The Efficacy and Real-Time Performance of Refraction Networking

Stephens, Andrew; Hammoudeh, Mohammad

doi:10.1007/978-981-287-251-7_67

The Efficacy and Real-Time Performance of Refraction Networking

Andrew Stephens³ &
Mohammad Hammoudeh³

Reference work entry
First Online: 09 August 2022

1419 Accesses

Abstract

As the global number of internet users grows it becomes an increasingly important medium for communication and the dissemination of information. This has led to a corresponding rise in internet censorship. Most current censorship circumvention methods relay traffic via a host which is susceptible to address-based blocking. Refraction networking seeks to overcome this problem through stations that intercept traffic at the network level. This chapter evaluates current approaches to refraction networking, classifies them according to their architecture, and presents a comparison of their security properties. It finds there are still barriers to wider scale adoption, including performance issues that may impact real-time communication. The analysis shows that more research is needed to determine the viability of refraction networking in a production environment.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 999.00; Price excludes VAT (USA)

Hardcover Book: USD 849.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

S. Belguith, N. Kaaniche, M. Hammoudeh, T. Dargahi, Proud: verifiable privacy-preserving outsourced attribute based signcryption supporting access policy update for cloud assisted IoT applications. Futur. Gener. Comput. Syst. 111, 899–918 (2020)
Article Google Scholar
B. Birtel, C. Rossow, Slitheen++: stealth TLS-based decoy routing, in Free and Open Communications on the Internet, (USENIX, 2020). https://www.usenix.org/system/files/foci20-paper-birtel_0.pdf
Google Scholar
C. Bocovich, I. Goldberg, Slitheen: perfectly imitated decoy routing through traffic replacement, in Computer and Communications Security, (ACM, 2016). https://www.cypherpunks.ca/̃iang/pubs/slitheen-ccs16.pdf
Google Scholar
C. Bocovich, I. Goldberg, Secure asymmetry and deployability for decoy routing systems. Priv. Enhancing Technol. 3, 43–62 (2018). https://www.petsymposium.org/2018/files/papers/issue3/popets-2018-0020.pdf
Article Google Scholar
J. Cesareo, J. Karlin, J. Rexford, M. Schapira, Optimizing the placement of implicit proxies. Technical report, Deptment of Computer Science, Princeton University (2012). http://www.cs.princeton.edu/̃jrex/papers/decoy-routing.pdf
Google Scholar
D. Ellard, A. Jackson, C. Jones, V.U. Manfredi, T. Strayer, B. Thapa, M.V. Welie, Rebound: decoy routing on asymmetric routes via error messages, in Local Computer Networks, (IEEE, 2015). https://www.victoriamanfredi.com/publications/lcn15.pdf
Google Scholar
R. Ensafi, D. Fifield, P. Winter, N. Feamster, N. Weaver, V. Paxson, Examining how the great firewall discovers hidden circumvention servers, in Proceedings of the 2015 Internet Measurement Conference, Association for Computing Machinery, New York, NY, USA, IMC ‘15, (2015), pp. 445–458. https://doi.org/10.1145/2815675.2815690
Chapter Google Scholar
S. Frolov, F. Douglas, W. Scott, A. McDonald, B. VanderSloot, R. Hynes, A. Kruger, M. Kallitsis, D.G. Robinson, S. Schultze, N. Borisov, J.A. Halderman, E. Wustrow, An ISP-scale deployment of TapDance, in Free and Open Communications on the Internet, (USENIX, 2017). https://www.usenix.org/system/files/conference/foci17/foci17-paper-frolov_0.pdf
Google Scholar
S. Frolov, J. Wampler, S.C. Tan, J.A. Halderman, N. Borisov, E. Wustrow, Conjure: summoning proxies from unused address space, in Computer and Communications Security, (ACM, 2019). https://jhalderm.com/pub/papers/conjure-ccs19.pdf
Google Scholar
I. Ghafir, V. Prenosil, M. Hammoudeh, L. Han, U. Raza, Malicious SSL certificate detection: a step towards advanced persistent threat defence, in Proceedings of the International Conference on Future Networks and Distributed Systems, (2017)
Google Scholar
I. Ghafir, V. Prenosil, M. Hammoudeh, T. Baker, S. Jabbar, S. Khalid, S. Jaf, Botdet: a system for real time botnet command and control traffic detection. IEEE Access 6, 38947–38958 (2018)
Article Google Scholar
A. Houmansadr, G.T.K. Nguyen, M. Caesar, N. Borisov, Cirripede: circumvention infrastructure using router redirection with plausible deniability, in Computer and Communications Security, (ACM, 2011), pp. 187–200. https://hatswitch.org/~nikita/papers/cirripede-ccs11.pdf
Google Scholar
A. Houmansadr, E.L. Wong, V. Shmatikov, No direction home: the true cost of routing around decoys, in Proceedings of the Network and Distributed Security Symposium – NDSS ‘14, Internet Society, (2014)
Google Scholar
F. House, Freedom on the net 2020: the pandemic’s digital shadow (2020). https://freedomhouse.org/sites/default/files/2020-10/10122020_FOTN2020_Complete_Report_FINAL.pdf
W. John, M. Dusi, K. Claffy, Estimating routing symmetry on single links by passive flow measurements in Proceedings of the 6th International Wireless Communications and Mobile Computing Conference, Association for Computing Machinery, New York, NY, USA, IWCMC ’10, (2010), pp. 473–478. https://doi.org/10.1145/1815396.1815506
J. Karlin, D. Ellard, A.W. Jackson, C.E. Jones, G. Lauer, D.P. Mankins, W.T. Strayer, Decoy routing: toward unblockable Internet communication, in Free and Open Communications on the Internet, (USENIX, 2011). https://www.usenix.org/legacy/events/foci11/tech/final_files/Karlin.pdf
Google Scholar
B. Leidl, Obfuscated openssh (2010). https://github.com/brl/obfuscated-openssh
V. Manfredi, P. Songkuntham, MultiFlow: cross-connection decoy routing using TLS 1.3 session resumption, in Free and open communications on the Internet, (USENIX, 2018). https://www.usenix.org/system/files/conference/foci18/foci18-paper-manfredi.pdf
Google Scholar
M. Nasr, H. Zolfaghari, A. Houmansadr, The waterfall of liberty: decoy routing circumvention that resists routing attacks, in Computer and Communications Security, (ACM, 2017). https://acmccs.github.io/papers/p2037-nasrA.pdf
Google Scholar
Psiphon, Psiphon: uncensored internet access for windows and mobile (2020). https://psiphon3.com
J. Saleem, M. Hammoudeh, Defense methods against social engineering attacks, in Computer and Network Security Essentials, (Springer, 2018), pp. 603–618
Chapter Google Scholar
M. Schuchard, J. Geddes, C. Thompson, N. Hopper, Routing around decoys, in Proceedings of the 19th ACM Conference on Computer and Communications Security (CCS 2012), (2012)
Google Scholar
P.K. Sharma, D. Gosain, H. Sagar, C. Kumar, A. Dogra, V. Naik, H.B. Acharya, S. Chakravarty, SiegeBreaker: an SDN based practical decoy routing system. Priv. Enhancing Technol. (3), 243–263 (2020). https://petsymposium.org/2020/files/papers/issue3/popets-2020-0051.pdf
B. VanderSloot, S. Frolov, J. Wampler, S.C. Tan, I. Simpson, M. Kallitsis, J.A. Halderman, N. Borisov, E. Wustrow, Running refraction networking for real. Proc. Priv. Enhancing Technol. (4), 321–335 (2020a)
Google Scholar
B. VanderSloot, S. Frolov, J. Wampler, S.C. Tan, I. Simpson, M. Kallitsis, J.A. Halderman, N. Borisov, E. Wustrow, Running refraction networking for real. Priv. Enhancing Technol. (3), 321–335 (2020b). https://petsymposium.org/2020/files/papers/issue4/popets-2020-0073.pdf
S. Walker-Roberts, M. Hammoudeh, O. Aldabbas, M. Aydin, A. Dehghantanha, Threats on the horizon: understanding security threats in the era of cyber-physical systems. J. Supercomput. 76(4), 2643–2664 (2020)
Article Google Scholar
M. Walshe, G. Epiphaniou, H. Al-Khateeb, M. Hammoudeh, V. Katos, A. Dehghantanha, Non-interactive zero knowledge proofs for the authentication of IoT devices in reduced connectivity environments. Ad Hoc Netw. 95, 101988 (2019)
Article Google Scholar
E. Wustrow, S. Wolchok, I. Goldberg, J.A. Halderman, Telex: anticensorship in the network infrastructure, in USENIX Security Symposium, (USENIX, 2011). https://www.usenix.org/event/sec11/tech/full_papers/Wustrow.pdf
Google Scholar
E. Wustrow, C.M. Swanson, J.A. Halderman, Tapdance: end-to-middle anticensorship without flow blocking, in Proceedings of 23rd USENIX Security Symposium (USENIX Security 14), (USENIX Association, San Diego, 2014)
Google Scholar

