Cisco Secure Intrusion Detection Systems
Cisco Secure Intrusion Detection Systems
Failures in a hybrid content blocking system
PET'05 Proceedings of the 5th international conference on Privacy Enhancing Technologies
ACM SIGCAS Computers and Society
On anonymity in an electronic society: A survey of anonymous communication systems
ACM Computing Surveys (CSUR)
Pass it on: social networks stymie censors
IPTPS'08 Proceedings of the 7th international conference on Peer-to-peer systems
Sandnet: network traffic analysis of malicious software
Proceedings of the First Workshop on Building Analysis Datasets and Gathering Experience Returns for Security
Internet censorship in china: where does the filtering occur?
PAM'11 Proceedings of the 12th international conference on Passive and active measurement
BridgeSPA: improving Tor bridges with single packet authorization
Proceedings of the 10th annual ACM workshop on Privacy in the electronic society
Cirripede: circumvention infrastructure using router redirection with plausible deniability
Proceedings of the 18th ACM conference on Computer and communications security
Analysis of country-wide internet outages caused by censorship
Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference
The market failure of anonymity services
WISTP'10 Proceedings of the 4th IFIP WG 11.2 international conference on Information Security Theory and Practices: security and Privacy of Pervasive Systems and Smart Devices
Exploring the ecosystem of referrer-anonymizing services
PETS'12 Proceedings of the 12th international conference on Privacy Enhancing Technologies
Splinternet Behind the Great Firewall of China
Queue - Web Security
Tracing the route of China's Internet censorship: An empirical study
Telematics and Informatics
Making sense of internet censorship: a new frontier for internet measurement
ACM SIGCOMM Computer Communication Review
ScrambleSuit: a polymorphic network protocol to circumvent censorship
Proceedings of the 12th ACM workshop on Workshop on privacy in the electronic society
The velocity of censorship: high-fidelity detection of microblog post deletions
SEC'13 Proceedings of the 22nd USENIX conference on Security
NSDI'14 Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation
Hi-index | 0.00 |
The so-called “Great Firewall of China” operates, in part, by inspecting TCP packets for keywords that are to be blocked. If the keyword is present, TCP reset packets (viz: with the RST flag set) are sent to both endpoints of the connection, which then close. However, because the original packets are passed through the firewall unscathed, if the endpoints completely ignore the firewall's resets, then the connection will proceed unhindered. Once one connection has been blocked, the firewall makes further easy-to-evade attempts to block further connections from the same machine. This latter behaviour can be leveraged into a denial-of-service attack on third-party machines.