Files in this item

FilesDescriptionFormat

application/pdf

application/pdfQiyan_Wang.pdf (2MB)
(no description provided)PDF

Description

Title:Robust censorship-resistant communication
Author(s):Wang, Qiyan
Director of Research:Borisov, Nikita
Doctoral Committee Chair(s):Borisov, Nikita
Doctoral Committee Member(s):Nahrstedt, Klara; Gunter, Carl A.; Hopper, Nicholas
Department / Program:Computer Science
Discipline:Computer Science
Degree Granting Institution:University of Illinois at Urbana-Champaign
Degree:Ph.D.
Genre:Dissertation
Subject(s):Censorship circumvention
privacy
security
anonymity
Tor
Abstract:A key challenge in censorship circumvention is being able to direct legitimate users to redirection proxies while preventing censors, posing as insiders, from discovering their addresses and blocking them. In this thesis, we study how to protect and/or design censorship circumvention systems to resist the insider attacks. Tor is one of the most popular censorship circumvention systems; it uses {\it bridges} run by volunteers as proxies to evade censorship. We propose {\it rBridge}--a user reputation system for bridge distribution; it assigns bridges according to the past history of users to limit corrupt users from repeatedly blocking bridges, and employs an introduction-based mechanism to invite new users while resisting Sybil attacks. Our evaluation results show that rBridge provides much stronger protection for bridges than any existing scheme. We also address another important challenge to the bridge distribution---preserving the privacy of users' bridge assignment information, which can be exploited by malicious parties to degrade users' anonymity in anonymous communication. We propose a new framework for censorship-resistant web browsing called {\it CensorSpoofer} that addresses this challenge by exploiting the asymmetric nature of web browsing traffic and making use of IP spoofing. CensorSpoofer de-couples the upstream and downstream channels, using a low-bandwidth indirect channel for delivering outbound requests (URLs) and a high-bandwidth direct channel for downloading web content. The upstream channel hides the request contents using steganographic encoding within Email or instant messages, whereas the downstream channel uses IP address spoofing so that the real address of the proxies is not revealed either to legitimate users or censors. We built a proof-of-concept prototype that uses encrypted VoIP for this downstream channel and demonstrated the feasibility of using the CensorSpoofer framework in a realistic environment.
Issue Date:2013-08-22
URI:http://hdl.handle.net/2142/45417
Rights Information:Copyright 2013 Qiyan Wang
Date Available in IDEALS:2013-08-22
Date Deposited:2013-08


This item appears in the following Collection(s)

Item Statistics