pith. sign in

arxiv: 2606.08886 · v1 · pith:F46B6XBCnew · submitted 2026-06-08 · 💻 cs.CR · cs.NI

Block-A-Mole: The Sustainability Frontier of Moving-Target Censorship Resistance

Pith reviewed 2026-06-27 16:44 UTC · model grok-4.3

classification 💻 cs.CR cs.NI
keywords moving-target circumventioncensorship resistancedomain burn rateFlipIt gamesustainability frontiercontinuous-time timing gamecollateral-bounded adversaryavailability law
0
0 comments X

The pith

Address rotation alone cannot sustain high availability when the domain burn rate exceeds one.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper models censor-defender interactions in moving-target circumvention as a continuous-time timing game over a combinatorial address-domain space. It derives a closed-form availability law governed by the domain burn rate β, defined as the ratio of the censor's domain discovery rate to the defender's introduction rate. The analysis proves that when β exceeds 1, high availability becomes impossible regardless of how quickly endpoints rotate across cloud addresses. This establishes a sustainability frontier β* that separates configurations a censor can defeat from those it cannot. The result shifts the operating condition from raw rotation speed to keeping domain introduction ahead of discovery.

Core claim

The central claim is that moving-target censorship resistance has a sustainability frontier β* determined by the domain burn rate β = λ_disc / λ_intro. Under the Great Firewall's 2024 domain-based blocking of QUIC and TLS, address rotation cannot maintain high availability when β > 1 no matter the rotation speed. The model generalizes FlipIt to a collateral-bounded adversary and yields an availability law whose phase transition at β* is reproduced in simulation across GFW, TSPU, and Iran adversary profiles, including robustness to state-dependent discovery and bursty burns.

What carries the argument

The continuous-time timing game over combinatorial address-domain space that generalizes FlipIt to a collateral-bounded adversary, with domain burn rate β as the governing ratio.

If this is right

  • When β > 1 availability collapses irrespective of endpoint rotation speed.
  • Under domain-based blocking the binding constraint is domain economy, not address rotation rate.
  • The phase transition at β* appears under GFW, TSPU, and Iran profiles in the open simulator.
  • Robustness holds against state-dependent discovery and provider-correlated bursty burns.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • Defenders gain more by increasing domain introduction rate than by accelerating endpoint rotation when β approaches or exceeds one.
  • The same β-ratio framing may apply to other moving-target systems that rely on discoverable resource pools.
  • Real deployments could test the frontier by deliberately varying introduction and discovery rates while measuring availability.

Load-bearing premise

The censor-defender interaction can be modeled as a continuous-time timing game over a combinatorial address-domain space.

What would settle it

A measurement or simulation run in which availability remains high for β > 1 under the paper's modeled adversary profiles and collateral bounds would falsify the frontier claim.

Figures

Figures reproduced from arXiv: 2606.08886 by Anindya Maiti.

Figure 1
Figure 1. Figure 1: Address blocking is a losing strategy. Denial probability [PITH_FULL_IMAGE:figures/full_fig_p008_1.png] view at source ↗
Figure 2
Figure 2. Figure 2: The sustainability frontier. (α, T)-availability vs. the domain burn rate β = λdisc/λintro, for domain buffers kmax ∈ {4, 8, 16, 32}. Availability collapses once β crosses the frontier β ⋆ ≤ 1, and a larger domain buffer moves β ⋆ toward 1 and sharpens the transition. The dotted line is the (α, T) target and the dashed vertical marks β = 1. 8.3. The Cost of a Rotation-Only Strategy Pricing the conventional… view at source ↗
Figure 3
Figure 3. Figure 3: Rotation speed is not the lever. Availability over the [PITH_FULL_IMAGE:figures/full_fig_p009_3.png] view at source ↗
Figure 4
Figure 4. Figure 4: Longer sessions tighten the interval frontier (dotted line [PITH_FULL_IMAGE:figures/full_fig_p010_4.png] view at source ↗
Figure 5
Figure 5. Figure 5: Robustness analyses, showing the frontier is not an artifact of the constant-rate assumption (dotted line [PITH_FULL_IMAGE:figures/full_fig_p011_5.png] view at source ↗
Figure 6
Figure 6. Figure 6: Closed-form time-average frontier β ⋆ avg (Theorem 3) over the (n, kmax) grid (α = 0.95) under three adversary profiles. Blank cells are configurations whose address factor is below α (no β suffices). β ⋆ avg increases with redundancy n and buffer kmax and saturates near 1. The faster-discovery GFW and Iran profiles demand more redundancy (no sustainable β at n = 2), and above n ≥ 4 the frontier is adversa… view at source ↗
Figure 8
Figure 8. Figure 8: The domain-economy operating recipe. Minimum fresh-domain [PITH_FULL_IMAGE:figures/full_fig_p012_8.png] view at source ↗
read the original abstract

