DNS-sly

Avoiding Censorship through Network Complexity

Qurat-Ul-Ann Danyal Akbar, Marcel Flores, Aleksandar Kuzmanovic

Research output: Contribution to conferencePaper

Abstract

We design DNS-sly, a counter-censorship system which enables a covert channel between a DNS client and server. To achieve covertness and deniability in the upstream direction, DNS-sly applies user personalization, adapting to individual behaviors. In the downstream direction, it utilizes CDN-related DNS responses to embed data, while retaining statistical covertness. We show DNS-sly achieves downstream throughput of up to 600 Bytes of raw hidden data per click on a regular Web page, making it a practical system in the context of a covert Web proxy service. We implement DNS-sly and evaluate it in a known censorship environment, demonstrating its real-world usability.
Original languageEnglish (US)
Number of pages7
StatePublished - 2016

Fingerprint

Websites
Servers
Throughput

Cite this

@conference{5db934befa7844e7be266b0750a75f5d,
title = "DNS-sly: Avoiding Censorship through Network Complexity",
abstract = "We design DNS-sly, a counter-censorship system which enables a covert channel between a DNS client and server. To achieve covertness and deniability in the upstream direction, DNS-sly applies user personalization, adapting to individual behaviors. In the downstream direction, it utilizes CDN-related DNS responses to embed data, while retaining statistical covertness. We show DNS-sly achieves downstream throughput of up to 600 Bytes of raw hidden data per click on a regular Web page, making it a practical system in the context of a covert Web proxy service. We implement DNS-sly and evaluate it in a known censorship environment, demonstrating its real-world usability.",
author = "Akbar, {Qurat-Ul-Ann Danyal} and Marcel Flores and Aleksandar Kuzmanovic",
year = "2016",
language = "English (US)",

}

DNS-sly : Avoiding Censorship through Network Complexity. / Akbar, Qurat-Ul-Ann Danyal; Flores, Marcel; Kuzmanovic, Aleksandar.

2016.

Research output: Contribution to conferencePaper

TY - CONF

T1 - DNS-sly

T2 - Avoiding Censorship through Network Complexity

AU - Akbar, Qurat-Ul-Ann Danyal

AU - Flores, Marcel

AU - Kuzmanovic, Aleksandar

PY - 2016

Y1 - 2016

N2 - We design DNS-sly, a counter-censorship system which enables a covert channel between a DNS client and server. To achieve covertness and deniability in the upstream direction, DNS-sly applies user personalization, adapting to individual behaviors. In the downstream direction, it utilizes CDN-related DNS responses to embed data, while retaining statistical covertness. We show DNS-sly achieves downstream throughput of up to 600 Bytes of raw hidden data per click on a regular Web page, making it a practical system in the context of a covert Web proxy service. We implement DNS-sly and evaluate it in a known censorship environment, demonstrating its real-world usability.

AB - We design DNS-sly, a counter-censorship system which enables a covert channel between a DNS client and server. To achieve covertness and deniability in the upstream direction, DNS-sly applies user personalization, adapting to individual behaviors. In the downstream direction, it utilizes CDN-related DNS responses to embed data, while retaining statistical covertness. We show DNS-sly achieves downstream throughput of up to 600 Bytes of raw hidden data per click on a regular Web page, making it a practical system in the context of a covert Web proxy service. We implement DNS-sly and evaluate it in a known censorship environment, demonstrating its real-world usability.

M3 - Paper

ER -