Network level surveillance, censorship, and various man-in-the-middle attacks target only specific types of network traffic (e.g., HTTP, HTTPS, VoIP, or Email). Therefore, packets of these types will likely receive "special" treatment by a transit network or a man-in-the-middle attacker. A transit Internet Service Provider (ISP) or an attacker may pass the targeted traffic through special software or equipment to gather data or perform an attack. This creates a measurable difference between the performance of the targeted traffic versus the general case. In networking terms, it violates the principle of "network neutrality," which states that all traffic should be treated equally. Many techniques were designed to detect network neutrality violations, and some have naturally suggested using them to detect surveillance and censorship. In this article, we show that the existing network neutrality measurement techniques can be easily detected and therefore circumvented. We then briefly propose a new approach to overcome the drawbacks of current measurement techniques.
|Journal||ACM Transactions on Intelligent Systems and Technology|
|State||Published - 1 May 2017|
- Adversarial model
ASJC Scopus subject areas
- Theoretical Computer Science
- Artificial Intelligence