Internet censorship affects over four billion people, and deployed circumvention systems share a common weakness: their endpoints are fixed and discoverable, so a patient censor can enumerate and block them. Moving-target circumvention systems instead rotate endpoints across commercial cloud address space faster than censors can react, but the field lacks a theory of when rotation works, leaving rotation intervals and pool sizes to intuition. We give the first formal account of moving-target censorship resistance by modeling the censor-defender interaction as a continuous-time timing game over a combinatorial address-domain space, generalizing FlipIt to a collateral-bounded adversary. We prove a sustainability frontier separating configurations a censor can defeat from those it cannot, and show that under the Great Firewall's 2024 shift to blocking QUIC and TLS by domain, raw rotation speed is not the binding constraint. Instead, availability is governed by the domain burn rate, $\beta=\lambda_{\mathrm{disc}}/\lambda_{\mathrm{intro}}$, the ratio between how quickly the censor blocks defender domains and how quickly the defender introduces fresh ones. We derive a closed-form availability law, prove that address rotation alone cannot sustain high availability when $\beta>1$ regardless of endpoint rotation speed, and characterize the frontier $\beta^\star$. We validate the analysis with an open, model-level censor-defender simulator requiring no privileged access or cloud deployment. The simulator reproduces the predicted phase transition at $\beta^\star$ under adversary profiles representative of the GFW, Russia's TSPU, and Iran, and shows robustness to state-dependent discovery and bursty, provider-correlated burns. The result replaces the heuristic of ``rotate faster'' with a precise operating condition: keeping the domain economy ahead of the censor.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

0 major / 0 minor

Summary. The manuscript models the censor-defender interaction in moving-target circumvention as a continuous-time timing game that generalizes FlipIt to a collateral-bounded adversary over a combinatorial address-domain space. It derives a closed-form availability law governed by the domain burn rate β = λ_disc / λ_intro, proves that address rotation alone cannot sustain high availability when β > 1 regardless of endpoint rotation speed, characterizes the sustainability frontier β*, and validates the phase transition and robustness properties via an open model-level simulator under GFW, TSPU, and Iran-like adversary profiles, including checks for state-dependent discovery and bursty burns.

Significance. If the derivations and simulator validation hold, the work supplies the first formal theory replacing the heuristic of 'rotate faster' with a precise operating condition on the relative rates of domain introduction and discovery. The open simulator, reproducibility of the predicted phase transition, and robustness results constitute concrete strengths that could guide circumvention system design.

Simulated Author's Rebuttal

0 responses · 0 unresolved

We thank the referee for their positive summary of the manuscript, recognition of its contributions on the sustainability frontier and closed-form availability law, and recommendation to accept. We are gratified that the modeling approach, phase-transition results, and simulator validation were viewed as strengths.

Circularity Check

0 steps flagged

No significant circularity; derivation self-contained in generalized timing game

full rationale

The paper constructs a continuous-time timing game that generalizes the external FlipIt model to a collateral-bounded adversary over a combinatorial address-domain space. β is introduced as an explicit model parameter (λ_disc/λ_intro ratio), after which the availability law and β* frontier are derived as mathematical consequences of the game rules. This is ordinary deductive modeling rather than any self-definitional loop, fitted-input prediction, or self-citation chain. The simulator validation and robustness checks operate outside the derivation itself. No load-bearing step reduces to its own inputs by construction.

