Milad Nasr1, Sadegh Farhang2, Amir Houmansadr1, Jens Grossklags3
1University of Massachusetts Amherst, 2Pennsylvania State University, 3 Technical University of Munich
Enemy At the Gateways: Censorship-Resilient Proxy Distribution Using Game Theory
• Oppression regimes try to stop flow of information by censoring contents, specifically in Internet censorship• There are a lot of censorship circumvention
tools to help the users of such countries• Proxies are the core technique for
circumventions
1
Internet Censorship
2
Censorship Circumvention
CensorBlocked
destination
Proxy
User
Block it!
Limited number of
proxies
DistributorProxy request
Proxy Address
3
Tor Is Blocked in Most Censoring Countries
4
Proxy distribution is an open challenge in censorship
circumvention tools
5
Our goal:Find the optimal assignment between clients and proxies
• Social networks:– Proximax [FC 11], Pass it on [IPTPS 10]
• Solving puzzles: – CAPTCHA, Feamster et al. [PETS 03]
• Theoretical modeling:– rBridge[NDSS 13], Mahdian [Fun with Algorithms.2010 ]
6
Existing ApproachesNot scalable
Orthogonalwith our work
• None of existing methods define how to distribute proxies.
7
Existing Approaches (Cont.)
Which proxyshould I assign to
this user?
• Only consider the simple censoring strategies.
8
Existing Approaches (Cont.)
What we consider asa censoring strategy
But actually…
• A generic framework which can be applied on different censorship circumvention tools• We use game theory to model the problem and find the
best solution• We model the optimal censoring strategy and evaluate our
model against it
9
Our approach
10
How Does It Work?
Users Proxies
We want a stable assignmentsuch that:
No any two users wantto change their proxies and
they get the best proxy under this condition
Each user gets the most desirable proxies
11
How Does It Work? (Cont.)
Users ProxiesUsers history
Uptime
Number of blocked proxies
Location
…
Proxy history
Bandwidth
Number of connected users
Location…
College admissiongame
12
How Does It Work? (Cont.)
Users Proxies
College admissiongame
User (i) utility function for each proxy (x) :Proxy (x) utility function for each user (i) :
We use a customized Gale-Shapley algorithm to find
equilibrium assignment between proxies and users
• Proxy (!):– Number of users who know the proxy – Number of users connected to the
proxy – Total time utilization of the proxy – Distance from user
13
Suggested metrics• User ("):– Proxy utilization – Blocked proxy usage – Number of requests for new proxy addresses – Number of blocked proxies that a user knows – Distance from proxy
• Censor decides based on the collective information from the agents• Optimal censor increases its users’ utility while
blocking maximum number of proxies:
14
Optimal Censoring Strategy
15
Experiments
15
•We implemented a proxy distribution simulator• The proxy distributor assigns new proxies at the
end of each epoch•We simulated each experiment for 5 years•We used different rates of proxies and users
16
Experimental Setup
17
Our Optimal Censor Is More Powerful
Optimal Censor
Our optimal censor is much stronger than any
other censoring strategy mentioned in
the previous worksDays
18
Comparison to Previous Works
rBridge [NDSS’ 13]
Our approach
We get better
performance against
The same censoring
strategy Days
[NDSS’ 13] "rBridge: User Reputation based Tor Bridge Distribution with Privacy
Preservation."
19
Static Proxy Distribution System
0.50
0.75
1.00
Connected
users(%
)
ρ = 0.05 ρ = 0.10 ρ = 0.50
0
100
200
#Non-blocked
proxies
0.1
0.2
0.3
Non-blocked
proxies(%
)
0 250 500 750 1000 1250 1500 1750Days
0
200
Waittime(day)
No matter how dumb is the censor we should always add new proxies to
the system.Days
Less censoring agents
20
Different Settings and Scenarios 0.0
0.5
1.0
Conn
ecte
dus
ers(
%)
µ s = 10.00,λs = 1.00 µ s = 10.00,λs = 2.00 µ s = 10.00,λs = 3.00
0.2
0.4
0.6
Unb
lock
edpr
oxie
s(%
)
0 250 500 750 1000 1250 1500 1750Days
0
50
100
150
Wai
ttim
e(d
ay)
0.00
0.25
0.50
0.75
1.00
Conn
ecte
dus
ers
(%)
Aggressive ConservativeConnectedc
0.0
0.1
0.2
0.3
0.4
Non
-blo
cked
prox
ies
(%)
0 250 500 750 1000 1250 1500 1750Days
0
100
200
Wai
ttim
e(d
ay)
Optimal-Blocker Optimal-Surveillor
0.00
0.25
0.50
0.75
Connected
users(%
)
(’balanced’, ’kind’) (’balanced’, ’strict’)
0.00
0.05
0.10
0.15
0.20
Non-blocked
proxies(%
)
0 250 500 750 1000 1250 1500 1750Days
0
100
200
Waittime(day)
0.0
0.5
1.0
Connected
users(%
)
Circumscribed Omnipresent
0.00
0.05
0.10
0.15
0.20
Non-blocked
proxies(%
)
0 250 500 750 1000 1250 1500 1750Days
0
100
200
Waittime(day)
0.0
0.5
1.0
Connected
users(%
)
µs = 10.00,λs = 1.00 µs = 10.00,λs = 2.00 µs = 10.00,λs = 3.00
0.5
1.0
Non-blocked
proxies(%
)
0 250 500 750 1000 1250 1500 1750Days
0
50
100
150
Waittime(day)
0.0
0.5
1.0
Conn
ecte
dus
ers
(%)
µ s = 10.00,λs = 1.00µ s = 10.00,λs = 2.00
µ s = 10.00,λs = 3.00 µ s = 10.00,λs = 5.00
0.00
0.25
0.50
0.75
1.00
Non
-blo
cked
prox
ies
(%)
0 250 500 750 1000 1250 1500 1750Days
0
100
200
Wai
ttim
e(d
ay)
0.0
0.5
1.0
Conn
ecte
dus
ers
(%)
µ s = 20.00,λs = 1.00µ s = 20.00,λs = 3.00
µ s = 20.00,λs = 5.00 µ s = 20.00,λs = 7.50
0.00
0.25
0.50
0.75
1.00
Non
-blo
cked
prox
ies
(%)
0 250 500 750 1000 1250 1500 1750Days
0
100
200
300
Wai
ttim
e(d
ay)
0.00
0.25
0.50
0.75
Connected
users(%
)
(’balanced’, ’kind’) (’balanced’, ’strict’)
0.00
0.05
0.10
0.15
0.20
Non-blocked
proxies(%
)
0 250 500 750 1000 1250 1500 1750Days
0
100
200
Waittime(day)
• Proxy distribution is a core problem in censorship circumvention tools• We used game theory to model the problem and derive the
optimal answers• We show the performance of the system against the optimal
censoring strategy
21
Summary
COMPUTING FOR THE COMMON GOOD
Milad [email protected]
https://people.cs.umass.edu/~milad/ | @srxzr
Massbrowser.cs.umass.edu@massbrowserJoin us!
24
How Does It Work? (Cont.)
Users Proxies