Geneva ("Genetic Evasion") is a project from the University of Maryland's Breakerspace ("a lab dedicated to scaling-up undergraduate research in computer and network security"); in a paper presented today at the ACM's Conference on Computer and Communications Security, a trio of Maryland researchers and a UC Berkeley colleague present their work on evolutionary algorithms as a means of defeating state-level network censorship.
Geneva develops countermeasures to deep-packet-inspection-based censorship systems that monitor network traffic for forbidden keywords and use packet-injection to break connections to forbidden resources.
Geneva's approach is typical of genetic algorithms: drawing on an arsenal of evasion techniques, Geneva attempts to circumvent filters, and the techniques that work are reinforced and then randomly varied to produce new generations of algorithms, and the best of these are then reinforced and allowed to reproduce, etc, etc.
The researchers describe this as a kind of inversion of the usual method for censorship evasion, in which researchers first determine how the censorship works, and then develop an evasion countermeasure. With Geneva, the system automatically probes censorship systems and develops countermeasures, and by evaluating which countermeasures work, researchers can infer how the censorship is accomplished.
The researchers used Geneva to successfully evade the Great Firewall of China, as well as national censorship systems in India and Kazakhstan. They propose that this kind of evasion tool could run continuously on the server side, providing a continuous stream of new tactics for bypassing censorship systems.
They also note that censors could use Geneva to find defects in their own systems and so they can fix them, but say that some of the fundamental errors in the assumptions of the censorship systems might be impossible to fix.
There has long been a cat-and-mouse game between censors and a community of researchers and practitioners who seek to evade them.The current evade-detect cycle requires extensive manual measurement, reverse-engineering, and creativity to obtain new means ofcensorship evasion. In this paper, we presented Geneva, a genetic algorithm for automatically discovering censorship evasion strategies against on-path network censors. Through evaluation both in-lab and against the GFW, we have demonstrated thatG eneva efficiently discovers strategies, and that its genetic building blocks allow it to both re-derive all previously published schemes that it can support, as well as derive altogether new strategies that prior work posited would not be effective. We believe Geneva represents an important first step towards automating censorship evasion. Tothis end, we have made our code and data publicly available at https://geneva.cs.umd.edu.
Geneva: Evolving Censorship Evasion Strategies [Kevin Bock, George Hughey, Xiao Qiang and Dave Levin/ACM CCS '19]