An increasing number of countries implement Internet censorship at different scales and for a variety of reasons. Several censorship resistance systems (CRSs) have emerged to help bypass such blocks. The diversity of the censor’s attack landscape has led to an arms race, leading to a dramatic speed of evolution of CRSs. The inherent complexity of CRSs and the breadth of work in this area makes it hard to contextualize the censor’s capabilities and censorship resistance strategies. To address these challenges, we conducted a comprehensive survey of CRSs-deployed tools as well as those discussed in academic literature-to systematize censorship resistance systems by their threat model and corresponding defenses. To this end, we first sketch a comprehensive attack model to set out the censor’s capabilities, coupled with discussion on the scope of censorship, and the dynamics that influence the censor’s decision. Next, we present an evaluation framework to systematize censorship resistance systems by their security, privacy, performance and deployability properties, and show how these systems map to the attack model. We do this for each of the functional phases that we identify for censorship resistance systems: communication establishment, which involves distribution and retrieval of information necessary for a client to join the censorship resistance system; and conversation, where actual exchange of information takes place. Our evaluation leads us to identify gaps in the literature, question the assumptions at play, and explore possible mitigations.
If the inline PDF is not rendering correctly, you can download the PDF file here.
 R. M. Bond, C. J. Fariss, J. J. Jones, A. D. Kramer, C. Marlow, J. E. Settle, and J. H. Fowler, “A 61-Million-Person Experiment in Social Influence and Political Mobilization,” Nature, vol. 489, no. 7415, pp. 295-298, 2012.
 N. Eltantawy and J. Wiest, “The Arab Spring | Social Media in the Egyptian Revolution: Reconsidering Resource Mobilization Theory,” International Journal of Communication, vol. 5, no. 0, 2011.
 Freedom House, “Freedom in the World 2016.” https://freedomhouse.org/report/freedom-world/freedom-world-2016, 2016.
 T. Elahi, C. M. Swanson, and I. Goldberg, “Slipping Past the Cordon: A Systematization of Internet Censorship Resistance.” CACR Tech Report 2015-10, Aug. 2015.
 S. Khattak, L. Simon, and S. J. Murdoch, “Systemization of Pluggable Transports for Censorship Resistance.” http://arxiv.org/pdf/1412.7448v1.pdf, 2014.
 M. C. Tschantz, S. Afroz, D. Fifield, and V. Paxson, “SoK: Towards Grounding Censorship Circumvention in Empiricism,” in Proceedings of the IEEE Symposium on Security and Privacy, 2016.
 R. Clayton, “Failures in a Hybrid Content Blocking System,” in Privacy Enhancing Technologies, (Cambridge, England), pp. 78-92, Springer, 2006.
 A. Dainotti, A. Pescape, and K. Claffy, “Issues and Future Directions in Traffic Classification,” IEEE Network, vol. 26, pp. 35-40, Jan 2012.
 R. Sommer and V. Paxson, “Outside the Closed World: On Using Machine Learning For Network Intrusion Detection,” in In Proceedings of the IEEE Symposium on Security and Privacy, 2010.
 P. Dorfinger, G. Panholzer, and W. John, “Entropy Estimation for Real-Time Encrypted Traffic Identification,” in Traffic Monitoring and Analysis, vol. 6613 of Lecture Notes in Computer Science, pp. 164-171, Springer Berlin Heidelberg, 2011.
 L. Bernaille and R. Teixeira, “Early Recognition of Encrypted Applications,” in Proceedings of the 8th International Conference on Passive and Active Network Measurement, PAM’07, (Berlin, Heidelberg), pp. 165-175, Springer- Verlag, 2007.
 C. V. Wright, F. Monrose, and G. M. Masson, “On Inferring Application Protocol Behaviors in Encrypted Network Traffic,” J. Mach. Learn. Res., vol. 7, pp. 2745-2769, Dec. 2006.
 B. Wiley, “Blocking-Resistant Protocol Classification Using Bayesian Model Selection,” tech. rep., University of Texas at Austin, 2011.
 B. Wiley, “Dust: A Blocking-Resistant Internet Transport Protocol,” tech. rep., School of Information, University of Texas at Austin, 2011.
