ScrambleSuit: A Polymorph Network Protocol to Circumvent Censorship
Philipp Winter, Tobias Pulls, Juergen Fuss
TL;DR
ScrambleSuit is a novel network protocol designed to obfuscate data and evade censorship techniques like active probing and protocol fingerprinting, enabling effective circumvention with minimal overhead.
Contribution
It introduces a morphing protocol layer that uses secret-based obfuscation to counteract advanced censorship methods, improving upon existing circumvention tools.
Findings
Effective against active probing and fingerprinting
Minimal overhead in prototype implementation
Enables lightweight application layer obfuscation
Abstract
Deep packet inspection technology became a cornerstone of Internet censorship by facilitating cheap and effective filtering of what censors consider undesired information. Moreover, filtering is not limited to simple pattern matching but makes use of sophisticated techniques such as active probing and protocol classification to block access to popular circumvention tools such as Tor. In this paper, we propose ScrambleSuit; a thin protocol layer above TCP whose purpose is to obfuscate the transported application data. By using morphing techniques and a secret exchanged out-of-band, we show that ScrambleSuit can defend against active probing and other fingerprinting techniques such as protocol classification and regular expressions. We finally demonstrate that our prototype exhibits little overhead and enables effective and lightweight obfuscation for application layer protocols.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsInternet Traffic Analysis and Secure E-voting · Network Security and Intrusion Detection · Advanced Steganography and Watermarking Techniques