Abstract
Deep packet inspection technology became a cornerstone of Internet censorship by facilitating cheap and effective filtering of what censors consider undesired information. Moreover, filtering is not limited to simple pattern matching but makes use of sophisticated techniques such as active probing and protocol classification to block access to popular circumvention tools such as Tor. In this paper, we propose ScrambleSuit; a thin protocol layer above TCP whose purpose is to obfuscate the transported application data. By using morphing techniques and a secret exchanged out-of-band, we show that ScrambleSuit can defend against active probing and other fingerprinting techniques such as protocol classification and regular expressions. We finally demonstrate that our prototype exhibits little overhead and enables effective and lightweight obfuscation for application layer protocols.
Original language | English |
---|---|
Title of host publication | WPES 2013 - Proceedings of the 2013 ACM Workshop on Privacy in the Electronic Society, Co-located with CCS 2013 |
Pages | 213-224 |
Number of pages | 12 |
DOIs | |
Publication status | Published - 2013 |
Event | Workshop on Privacy in the Electronic Society - Berlin, Germany Duration: 4 Nov 2013 → 4 Nov 2013 http://wpes2013.di.unimi.it |
Publication series
Name | Proceedings of the ACM Conference on Computer and Communications Security |
---|---|
ISSN (Print) | 1543-7221 |
Conference
Conference | Workshop on Privacy in the Electronic Society |
---|---|
Country/Territory | Germany |
City | Berlin |
Period | 04.11.2013 → 04.11.2013 |
Internet address |
Keywords
- active probing
- bridge
- censorship
- circumvention
- pluggable transport
- tor
- traffic analysis