 A. Panchenko, L. Niessen, A. Zinnen, and T. Engel, “Website Fingerprinting in Onion Routing Based Anonymization Networks,” in Proceedings of the Workshop on Privacy in the Electronic Society (WPES), ACM, Oct. 2011.
 Q. Sun, D. R. Simon, Y.-M. Wang, W. Russell, V. N. Padmanabhan, and L. Qiu, “Statistical Identification of Encrypted Web Browsing Traffic,” in Proceedings of the IEEE Symposium on Security and Privacy, May 2002.
 A. Hintz, “Fingerprinting Websites Using Traffic Analysis,” in Proceedings of Privacy Enhancing Technologies workshop (PET), Springer-Verlag, LNCS 2482, Apr. 2002.
 G. D. Bissias, M. Liberatore, and B. N. Levine, “Privacy Vulnerabilities in Encrypted HTTP Streams,” in Proceedings of Privacy Enhancing Technologies workshop (PET), pp. 1-11, May 2005.
 T. Wilde, “Great Firewall Tor Probing.” https://gist.github.com/da3c7a9af01d74cd7de7, Nov. 2015.
 ONI, “China’s Green Dam: The Implications of Government Control Encroaching on the Home PC.” https://opennet.net/chinas-green-dam-the-implicationsgovernment-control-encroaching-home-pc.
 J. Knockel, J. R. Crandall, and J. Saia, “Three Researchers, Five Conjectures: An Empirical Analysis of TOM-Skype Censorship and Surveillance,” in Free and Open Communications on the Internet, (San Francisco, CA, USA), USENIX, 2011.
 T. Elahi, K. Bauer, M. AlSabah, R. Dingledine, and I. Goldberg, “Changing of the Guards: A Framework for Understanding and Improving Entry Guard Selection in Tor,” in Proceedings of the ACM Workshop on Privacy in the Electronic Society, pp. 43-54, ACM, 2012.
 A. Biryukov, I. Pustogarov, and R.-P. Weinmann, “Trawling for Tor Hidden Services: Detection, Measurement, Deanonymization,” in Proceedings of the IEEE Symposium on Security and Privacy, May 2013.
 A. Johnson, C. Wacek, R. Jansen, M. Sherr, and P. Syverson, “Users Get Routed: Traffic Correlation on Tor by Realistic Adversaries,” in Proceedings of the 20th ACM conference on Computer and Communications Security, Nov. 2013.
 R. Dingledine, N. Hopper, G. Kadianakis, and N. Mathewson, “One Fast Guard for Life (or 9 Months),” in 7th Workshop on Hot Topics in Privacy Enhancing Technologies, 2014.
 T. Zhu, D. Phipps, A. Pridgen, J. R. Crandall, and D. S. Wallach, “The Velocity of Censorship: High-Fidelity Detection of Microblog Post Deletions,” in Proceedings of the 22nd USENIX Security Symposium, USENIX, 2013.
 R. Rife, “Opinion: The Chilling Reality of China’s Cyberwar on Free Speech.” CNN (U.S. Edition), http://www.cnn.com/2015/03/24/opinions/china-internet-dissent-roseann-rife/, Mar. 2015.
 D. Bamman and B. O’Connor and N. Smith, “Censorship and deletion practices in Chinese social media.” http://journals.uic.edu/ojs/index.php/fm/article/view/3943/3169, Nov. 2015.
 T. Zhu, D. Phipps, A. Pridgen, J. R. Crandall, and D. S. Wallach, “The Velocity of Censorship: High-fidelity Detection of Microblog Post Deletions,” in Proceedings of the 22Nd USENIX Conference on Security, (Berkeley, CA, USA), pp. 227-240, USENIX Association, 2013.
 Journalism and Media Studies Centre, “Weiboscope.” http://weiboscope.jmsc.hku.hk, Nov. 2015.
 K. Fisher, “The Death of SuprNova.org.” Ars Technica, http://arstechnica.com/staff/2005/12/2153/, Dec. 2005.
 D. Goodin, “Massive denial-of-service attack on GitHub tied to Chinese government.” Ars Technica, http://arstechnica.com/security/2015/03/massive-denial-of-service-attack-ongithub-tied-to-chinese-government/, Mar. 2015.