Axiom & Free-Parameter Ledger

0 free parameters · 1 axioms · 0 invented entities

The central claim rests on the continuous-time game model and the definition of β from the two rate parameters; no free parameters are fitted to data in the abstract, and no new physical entities are postulated.

axioms (1)
  • domain assumption Censor-defender interaction is a continuous-time timing game over combinatorial address-domain space with collateral-bounded adversary
    Explicitly stated as the modeling choice that generalizes FlipIt.

pith-pipeline@v0.9.1-grok · 5840 in / 1251 out tokens · 28617 ms · 2026-06-27T16:44:13.884084+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Reference graph

Works this paper leans on

110 extracted references · 1 linked inside Pith

  1. [1]

    Freedom on the net 2024: The struggle for trust online,

    Freedom House, “Freedom on the net 2024: The struggle for trust online,” https://freedomhouse.org/report/freedom-net, 2024

  2. [2]

    How the Great Firewall of China detects and blocks fully encrypted traffic,

    M. Wu, J. Sippe, D. Sivakumar, J. Burg, P. Anderson, X. Wang, K. Bock, A. Houmansadr, D. Levin, and E. Wustrow, “How the Great Firewall of China detects and blocks fully encrypted traffic,” in USENIX Security Symposium , 2023

  3. [3]

    How China detects and blocks Shadowsocks,

    Alice, Bob, Carol, J. Beznazwy, and A. Houmansadr, “How China detects and blocks Shadowsocks,” in ACM Internet Measurement Conference (IMC), 2020

  4. [4]

    Exposing and circumventing SNI-based QUIC censorship of the Great Firewall of China,

    A. Zohaib, Q. Zao, J. Sippe, A. Alaraj, A. Houmansadr, Z. Du- rumeric, and E. Wustrow, “Exposing and circumventing SNI-based QUIC censorship of the Great Firewall of China,” in 34th USENIX Security Symposium, 2025

  5. [5]

    Throttling Twitter: An emerg- ing censorship technique in Russia,

    D. Xue, R. Ramesh, ValdikSS, L. Evdokimov, A. Viktorov, A. Jain, E. Wustrow, S. Basso, and R. Ensafi, “Throttling Twitter: An emerg- ing censorship technique in Russia,” in ACM Internet Measurement Conference (IMC), 2021

  6. [6]

    Internet censorship in Iran: A first look,

    S. Aryan, H. Aryan, and J. A. Halderman, “Internet censorship in Iran: A first look,” in USENIX Workshop on Free and Open Communications on the Internet (FOCI) , 2013

  7. [7]

    Detecting and evading censorship-in-depth: A case study of Iran’s protocol whitelister,

    K. Bock, Y . Fax, K. Reese, J. Singh, and D. Levin, “Detecting and evading censorship-in-depth: A case study of Iran’s protocol whitelister,” in USENIX Workshop on Free and Open Communica- tions on the Internet (FOCI) , 2020

  8. [8]

    Tor: The second- generation onion router,

    R. Dingledine, N. Mathewson, and P. Syverson, “Tor: The second- generation onion router,” in USENIX Security Symposium , 2004

  9. [9]

    Pluggable transports,

    The Tor Project, “Pluggable transports,” https://www.torproject.org/ docs/pluggable-transports.html, 2024

  10. [10]

    Blocking-resistant communication through domain fronting,

    D. Fifield, C. Lan, R. Hynes, P. Wegmann, and V . Paxson, “Blocking-resistant communication through domain fronting,” in Proceedings on Privacy Enhancing Technologies (PoPETs) , 2015

  11. [11]

    Snowflake, a censorship circumvention system using temporary WebRTC proxies,

    C. Bocovich, A. Breault, D. Fifield, Serene, and X. Wang, “Snowflake, a censorship circumvention system using temporary WebRTC proxies,” in 33rd USENIX Security Symposium , 2024

