Internet shutdowns/blackouts).
&lt;br&gt;
To begin with we consider the question of whether India might potentially follow the Chinese model and institute a single, government-controlled filter. Our research shows that would not be difficult, as the Indian Internet is quite centralized already. A few key ASes (~ 1% of Indian ASes, i.e.  less than 4) and routers (&lt;5000) collectively intercept approximately 95% of paths to the censored sites and to all publicly-visible DNS resolvers.  Thereafter we conducted an extensive study (first of its kind) involving nine major ISPs of the country in terms of what kind of censorship techniques they use, what triggers them, their consistency and coverage, and how to evade them. Our results indicate a clear disparity among the ISPs, on how widely they install censorship infrastructure. As of 2021, we have extensively explored the evolution of web censorship (HTTPS) along with exactly how Chinese apps are being filtered in the country.

While existing solutions to evade censorship include proxies, VPNs, Tor have been designed primarily for web, while other applications like VoIP (real-time voice) are mostly ignored. As a part of our research we have extensively explored the feasibility of transporting real-time voice (mostly UDP) over Tor (that primarily supports TCP). Prior research deemed Tor to be unsuitable for such purposes. In our research we tried to identify how the interplay of network attributes (delay, jitter, bandwidth etc.) impact performance of VoIP. To our surprise the belief established from prior research seems unfounded.
&lt;br&gt;
However, all such solutions that rely on proxies are prone to being filtered by the ISPs, as these end-points are easily discoverable. Futuristic solutions like Decoy Routing, that rely on routers that could double as â€œsmart proxiesâ€, are resilient to such filtering. They have hitherto relied mostly on commodity servers, and involve wide scale traffic observation, inadvertently posing a threat to the privacy of  users who do not require such services. To that end, we devised a SDN based DR solution, SiegeBreaker, that not only performs at line rates (comparable to native TCP) but also does not require inspection of all network flows, thus preserving the privacy of oblivious users. However, the deployability of such solutions remains a challenge, as it requires support from major top-tier ISPs.
&lt;br&gt;
A third alternative, combining the best of both the above solutions, involves tunnelling Internet traffic over that of various (semi-)real time applications, e.g. Instant Messaging (IM). To that end, we designed and tested a scheme, Camoufler, that utilizes IM channels as-is for transporting traffic. The scheme provides unobservability and good QoS, due to its inherent properties, such as low-latency message transports. Moreover, unlike Decoy Routing, it does not pose new deployment challenges. Performance evaluation of Camoufler, implemented on five popular IM apps indicate that it provides sufficient QoS for web browsing. E.g., the median time to render the homepages of Alexa top-1k sites was recorded to be about 3.6s, when using Camoufler implemented over Signal.
&lt;br&gt;
Finally, I would like to conclude the talk with our new system Dolphin, that emulates old school dial-up modems, sans the ISP support, to relay Internet traffic especially in the face of Internet shutdowns. Dolphins protocol recovers from the losses and errors introduced by the cellular voice medium, while also assuring end-to-end confidentiality. At low data rates (&lt;=64bps), the errors are under 5% and suitable for supporting delay-tolerant applications with acceptable latencies. E.g. a 280 character tweet can be posted in about a minute.
DTSTART:20210730T120000Z
END:VEVENT
END:VCALENDAR