Balboa: Bobbing and Weaving around Network Censorship

TL;DR

Balboa is a novel framework for censorship circumvention that tunnels data through existing applications by embedding information in traffic models, maintaining application behavior and resisting machine learning detection.

Contribution

It introduces a general, application-agnostic tunneling framework that preserves application behavior and works with TLS, unlike prior methods.

Findings

Balboa successfully tunnels data without altering application behavior.

Machine learning classifiers struggle to detect Balboa traffic.

Two instantiations demonstrate its effectiveness for audio streaming and web browsing.

Abstract

We introduce Balboa, a link obfuscation framework for censorship circumvention. Balboa provides a general framework for tunneling data through existing applications. Balboa sits between an application and the operating system, intercepting outgoing network traffic and rewriting it to embed data. To avoid introducing any distinguishable divergence from the expected application behavior, Balboa only rewrites traffic that matches an externally specified \emph{traffic model} pre-shared between the communicating parties. The traffic model captures some subset of the network traffic (e.g., some subset of music an audio streaming server streams). The sender uses this model to replace outgoing data with a pointer to the associated location in the model and embed data in the freed up space. The receiver then extracts the data, replacing the pointer with the original data from the model before passing the data on to the application. When using TLS, this approach means that application behavior with Balboa is \emph{equivalent}, modulo small (protocol-dependent) timing differences, to if the application was running without Balboa. Balboa differs from prior approaches in that it (1) provides a framework for tunneling data through arbitrary (TLS-protected) protocols/applications, and (2) runs the unaltered application binaries on standard inputs, as opposed to most prior tunneling approaches which run the application on non-standard -- and thus potentially distinguishable -- inputs. We present two instantiations of Balboa -- one for audio streaming and one for web browsing -- and demonstrate the difficulty of identifying Balboa by a machine learning classifier.