  12. [12]

    Conjure: Summoning proxies from unused address space,

    S. Frolov, J. Wampler, S. C. Tan, J. A. Halderman, N. Borisov, and E. Wustrow, “Conjure: Summoning proxies from unused address space,” in ACM SIGSAC Conference on Computer and Communi- cations Security (CCS) , 2019

  13. [13]

    Extensive analysis and large-scale empirical evaluation of Tor bridge discov- ery,

    Z. Ling, J. Luo, W. Yu, X. Fu, D. Xuan, and W. Jia, “Extensive analysis and large-scale empirical evaluation of Tor bridge discov- ery,” IEEE/ACM Transactions on Networking , vol. 23, no. 5, pp. 1681–1693, 2015

  14. [14]

    SpotProxy: Rediscovering the cloud for censorship circumvention,

    P. T. J. Kon, S. Kamali, J. Pei, D. Barradas, A. Chen, M. Sherr, and M. Yung, “SpotProxy: Rediscovering the cloud for censorship circumvention,” in 33rd USENIX Security Symposium , 2024

  15. [15]

    NetShuffle: Circumventing censorship with shuffle proxies at the edge,

    P. T. J. Kon, A. Gattani, D. Saharia, T. Cao, D. Barradas, A. Chen, M. Sherr, and B. E. Ujcich, “NetShuffle: Circumventing censorship with shuffle proxies at the edge,” in 45th IEEE Symposium on Security and Privacy (S&P) , 2024

  16. [16]

    Cen- sorLess: Cost-efficient censorship circumvention through serverless cloud functions,

    D. Kang, J. Sheffey, M. Wu, P. Datta, and A. Houmansadr, “Cen- sorLess: Cost-efficient censorship circumvention through serverless cloud functions,” inProceedings on Privacy Enhancing Technologies (PoPETs), 2026

  17. [17]

    NinjaDoH: A censorship-resistant moving target DoH server using hyperscalers and IPNS,

    S. Seidenberger, M. Beret, R. Wijewickrama, M. Jadliwala, and A. Maiti, “NinjaDoH: A censorship-resistant moving target DoH server using hyperscalers and IPNS,” inWorkshop on Measurements, Attacks, and Defenses for the Web (MADWeb), co-located with NDSS, 2026

  18. [18]

    IPFS – content addressed, versioned, P2P file system,

    J. Benet, “IPFS – content addressed, versioned, P2P file system,” arXiv preprint arXiv:1407.3561 , 2014

  19. [19]

    FlipIt: The game of “stealthy takeover

    M. van Dijk, A. Juels, A. Oprea, and R. L. Rivest, “FlipIt: The game of “stealthy takeover”,” Journal of Cryptology , vol. 26, no. 4, pp. 655–713, 2013

  20. [20]

    Optimal timing of moving target defense: A stackelberg game model,

    H. Li and Z. Zheng, “Optimal timing of moving target defense: A stackelberg game model,” in IEEE Military Communications Conference (MILCOM), 2019

  21. [21]

    SoK: Towards grounding censorship circumvention in empiricism,

    M. C. Tschantz, S. Afroz, Anonymous, and V . Paxson, “SoK: Towards grounding censorship circumvention in empiricism,” in IEEE Symposium on Security and Privacy (S&P) , 2016

  22. [22]

    SoK: Making sense of censorship resistance systems,

    S. Khattak, T. Elahi, L. Simon, C. M. Swanson, S. J. Murdoch, and I. Goldberg, “SoK: Making sense of censorship resistance systems,” in Proceedings on Privacy Enhancing Technologies (PoPETs), 2016

  23. [23]

    Infranet: Circumventing web censorship and surveil- lance,

    N. Feamster, M. Balazinska, G. Harfst, H. Balakrishnan, and D. Karger, “Infranet: Circumventing web censorship and surveil- lance,” in USENIX Security Symposium , 2002

