Download

HTML: index.html
PDF: fifield-thesis.pdf
sha256sum a8d6d8734157bbad0e30015c592275c7f75aab9e0921061c27b8259761756fde
source code: git clone https://www.bamsoftware.com/git/thesis.git

Other places where it can be found

Berkeley EECS tech report: Ignore the "all rights reserved"; that got prepended automatically. You can do what you want with it.
eScholarship "Open Access Publications from the University of California": It somehow ended up here as well.
Internet Archive: Backup copy of the PDF.

In order to submit the thesis I had to upload to something called proquest, which seems to be one of those typical rent-seeking parasitic publishing outfits. If you find it there, I suggest you ignore it.

Citation

@phdthesis{Fifield2017a,
  author = {David Fifield},
  title = {Threat modeling and circumvention of {Internet} censorship},
  school = {University of California, Berkeley},
  month = dec,
  year = 2017,
  url = {https://www.bamsoftware.com/papers/thesis/},
}

Errata

I'm no Donald Knuth, but if you find an error, let me know and we can work something out.

Section 2.1, page 8: "Winter and Lindskog [199], observed that the Great Firewall preferred to block individual ports, entire IP addresses"→"Winter and Lindskog [199] observed that the Great Firewall preferred to block individual ports, not entire IP addresses".
Section 2.1, page 8: "Jones et al. Jones2014a"→"Jones et al. [XX]". The source was missing a \cite, and this was the only reference to Jones2014a, hence there is no bibliography entry. The bibliography entry would be:

[107a]

Ben Jones, Sam Burnett, Nick Feamster, Sean Donovan, Sarthak Grover, Sathya Gunasekaran, and Karim Habak. “Facade: High-Throughput, Deniable Censorship Circumvention Using Web Search”. In: Free and Open Communications on the Internet. USENIX, 2014. https://www.usenix.org/system/files/conference/foci14/foci14_jones-8-8-14.pdf (cit. on p. 8).
Section 2.3, page 12: "mixing into the their public proxy list"→"mixing into the public proxy list".
Caption of Figure 5.4, page 46: "bridges However"→"bridges. However".
Section "2015: Growth; restraints; outages", page 56: "increasing from 2,000 to reaching 6,000"→"increasing from 2,000 to 6,000".
Section "2017: Long-term support", page 60: "my anonymous collaborator in the work Kazakhstan work"→"my anonymous collaborator in the Kazakhstan work".
Section 7.2, page 66: "freedom to combined them"→"freedom to combine them". (Spotted by Arlo Breault.)
Bibliography: These entries should have @article, rather than @misc, formatting: [53], [101].
Bibliography: These entries should say just "Privacy Enhancing Technologies", not "Privacy Enhancing Technologies Symposium", for consistency with other entries: [23], [84].
Index, page 84: The "Anonymous" entry should additionally refer to page 60.
Index, page 86: Duplicate page number 5 (one bold, one not) in entries "false negative" and "false positive".
Index, page 88: The page numbers should be 9–11 rather than 9–10 (extending to the end of Section 2.2). (Accidentally had |( at the end of the index range, rather than |).)
Index, page 90: The "Tor Blog" entry should additionally refer to page 55.
Index: The formatting was messed up in the HTML version, so that entries were drawn on top of each other. Spotted by Philipp Winter.

Stuff I left out

I wanted to discuss these topics, but didn't. (Mainly for a lack of time.)

A description and comparison of all the proxy distribution papers. To tell the truth I never really understood all these fully.
- Keyspace hopping (2003)
- Kaleidoscope (bis) (2008)
- Fighting Censorship with Algorithms (2010)
- Proximax (2011)
- rBridge (2013)
- Salmon (2016)
- Hyphae (2017)
- Enemy at the Gateways (2017)
- TorBricks (2017)
Research by Sebastian Zander et al. on covert channels. There is overlap with circumvention topics, and an automated evaluation framework. They were, for example, embedding covert channels in first-person shooters before Rook was.
Publications I had on a list to read, but didn't get to:
- Antoine Delignat-Lavaud and Karthikeyan Bhargavan. "Network-based Origin Confusion Attacks against HTTPS Virtual Hosting" (relevant to domain fronting)
- Christopher D. Hunter. "Internet Filter Effectiveness: Testing Over and Underinclusive Blocking Decisions of Four Popular Filters" DOI 10.1177/089443930001800209
- Aniello Castiglione, Bonaventura D'Alessio, Alfredo De Santis. "Steganography and Secure Communication on Online Social Networks and Online Photo Sharing." DOI 10.1109/BWCCA.2011.60
- Wojciech Mazurczyk. "VoIP Steganography and Its Detection—A Survey" DOI 10.1145/2543581.2543587
- EPIC. Filters and Freedom: Free Speech Perspectives on Internet Content Controls
- Andrea Di Florio, Nino Vincenzo Verde, Antonio Villani, Domenico Vitali, Luigi Vincenzo Mancini. "Bypassing Censorship: a proven tool against the recent Internet censorship in Turkey"
- Raed Al-Qura’n, Ali Hadi, Jalal Atoum, Malek Al-Zewairi. "Ultrasurf Traffic Classification: Detection and Prevention
- Henry Tan, Micah Sherr. "Censorship Resistance as a Side-Effect"

Snapshots and changelog

rc2 (same as final), diff since previous: Minor edits and indexing fixes.
rc1, diff since previous: Wrote acknowledgements. Re-scanned figures for better color. Archived all URLs in references. Cleaned up index. Rewrote the abstract.
20171214, diff since previous: Edited and indexed the chapters on understanding censors, time delays, and Snowflake.
20171213, diff since previous: Edited and indexed the chapter on principles of circumvention.
20171212, diff since previous: Edited and indexed the introduction and the chapters on active probing and domain fronting. Filled in all missing figures. Moved home page from https://people.cs.berkeley.edu/~fifield/thesis/ to https://www.bamsoftware.com/papers/thesis/. Finalized all data sets to end at 2017-11-30.
20171201, diff since previous: Finished chapters on measurement studies / evaluation of circumvention, delays in censors' reactions, and Snowflake. All chapters are ready to read now.
20171127, diff since previous: Finished chapter on domain fronting. Added a table of meek's costs.
20171120, diff since previous: Finished Introduction. Finished chapter on active probing.
20171113, diff since previous: Moved summary of measurement papers to an appendix. Added and updated an active probing figure.
20171106, diff since previous: Finished sections on "Address blocking resistance strategies" and "Early censorship and circumvention." This covers all the topics I planned for chapter 2.
20171030, diff since previous: Finished section on "Content obfuscation strategies."
20171023, diff since previous: Began a section on "Content obfuscation strategies."
20171016, diff since previous: Drafted subsection on "Collateral damage."
20171009, diff since previous: Drafted subsection on "Spheres of influence and visibility," intro to "Principles of circumention," got started on "Collateral damage."
20171002, diff since previous: Finished first draft of the history of meek deployment, modulo some todos.
20170925, diff since previous: First draft of a long subsection on the history of meek deployment (currently Section 6.1).
20170918, diff since previous: Enumerated some in-scope and out-of-scope cases. Began working through Principles of circumvention. Roughed out references for a subsection in bridge distribution.
20170911: Hacked into rough thesis format, imported text from proposal, some editing of introduction.