 C. Anderson, “Dimming the Internet: Detecting Throttling as a Mechanism of Censorship in Iran,” tech. rep., University of Pennsylvania, 2013.
 “HTTP URL/keyword detection in depth.” http://gfwrev.blogspot.jp/2010/03/http-url.html, 2010.
 P. Winter and S. Lindskog, “How the Great Firewall of China is Blocking Tor,” in Free and Open Communications on the Internet, (Bellevue, WA, USA), USENIX, 2012.
 Renesys, “http://research.dyn.com/2013/08/myanmarinternet/,” Aug. 2013.
 Anonymous, “The Collateral Damage of Internet Censorship by DNS Injection,” SIGCOMM Comput. Commun. Rev., vol. 42, pp. 21-27, June 2012.
 R. Dingledine, N. Mathewson, and P. Syverson, “Tor: The Second-Generation Onion Router,” in Proceedings of the 13th USENIX Security Symposium, Aug. 2004.
 P. Winter, T. Pulls, and J. Fuss, “ScrambleSuit: A Polymorphic Network Protocol to Circumvent Censorship,” in Proceedings of the Workshop on Privacy in the Electronic Society, ACM, Nov. 2013.
 M. C. Tschantz, S. Afroz, V. Paxson, and J. D. Tygar, “On Modeling the Costs of Censorship.” arXiv preprint, http://arxiv.org/pdf/1409.3211v1.pdf, 2014.
 D. Fifield, N. Hardison, J. Ellithorpe, E. Stark, R. Dingledine, P. Porras, and D. Boneh, “Evading Censorship with Browser-Based Proxies,” in Privacy Enhancing Technologies Symposium, (Vigo, Spain), pp. 239-258, Springer, 2012.
 P. Lincoln, I. Mason, P. Porras, V. Yegneswaran, Z. Weinberg, J. Massar, W. A. Simpson, P. Vixie, and D. Boneh, “Bootstrapping Communications into an Anti-Censorship System,” in Proceedings of the USENIX Workshop on Free and Open Communications on the Internet, Aug. 2012.
 The Tor Project, “Tor Bridges Specification.” https://gitweb.torproject.org/torspec.git/tree/attic/bridges-spec.txt, May 2009.
 N. Feamster, M. Balazinska, W. Wang, H. Balakrishnan, and D. Karger, “Thwarting web censorship with untrusted messenger discovery,” in Privacy Enhancing Technologies, pp. 125-140, Springer, 2003.
 E. Y. Vasserman, N. Hopper, and J. Tyra, “Silent knock : practical, provably undetectable authentication.,” Int. J. Inf. Sec., vol. 8, no. 2, pp. 121-135, 2009.
 D. McCoy, J. A. Morales, and K. Levchenko, “Proximax: A Measurement Based System for Proxies Dissemination,” Financial Cryptography and Data Security, vol. 5, no. 9, p. 10, 2011.
 B. Laurie and R. Clayton, “Proof-of-Work Proves Not to Work,” in In Third Annual Workshop on Economics and Information Security (WEIS), (Minneapolis, MN), May 2004.
 R. Dingledine and N. Mathewson, “Tor Directory Protocol, Version 3.” https://gitweb.torproject.org/torspec.git/tree/dirspec.txt, Jan. 2006.
 H. Mohajeri Moghaddam, B. Li, M. Derakhshani, and I. Goldberg, “SkypeMorph: Protocol Obfuscation for Tor Bridges,” in Proceedings of the 19th ACM conference on Computer and Communications Security, Oct. 2012.
 A. Houmansadr, T. Riedl, N. Borisov, and A. Singer, “IP over Voice-over-IP for Censorship Circumvention.” arXiv preprint, https://arxiv.org/pdf/1207.2683v2.pdf, 2012.
 S. Burnett, N. Feamster, and S. Vempala, “Chipping Away at Censorship Firewalls with User-Generated Content,” in Proceedings of the 19th USENIX Security Symposium, 2010.