  24. [24]

    SkypeMorph: Protocol obfuscation for Tor bridges,

    H. Mohajeri Moghaddam, B. Li, M. Derakhshani, and I. Goldberg, “SkypeMorph: Protocol obfuscation for Tor bridges,” in ACM SIGSAC Conference on Computer and Communications Security (CCS), 2012

  25. [25]

    Protocol misidentification made easy with format-transforming encryption,

    K. P. Dyer, S. E. Coull, T. Ristenpart, and T. Shrimpton, “Protocol misidentification made easy with format-transforming encryption,” in ACM SIGSAC Conference on Computer and Communications Security (CCS), 2013

  26. [26]

    Marionette: A pro- grammable network traffic obfuscation system,

    K. P. Dyer, S. E. Coull, and T. Shrimpton, “Marionette: A pro- grammable network traffic obfuscation system,” in USENIX Security Symposium, 2015

  27. [27]

    The parrot is dead: Observing unobservable network communications,

    A. Houmansadr, C. Brubaker, and V . Shmatikov, “The parrot is dead: Observing unobservable network communications,” in IEEE Symposium on Security and Privacy (S&P) , 2013

  28. [28]

    ScrambleSuit: A polymorphic network protocol to circumvent censorship,

    P. Winter, T. Pulls, and J. Fuss, “ScrambleSuit: A polymorphic network protocol to circumvent censorship,” in ACM Workshop on Privacy in the Electronic Society (WPES) , 2013

  29. [29]

    obfs4 (the obfourscator),

    Y . Angel, “obfs4 (the obfourscator),” Pluggable transport specifica- tion, 2014

  30. [30]

    Seeing through network-protocol obfuscation,

    L. Wang, K. P. Dyer, A. Akella, T. Ristenpart, and T. Shrimpton, “Seeing through network-protocol obfuscation,” in ACM SIGSAC Conference on Computer and Communications Security (CCS) , 2015

  31. [31]

    REALITY: The most censorship-resistant proxy protocol,

    RPRX, “REALITY: The most censorship-resistant proxy protocol,” https://github.com/XTLS/REALITY, 2023

  32. [32]

    Shadowsocks: A fast tunnel proxy,

    Shadowsocks Community, “Shadowsocks: A fast tunnel proxy,” https://shadowsocks.org/, 2024

  33. [33]

    Detecting probe-resistant proxies,

    S. Frolov, J. Wampler, and E. Wustrow, “Detecting probe-resistant proxies,” in Network and Distributed System Security Symposium (NDSS), 2020

  34. [34]

    I want my voice to be heard: IP over voice-over-IP for unobservable censorship circumvention,

    A. Houmansadr, T. J. Riedl, N. Borisov, and A. C. Singer, “I want my voice to be heard: IP over voice-over-IP for unobservable censorship circumvention,” in Network and Distributed System Security Symposium (NDSS) , 2013

  35. [35]

    Poking a hole in the wall: Efficient censorship-resistant Internet communications by parasitizing on WebRTC,

    D. Barradas, N. Santos, L. Rodrigues, and V . Nunes, “Poking a hole in the wall: Efficient censorship-resistant Internet communications by parasitizing on WebRTC,” in ACM SIGSAC Conference on Computer and Communications Security (CCS) , 2020

  36. [36]

    Balboa: Bobbing and weaving around network censorship,

    M. B. Rosen, J. Parker, and A. J. Malozemoff, “Balboa: Bobbing and weaving around network censorship,” in USENIX Security Symposium, 2021

  37. [37]

    Examining how the Great Firewall discovers hidden circumvention servers,

    R. Ensafi, D. Fifield, P. Winter, N. Feamster, N. Weaver, and V . Paxson, “Examining how the Great Firewall discovers hidden circumvention servers,” in ACM Internet Measurement Conference (IMC), 2015

  38. [38]

