Researchers at the University of Maryland have come up with a way to use artificial intelligence (AI) to evade Internet censorship often used by repressive regimes.
Dubbed Geneva, the AI software has successfully outsmarted Internet censorship in China, India, and Kazakhstan.
"Ordinarily we identify how a censorship strategy works and then devise strategies to evade it," says Dave Levin, an assistant professor of computer science of the University of Maryland. "But now, we let Geneva figure out how to evade the censor, and then we learn what censorship strategies are being used by seeing how Geneva defeated them."
Essentially, the AI fools censors by continually manipulating the design of information packets used by Internet browsers to request data from the Web.
In one telling example, the software — integrated into the Google Chrome browser — was able to evade censorship techniques used by China by disguising a request for a commonly censored word. Essentially, Geneva was able to mutate the design of the HTTP information packet sending out the request for that word, ensuring that the request slipped by censors.
The beauty of Geneva is that the software automatically generates the packet mutations, tests them against an Internet censor, and then refines those packet mutations again and again to come up with powerful pieces of digital trickery, according to Levin.
Indeed, Levin says his team generally runs a packet mutation through Geneva for 50 generations before using it against a state censor.
The Maryland research caught the attention of Phillipa Gill, an associate professor of computer science at the University of Massachusetts, Amherst, who said, "This work is fairly unique in the space of circumvention schemes. While there are circumvention schemes that have automated components—for example, Obfsproxy or other tools that work to mask properties of network traffic—they do not generally change their functioning dynamically."
Besides bringing automation to an anti-censorship process traditionally orchestrated manually, Geneva is also able to manipulate information packets with 'fresh eyes,' to discover vulnerabilities that human programmers can miss.
For example, Levin says he and his team have "no logical explanation" for why Geneva's HTTP ruse against the Great Firewall of China works. "We are left to conclude that it must be a bug that Geneva has discovered in how China's Great Firewall reconstructs and parses HTTP requests," he says.
"This is an important example of how Geneva operates, because China was known to reconstruct TCP segments," which is why many researchers had assumed segmentation-based strategies could not succeed against China's censorship software. "Fortunately, Geneva did not know any better," Levin adds. "We had not preloaded Geneva with any prior misunderstandings or understandings of how censorship worked. As a result, it was able to explore parts of the space that a human might have understandably avoided."
Under the hood, Levin says Geneva is using a combination of software. "Geneva makes use of a genetic algorithm that our team wrote in Python, with extensive use of Scapy, a powerful tool for manipulating packets."
Levin also uses Docker for containerizing testing infrastructure, and tcpdump for collecting data to debug and analyze why strategies work.
Like many researchers in the fight against Internet censorship, Levin's team is not looking for a commercial payday with Geneva. "The spirit of this work is to help create a more open, accessible Internet for all people," Levin says. "To that end, we open-source all of our implementations and distribute them freely."
Zachary Weinberg, a postdoctoral researcher at the University of Massachusetts, Amherst, who specializes in digitally thwarting Internet censorship, sees Geneva as promising. "I see its biggest benefit to end users being in automation. It should be possible to package Geneva to run in the background on end-user computers, and have it search for new evasion strategies whenever they encounter censorship."
Says Gill, "Automated approaches can enable evasion of censorship in a wider set of contexts as well as doing so more quickly than manual efforts. This has the potential to enable access to information for a larger group of people. It also increases resources required by censors, as circumvention occurs without the limitations of having humans investigate and evade censorship.
"In addition to being faster than humans, automated techniques can cover the many protocols that are filtered, and may be filtered in different ways," Gill says. "They are also able to identify bugs and unexpected behavior of censorship programs that are extremely difficult to find via manual means alone."
Despite Geneva's capabilities, Levin's research team concedes the software is still no panacea in the seemingly endless cat-and-mouse game of censorship and evasion. "Geneva represents an important first step in automating censorship evasion," says Kevin Bock, a Ph.D. student in computer science at University of Maryland who came up with the idea for Geneva.
While Geneva can exploit the cracks it finds in the digital information shields of some Internet censors, those same censors have the ability to detect the software's activities and repair those cracks so they may not be penetrated again in the same way. "Eventually, enough bugs will be fixed that Geneva cannot find a new strategy in a reasonable amount of time," says Weinberg.
Nick Feamster, Neubauer Professor in the Department of Computer Science of the University of Chicago, and director of the university's Center for Data and Computing, takes a similar view: as ruses evolve, so do censor's strategies.
Feamster also observes that Geneva does not have a solution for every form of Internet censorship currently employed, including "changing where domain names point to, publishing block pages, and so forth."
Other censorship tactics beyond the reach of Geneva include throttling the performance of a particular site or service, and embedding barriers in the multiple layers of the protocol stack, Feamster says.
"Modeling the capabilities of a censor is always challenging," Feamster says, "but in this case, it is probably safe to assume that the censor itself will train models to detect certain types of traffic."
Ultimately, champions of the free flow of digital information need to assemble a more multi-faceted response to fully quash Internet censorship, Feamster says.
Adds Weinberg, "As long as Geneva is not used by that many people, it won't be worth the trouble to them to report the bugs and deploy the patches. But if it becomes as widely used as, say, commercial VPNs are, then it will become worthwhile to them to implement countermeasures."
Joe Dysart is an Internet speaker and business consultant based in Manhattan, NY, USA.