 S. Khattak, M. Javed, P. D. Anderson, and V. Paxson, “Towards Illuminating a Censorship Monitor’s Model to Facilitate Evasion,” in Free and Open Communications on the Internet, (Washington, DC, USA), USENIX, 2013.
 A. Houmansadr, G. T. K. Nguyen, M. Caesar, and N. Borisov, “Cirripede: Circumvention Infrastructure using Router Redirection with Plausible Deniability,” in Proceedings of the 18th ACM conference on Computer and Communications Security, Oct. 2011.
 I. Clarke, O. Sandberg, B. Wiley, and T. W. Hong, “Freenet: A Distributed Anonymous Information Storage and Retrieval System,” in Proceedings of Designing Privacy Enhancing Technologies: Workshop on Design Issues in Anonymity and Unobservability, pp. 46-66, Jul. 2000.
 M. Waldman and D. Mazières, “Tangler: A Censorship- Resistant Publishing System based on Document Entanglements,” in Proceedings of the 8th ACM Conference on Computer and Communications Security, pp. 126-135, Nov. 2001.
 J. Geddes, M. Schuchard, and N. Hopper, “Cover Your ACKs: Pitfalls of Covert Channel Censorship Circumvention,” in Proceedings of the 20th ACM conference on Computer and Communications Security, 2013.
 A. Houmansadr, C. Brubaker, and V. Shmatikov, “The Parrot is Dead: Observing Unobservable Network Communication,” in Proceedings of the 2013 IEEE Symposium on Security and Privacy, May 2013.
 S. Li, M. Schliep, and N. Hopper, “Facet: Streaming over Videoconferencing for Censorship Circumvention,” in Proceedings of the Workshop on Privacy in the Electronic Society, Nov. 2014.
 Y. Torbati, “Iranians Face New Internet Curbs Before Presidential Election.” Reuters, http://www.reuters.com/article/2013/05/21/net-us-iran-election-internetidUSBRE94K0ID20130521, May 2013.
 M. Schuchard, J. Geddes, C. Thompson, and N. Hopper, “Routing Around Decoys,” in Computer and Communications Security, ACM, 2012.
 P. Vines and T. Kohno, “Rook: Using Video Games as a Low-Bandwidth Censorship Resistant Communication Platform.” http://homes.cs.washington.edu/~yoshi/papers/techreport-rook.pdf, 2015.
 B. Hahn, R. Nithyanand, P. Gill, and R. Johnson, “Games Without Frontiers: Investigating Video Games as a Covert Channel.” arXiv preprint, http://arxiv.org/pdf/1503.05904v2.pdf, 2015.
 T. Elahi, J. A. Doucette, H. Hosseini, S. J. Murdoch, and I. Goldberg, “A Framework for the Game-theoretic Analysis of Censorship Resistance,” Proceedings on Privacy Enhancing Technologies, vol. 2016, no. 4, 2016.
 The Tor Project, “Pluggable Transports.” https://www.torproject.org/docs/pluggable-transports.html.en, Jan. 2012.
 Paul Farrell, “History of 5-Eyes â˘AS¸ Explainer.” The Guardian, http://www.theguardian.com/world/2013/dec/02/history-of-5-eyes-explainer, Dec. 2013.
 R. Dingledine, “How to Handle Millions of New Tor Clients.” https://blog.torproject.org/blog/how-to-handle-millions-newtor-clients, Sep. 2013.
 C. MiscBrubaker, A. Houmansadr, and V. Shmatikov, “CloudTransport: Using Cloud Storage for Censorship- Resistant Networking,” in Privacy Enhancing Technologies Symposium, Springer, 2014.
 B. Marczak, N. Weaver, J. Dalek, R. Ensafi, D. Fifield, S. McKune, A. Rey, J. Scott-Railton, R. Deibert, and V. Paxson, “China’s Great Cannon.” https://citizenlab.org/2015/04/chinas-great-cannon/, 2015.
 E. Dou and A. Barr, “U.S. Cloud Providers Face Backlash From China’s Censors.” The Wall Street Journal, http://www.wsj.com/articles/u-s-cloud-providers-face-backlash-fromchinas-censors-1426541126, 2015.