Download references

Author information

Authors and Affiliations

Manchester Metropolitan University, Manchester, UK
Andrew Stephens & Mohammad Hammoudeh

Authors

Andrew Stephens
View author publications
You can also search for this author in PubMed Google Scholar
Mohammad Hammoudeh
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Andrew Stephens .

Editor information

Editors and Affiliations

School of Computer Science, Queensland University of Technology, Brisbane, QLD, Australia
Yu-Chu Tian
School of Electrical and Information Engineering, The University of Sydney, Sydney, NSW, Australia
David Charles Levy

Section Editor information

La Trobe University, Melbourne, Australia
Naveen Chilamkurti

Rights and permissions

Reprints and permissions

Copyright information

About this entry

Cite this entry

Stephens, A., Hammoudeh, M. (2022). The Efficacy and Real-Time Performance of Refraction Networking. In: Tian, YC., Levy, D.C. (eds) Handbook of Real-Time Computing. Springer, Singapore. https://doi.org/10.1007/978-981-287-251-7_67

Download citation

DOI: https://doi.org/10.1007/978-981-287-251-7_67
Published: 09 August 2022
Publisher Name: Springer, Singapore
Print ISBN: 978-981-287-250-0
Online ISBN: 978-981-287-251-7
eBook Packages: EngineeringReference Module Computer Science and Engineering

Publish with us

Policies and ethics