CRII: SaTC: New Side-Channel Techniques in Support of Global Monitoring for Network Disruptions

CRII：SaTC：支持全球网络中断监控的新侧通道技术

• 批准号: 1755841
• 负责人: Roya Ensafi
• 金额: $ 17.5万
• 依托单位: Regents of the University of Michigan - Ann Arbor
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2018
• 资助国家: 美国
• 起止时间: 2018-02-01 至 2020-01-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1755841&HistoricalAwards=false
• 关键词: CRII; SaTC; New; Side; Channel

The Internet's size and complexity make it difficult to understand what happens to network packets as they travel from source to destination. Internet service providers and governments sometimes interfere with users' online activities, further complicating this task. This project advances the scientific understanding of network interference detection by developing new methods to remotely measure the manipulation of Internet traffic, such as attempts to censor, tamper with, and monitor users' online activities. The newly proposed techniques can achieve an unprecedented level of detail about network manipulation around the world. Network interference and censorship harms U.S. economic interests, national security, and the human rights of citizens in censored countries. By working towards a better scientific understanding of the techniques used for detecting and monitoring such interference, this project can defend Internet users from unwarranted network manipulation. Past research has used resources such as PlanetLab, Virtual Private Networks (VPNs), and end-user machines to measure network disruptions. These vantage points scale poorly and have limited geographical coverage. They are difficult to deploy in practice and are unable to continuously collect data. In contrast, systems such as Spooky, Augur, and Iris (developed in the principal investigator's preliminary work) allow measurement systems to infer whether a remote system has network connectivity to another remote system without needing control of either. To do this, these systems exploit features in existing Internet protocols and infrastructure to interact with remote systems, and learn from their responses whether or not they were able to interact with other targeted hosts. These techniques overcome the problems of vantage point location and of recruiting participants.

互联网的规模和复杂性使得很难理解网络数据包从源到目的地的过程中发生了什么。互联网服务提供商和政府有时会干扰用户的在线活动，使这项任务更加复杂。该项目通过开发新方法来远程测量互联网流量的操纵，如试图审查，篡改和监视用户的在线活动，从而推进了对网络干扰检测的科学理解。新提出的技术可以实现世界各地网络操纵的前所未有的细节水平。网络干扰和审查损害了美国的经济利益、国家安全和受审查国家公民的人权。该项目致力于从科学上更好地了解用于检测和监测这种干扰的技术，从而保护互联网用户免遭不正当的网络操纵。 过去的研究使用了PlanetLab、虚拟专用网络（VPN）和最终用户机器等资源来测量网络中断。这些Vantage位置的比例很差，地理覆盖范围有限。它们难以在实践中部署，并且无法持续收集数据。相比之下，Spooky、Augur和Iris等系统（在主要研究者的前期工作中开发）允许测量系统推断远程系统是否与另一个远程系统具有网络连接，而无需控制任何一个系统。为此，这些系统利用现有互联网协议和基础设施中的功能与远程系统进行交互，并从它们的响应中了解它们是否能够与其他目标主机进行交互。这些技术克服了Vantage位置和招募参与者的问题。

项目成果

Quack: Scalable Remote Measurement of Application-Layer Censorship.

Quack：应用层审查的可扩展远程测量。

• 发表时间: 2018
• 期刊: Proceedings of the 27th USENIX Security Symposium
• 作者: VanderSloot, Benjamin;McDonald, Allison;Scott, Will;Halderman, J Alex;Ensafi, Roya
• 通讯作者: Ensafi, Roya

403 Forbidden: A Global View of Geoblocking

403 Forbidden：地理封锁的全球视角

• 发表时间: 2018
• 期刊: Proceedings of the ACM SIGCOMM Internet Measurement Conference
• 作者: McDonald, Allison;Bernhard, Matthew;Valenta, Luke;VanderSloot, Benjamin;Scott, Will;Sullivan, Nick;Halderman, J Alex;Ensafi, Roya
• 通讯作者: Ensafi, Roya

Decentralized Control: A Case Study of Russia

• DOI: 10.14722/ndss.2020.23098
• 发表时间: 2020
• 期刊: Proceedings 2020 Network and Distributed System Security Symposium
• 作者: Reethika Ramesh;R. Raman;Matthew Bernhard;Victor Ongkowijaya;Leonid Evdokimov;A. Edmundson;Steven Sprecher;M. Ikram;Roya Ensafi