 S. Köpsell and U. Hillig, “How to Achieve Blocking Resistance for Existing Systems Enabling Anonymous Web Surfing,” in Proceedings of the Workshop on Privacy in the Electronic Society, Oct. 2004.
 C. S. Leberknight, M. Chiang, H. V. Poor, and F. Wong, “A Taxonomy of Internet Censorship and Anti-censorship.” https://www.princeton.edu/~chiangm/anticensorship.pdf, 2012.
 G. Perng, M. K. Reiter, and C. Wang, “Censorship Resistance Revisited,” in Proceedings of Information Hiding Workshop, pp. 62-76, Jun. 2005.
 S. Gardner, “Freedom-supporting technologies: their origins and current state.” https://docs.google.com/document/d/1Pa566Vnx9MEuV9gltXOZkypQ3wXyzVyslg6xHuebqqU/edit#, 2016.
 R. Dingledine and N. Mathewson, “Design of a Blocking- Resistant Anonymity System,” Tech. Rep. 2006-1, The Tor Project, Nov. 2006.
 D. Nobori and Y. Shinjo, “VPN Gate: A Volunteer-Organized Public VPN Relay System with Blocking Resistance for Bypassing Government Censorship Firewalls,” in Networked Systems Design and Implementation, USENIX, 2014.
 R. Smits, D. Jain, S. Pidcock, I. Goldberg, and U. Hengartner, “BridgeSPA: Improving Tor Bridges with Single Packet Authorization,” in Proceedings of the 10th Annual ACM Workshop on Privacy in the Electronic Society, (New York, NY, USA), pp. 93-102, ACM, 2011.
 uproxy, “uProxy.” https://www.uproxy.org/.
 Z. Weinberg, J. Wang, V. Yegneswaran, L. Briesemeister, S. Cheung, F. Wang, and D. Boneh, “StegoTorus: A Camouflage Proxy for the Tor Anonymity System,” in Proceedings of the 19th ACM conference on Computer and Communications Security, Oct. 2012.
 I. Goldberg and D. Wagner, “TAZ Servers and the Rewebber Network: Enabling Anonymous Publishing on the World Wide Web,” First Monday, vol. 3, Aug. 1998.
 L. Invernizzi, C. Kruegel, and G. Vigna, “Message in a Bottle: Sailing Past Censorship,” in Privacy Enhancing Technologies Symposium, 2012.
 Y. Wang, P. Ji, B. Ye, P. Wang, R. Luo, and H. Yang, “Go- Hop: Personal VPN to Defend from Censorship,” in International Conference on Advanced Communication Technology, IEEE, 2014.
 E. Wustrow, S. Wolchok, I. Goldberg, and J. A. Halderman, “Telex: Anticensorship in the Network Infrastructure,” in Proceedings of the 20th USENIX Security Symposium, Aug. 2011.
 R. Anderson, “The Eternity Service,” in Proceedings of Pragocrypt, 1996.
 MailMyWeb, “http://www.mailmyweb.com.”
 N. Feamster, M. Balazinska, G. Harfst, H. Balakrishnan, and D. R. Karger, “Infranet: Circumventing Web Censorship and Surveillance.,” in USENIX Security Symposium, pp. 247-262, USENIX, 2002.
 R. Clayton, S. J. Murdoch, and R. N. M. Watson, “Ignoring the Great Firewall of China,” in Proceedings of the Sixth Workshop on Privacy Enhancing Technologies, pp. 20-35, Springer, Jun. 2006.
 D. Fifield, G. Nakibly, and D. Boneh, “OSS: Using Online Scanning Services for Censorship Circumvention,” in Proceedings of the 13th Privacy Enhancing Technologies Sym posium, Jul. 2013.
 E. Wustrow, C. M. Swanson, and J. A. Halderman, “Tap- Dance: End-to-Middle Anticensorship Without Flow Blocking,” in Proceedings of the 23rd USENIX conference on Security Symposium, pp. 159-174, USENIX Association, 2014.
 W. Zhoun, A. Houmansadr, M. Caesar, and N. Borisov, “SWEET: Serving the Web by Exploiting Email Tunnels,” HotPETS, 2013.
 “Scholar Zhang: Intrusion detection evasion and black box mechanism research of the Great Firewall of China.” https://code.google.com/p/scholarzhang/, 2010.