    Decoy routing: Toward unblockable Internet communication,

    J. Karlin, D. Ellard, A. W. Jackson, C. E. Jones, G. Lauer, D. P. Mankins, and W. T. Strayer, “Decoy routing: Toward unblockable Internet communication,” in USENIX Workshop on Free and Open Communications on the Internet (FOCI) , 2011. 14

  39. [39]

    Telex: Anticensorship in the network infrastructure,

    E. Wustrow, S. Wolchok, I. Goldberg, and J. A. Halderman, “Telex: Anticensorship in the network infrastructure,” in USENIX Security Symposium, 2011

  40. [40]

    Cir- ripede: Circumvention infrastructure using router redirection with plausible deniability,

    A. Houmansadr, G. T. K. Nguyen, M. Caesar, and N. Borisov, “Cir- ripede: Circumvention infrastructure using router redirection with plausible deniability,” in ACM SIGSAC Conference on Computer and Communications Security (CCS) , 2011

  41. [41]

    TapDance: End-to-middle anticensorship without flow blocking,

    E. Wustrow, C. M. Swanson, and J. A. Halderman, “TapDance: End-to-middle anticensorship without flow blocking,” in USENIX Security Symposium, 2014

  42. [42]

    Slitheen: Perfectly imitated decoy routing through traffic replacement,

    C. Bocovich and I. Goldberg, “Slitheen: Perfectly imitated decoy routing through traffic replacement,” in ACM SIGSAC Conference on Computer and Communications Security (CCS) , 2016

  43. [43]

    The waterfall of liberty: Decoy routing circumvention that resists routing attacks,

    M. Nasr, H. Zolfaghari, and A. Houmansadr, “The waterfall of liberty: Decoy routing circumvention that resists routing attacks,” in ACM SIGSAC Conference on Computer and Communications Security (CCS), 2017

  44. [44]

    Running refraction networking for real,

    B. VanderSloot, S. Frolov, J. Wampler, S. C. Tan, I. Simpson, M. Kallitsis, J. A. Halderman, N. Borisov, and E. Wustrow, “Running refraction networking for real,” in Proceedings on Privacy Enhancing Technologies (PoPETs), 2020

  45. [45]

    The use of TLS in censorship circum- vention,

    S. Frolov and E. Wustrow, “The use of TLS in censorship circum- vention,” in Network and Distributed System Security Symposium (NDSS), 2019

  46. [46]

    Turbo Tunnel, a good way to design censorship circumvention protocols,

    D. Fifield, “Turbo Tunnel, a good way to design censorship circumvention protocols,” in USENIX Workshop on Free and Open Communications on the Internet (FOCI) , 2020

  47. [47]

    Psiphon: Beyond borders,

    Psiphon Inc., “Psiphon: Beyond borders,” https://psiphon.ca/, 2024

  48. [48]

    Lantern: Open Internet for everyone,

    Lantern, “Lantern: Open Internet for everyone,” https://lantern.io/, 2024

  49. [49]

    Chipping away at cen- sorship firewalls with user-generated content,

    S. Burnett, N. Feamster, and S. Vempala, “Chipping away at cen- sorship firewalls with user-generated content,” in USENIX Security Symposium, 2010

  50. [50]

    Proximax: Measurement-driven proxy dissemination (short paper),

    D. McCoy, J. A. Morales, and K. Levchenko, “Proximax: Measurement-driven proxy dissemination (short paper),” in Finan- cial Cryptography and Data Security (FC) , 2011

  51. [51]

    rBridge: User reputation based Tor bridge distribution with privacy preservation,

    Q. Wang, Z. Lin, N. Borisov, and N. J. Hopper, “rBridge: User reputation based Tor bridge distribution with privacy preservation,” in Network and Distributed System Security Symposium (NDSS) , 2013

  52. [52]

    Salmon: Robust proxy dis- tribution for censorship circumvention,

    F. Douglas, W. Pan, and M. Caesar, “Salmon: Robust proxy dis- tribution for censorship circumvention,” in Proceedings on Privacy Enhancing Technologies (PoPETs), 2016

  53. [53]

