2019-bock-geneva

Geneva: Evolving Censorship Evasion Strategies

Kevin Bock, George Hughey, Xiao Qiang, Dave Levin · Computer and Communications Security · 2019

canonical link →

Tags

censors: generic
techniques: dpi
defenses: geneva

findings extracted from this paper

Evasion strategies are strongly censor-specific: TCB Teardown strategies that achieve 80–96% against the GFW fail completely (0%) against Kazakhstan's HTTPS MITM; India's Airtel is defeated uniquely by a 'Stutter Request' (duplicating the PSH/ACK and replacing IP length to 64) at 100% success, which scores only 3% against the GFW. Geneva converged on distinct species for each censor within 4–8 hours of live training.

Table 1, §5.1–5.4 evaluation dpirst-injectionmiddlebox-interference cninkz
Geneva, a genetic algorithm using four packet-manipulation primitives (drop, tamper, duplicate, fragment), independently re-derived 30 of 36 (83.3%) previously published evasion strategies in controlled lab experiments and discovered successful strategies in 23 of 27 live training sessions against China's GFW, yielding 4 unique species, 8 subspecies (5 novel), and 21 fundamentally different variants. Each training session ran for 4–8 hours against a real censor.

§5, Abstract defense dpirst-injection cn
Geneva experiments revealed that the GFW determines TCP three-way handshake completion using only the presence of the ACK flag — without validating sequence numbers. Upon receiving a RST or RST/ACK before the handshake completes, the GFW enters a resynchronization state approximately 50% of the time rather than tearing down its TCB; strategies that exploit this pre-handshake window achieve 92–95% success rates (Strategies 3 and 4).

§5.2 Species 2: TCB Teardown detection dpirst-injection cn
The GFW does not verify TCP checksums or validate RST flag combinations: Strategy 5 using the entirely invalid flag set FRAPUN with TTL 10 achieved 96% success. Separately, increasing the TCP data offset (dataofs) field to 10 in an insertion duplicate causes the GFW to reinterpret the beginning of the HTTP payload as TCP header bytes, preventing keyword detection and achieving 98% success (Strategy 2) — while the destination server discards the malformed packet.

§5.2 Species 1 and Species 2 detection dpimiddlebox-interference cn
Geneva's Segmentation species — fragmenting HTTP requests at the TCP layer without IP fragmentation, segment overlapping, or insertion packets — achieved 94–98% success against the GFW, 100% against India's Airtel ISP, and 100% against Kazakhstan's HTTPS MITM, making it the only strategy class effective across all three tested censors. These strategies require neither raw sockets nor root privilege.

§5.2 Species 3: Segmentation defense dpimiddlebox-interference cninkz