 D. Fifield, C. Lan, R. Hynes, P. Wegmann, and V. Paxson, “Blocking-resistant Communication through Domain Fronting,” Privacy Enhancing Technologies, vol. 1, no. 2, 2015.
 J. Karlin, D. Ellard, A. W. Jackson, C. E. Jones, G. Lauer, D. P. Mankins, and W. T. Strayer, “Decoy Routing: Toward Unblockable Internet Communication,” in Free and Open Communications on the Internet, (San Francisco, CA, USA), USENIX, 2011.
 M. Waldman, A. Rubin, and L. Cranor, “Publius: A Robust, Tamper-Evident, Censorship-Resistant and Source- Anonymous Web Publishing System,” in Proceedings of the 9th USENIX Security Symposium, pp. 59-72, Aug. 2000.
 J. Holowczak and A. Houmansadr, “Cachebrowser: Bypassing chinese censorship without proxies using cached content,” in Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 70-83, ACM, 2015.
 D. Ellard, C. Jones, V. Manfredi, W. T. Strayer, B. Thapa, M. Van Welie, and A. Jackson, “Rebound: Decoy routing on asymmetric routes via error messages,” in Local Computer Networks (LCN), 2015 IEEE 40th Conference on, pp. 91-99, IEEE, 2015.
 A. Serjantov, “Anonymizing Censorship Resistant Systems,” in Proceedings of the 1st International Peer To Peer Systems Workshop, Mar. 2002.
 W. Mazurczyk, P. Szaga, and K. Szczypiorski, “Using Transcoding for Hidden Communication in IP Telephony.” arXiv preprint, http://arxiv.org/pdf/1111.1250.pdf, 2011.
 C. Connolly, P. Lincoln, I. Mason, and V. Yegneswaran, “TRIST: Circumventing Censorship with Transcoding- Resistant Image Steganography,” in Free and Open Communications on the Internet, USENIX, 2014.
 K. P. Dyer, S. E. Coull, T. Ristenpart, and T. Shrimpton, “Protocol Misidentification Made Easy with Format- Transforming Encryption,” in Proceedings of the 20th ACM conference on Computer and Communications Security (CCS 2013), Nov. 2013.
 bit-smuggler, “tunnel traffic through a genuine bittorrent connection.” https://github.com/danoctavian/bit-smuggler.
 B. Jones, S. Burnett, N. Feamster, S. Donovan, S. Grover, S. Gunasekaran, and K. Habak, “Facade: High-Throughput, Deniable Censorship Circumvention Using Web Search,” in Proceedings of the USENIX Workshop on Free and Open Communications on the Internet, USENIX, 2014.
 K. P. Dyer, S. E. Coull, and T. Shrimpton, “Marionette: A Programmable Network Traffic Obfuscation System,” in Proceedings of the 24th USENIX Security Symposium, pp. 367-382, USENIX Association, Aug. 2015.
 S. Cao, L. He, Z. Li, and Y. Yang, “SkyF2F: Censorship Resistant via Skype Overlay Network,” in Information Engineering, 2009. ICIE’09. WASE International Conference on, vol. 1, pp. 350-354, IEEE, 2009.
 T. Ruffing, J. Schneider, and A. Kate, “Identity-Based Steganography and Its Applications to Censorship Resistance.” 6th Workshop on Hot Topics in Privacy Enhancing Technologies (HotPETs), 2013.
 The Tor Project, “Tor: Hidden Service Protocol.” https://www.torproject.org/docs/hidden-services.html.en.
 Q. Wang, X. Gong, G. T. K. Nguyen, A. Houmansadr, and N. Borisov, “CensorSpoofer: Asymmetric Communication using IP Spoofing for Censorship-Resistant Web Browsing,” in Proceedings of the 19th ACM conference on Computer and Communications Security, Oct. 2012.
 cgiproxy, “HTTP/FTP Proxy in a CGI Script.” https://www.jmarshall.com/tools/cgiproxy/.
 Ultrasurf, “http://ultrasurf.us.”
 freegate, “Freegate | Dynamic Internet Technology, Inc.” http://dit-inc.us/freegate.html.