    Lox: Protecting the social graph in bridge distribution,

    L. Tulloch and I. Goldberg, “Lox: Protecting the social graph in bridge distribution,” in Proceedings on Privacy Enhancing Tech- nologies (PoPETs), 2023

  54. [54]

    ENS: Ethereum name service,

    Ethereum Name Service, “ENS: Ethereum name service,” https:// ens.domains, 2017

  55. [55]

    Handshake: A decentralized naming protocol,

    Handshake, “Handshake: A decentralized naming protocol,” https: //handshake.org, 2018

  56. [56]

    An efficient system for non- transferable anonymous credentials with optional anonymity revo- cation,

    J. Camenisch and A. Lysyanskaya, “An efficient system for non- transferable anonymous credentials with optional anonymity revo- cation,” in EUROCRYPT, 2001

  57. [57]

    Private information retrieval,

    B. Chor, O. Goldreich, E. Kushilevitz, and M. Sudan, “Private information retrieval,” Journal of the ACM , vol. 45, no. 6, pp. 965–981, 1998

  58. [58]

    How the Great Firewall of China is blocking Tor,

    P. Winter and S. Lindskog, “How the Great Firewall of China is blocking Tor,” in USENIX Workshop on Free and Open Communi- cations on the Internet (FOCI) , 2012

  59. [59]

    The collateral damage of Internet censorship by DNS injection,

    Anonymous, “The collateral damage of Internet censorship by DNS injection,” ACM SIGCOMM Computer Communication Review , vol. 42, no. 3, 2012

  60. [60]

    Towards a comprehensive picture of the Great Firewall’s DNS censorship,

    ——, “Towards a comprehensive picture of the Great Firewall’s DNS censorship,” in USENIX Workshop on Free and Open Com- munications on the Internet (FOCI) , 2014

  61. [61]

    How great is the Great Firewall? measuring China’s DNS censorship,

    N. P. Hoang, A. A. Niaki, J. Dalek, J. Knockel, P. Lin, B. Marczak, M. Crete-Nishihata, P. Gill, and M. Polychronakis, “How great is the Great Firewall? measuring China’s DNS censorship,” inUSENIX Security Symposium, 2021

  62. [62]

    Decentralized control: A case study of Russia,

    R. Ramesh, R. S. Raman, M. Bernhard, V . Ongkowijaya, L. Ev- dokimov, A. Edmundson, S. Sprecher, M. Ikram, and R. Ensafi, “Decentralized control: A case study of Russia,” in Network and Distributed System Security Symposium (NDSS) , 2020

  63. [63]

    Analysis of country-wide Internet outages caused by censorship,

    A. Dainotti, C. Squarcella, E. Aben, K. C. Claffy, M. Chiesa, M. Russo, and A. Pescap ´e, “Analysis of country-wide Internet outages caused by censorship,” in ACM Internet Measurement Conference (IMC), 2011

  64. [64]

    The #KeepItOn coalition: Documenting internet shut- downs worldwide,

    Access Now, “The #KeepItOn coalition: Documenting internet shut- downs worldwide,” https://www.accessnow.org/campaign/keepiton/, 2024

  65. [65]

    OONI: Open observatory of network interference,

    A. Filast `o and J. Appelbaum, “OONI: Open observatory of network interference,” in USENIX Workshop on Free and Open Communi- cations on the Internet (FOCI) , 2012

  66. [66]

    Censored Planet: An internet-wide, longitudinal censorship observatory,

    R. Sundara Raman, P. Shenoy, K. Kohls, and R. Ensafi, “Censored Planet: An internet-wide, longitudinal censorship observatory,” in ACM SIGSAC Conference on Computer and Communications Secu- rity (CCS), 2020

  67. [67]

    ICLab: A global, longitudinal internet censorship measurement platform,

    A. A. Niaki, S. Cho, Z. Weinberg, N. P. Hoang, A. Razaghpanah, N. Christin, and P. Gill, “ICLab: A global, longitudinal internet censorship measurement platform,” in IEEE Symposium on Security and Privacy (S&P) , 2020

  68. [68]

    Quack: Scalable remote measurement of application- layer censorship,

    B. VanderSloot, A. McDonald, W. Scott, J. A. Halderman, and R. Ensafi, “Quack: Scalable remote measurement of application- layer censorship,” in USENIX Security Symposium , 2018

  69. [69]

    Augur: Internet-wide detection of connectivity disruptions,

    P. Pearce, R. Ensafi, F. Li, N. Feamster, and V . Paxson, “Augur: Internet-wide detection of connectivity disruptions,” in IEEE Sym- posium on Security and Privacy (S&P) , 2017

  70. [70]

    Global measurement of DNS manipulation,

    P. Pearce, B. Jones, F. Li, R. Ensafi, N. Feamster, N. Weaver, and V . Paxson, “Global measurement of DNS manipulation,” inUSENIX Security Symposium, 2017

  71. [71]

    Satellite: Joint analysis of CDNs and network-level interference,

    W. Scott, T. Anderson, T. Kohno, and A. Krishnamurthy, “Satellite: Joint analysis of CDNs and network-level interference,” in USENIX Annual Technical Conference (ATC), 2016

  72. [72]

    Encore: Lightweight measurement of web censorship with cross-origin requests,

    S. Burnett and N. Feamster, “Encore: Lightweight measurement of web censorship with cross-origin requests,” in ACM SIGCOMM , 2015

  73. [73]

    Measuring the deployment of network censorship filters at global scale,

    R. S. Raman, A. Stoll, J. Dalek, R. Ramesh, W. Scott, and R. Ensafi, “Measuring the deployment of network censorship filters at global scale,” in Network and Distributed System Security Symposium (NDSS), 2020

  74. [74]

    Oblivious DNS over HTTPS (ODoH): A practical privacy enhancement to DNS,

    S. Singanamalla, S. Chunhapanya, J. Hoyland, M. Vavru ˇsa, T. Verma, P. Wu, M. Fayed, K. Heimerl, N. Sullivan, and C. A. Wood, “Oblivious DNS over HTTPS (ODoH): A practical privacy enhancement to DNS,” in Proceedings on Privacy Enhancing Technologies (PoPETs), 2021

  75. [75]

    On the importance of encrypted-SNI (ESNI) to censorship circumvention,

    Z. Chai, A. Ghafari, and A. Houmansadr, “On the importance of encrypted-SNI (ESNI) to censorship circumvention,” in USENIX Workshop on Free and Open Communications on the Internet (FOCI), 2019

  76. [76]

    Encrypted client hello (ECH) in censorship circumvention,

    N. Niere, F. Lange, N. Heitmann, and J. Somorovsky, “Encrypted client hello (ECH) in censorship circumvention,” in Free and Open Communications on the Internet (FOCI) , 2025

  77. [77]

    Understanding the impact of encrypted DNS on Internet censorship,

    L. Jin, S. Hao, H. Wang, and C. Cotton, “Understanding the impact of encrypted DNS on Internet censorship,” in The Web Conference (WWW), 2021. 15

  78. [78]

    Measuring the accessibility of domain name encryption and its impact on Internet filtering,

    N. P. Hoang, M. Polychronakis, and P. Gill, “Measuring the accessibility of domain name encryption and its impact on Internet filtering,” in Passive and Active Measurement (PAM) , 2022

  79. [79]

    Deep finger- printing: Undermining website fingerprinting defenses with deep learning,

    P. Sirinam, M. Imani, M. Juarez, and M. Wright, “Deep finger- printing: Undermining website fingerprinting defenses with deep learning,” in ACM SIGSAC Conference on Computer and Commu- nications Security (CCS) , 2018

  80. [80]

    Automated website fingerprinting through deep learn- ing,

    V . Rimmer, D. Preuveneers, M. Juarez, T. Van Goethem, and W. Joosen, “Automated website fingerprinting through deep learn- ing,” in Network and Distributed System Security Symposium (NDSS), 2018

Showing first 80 references.