Analyzing Proxy Censorship

Various state-actors around the world deploy some degree of censorship. To prevent users from accessing specific websites, they alter, drop, and redirect connection attempts to websites and services they deem malicious. A prevalent censorship technique is IP-based censorship. Censors maintain a list of IP addresses they want to prevent access to and drop any packet that has an IP address of said list as their source or destination address. Theoretically, circumventing IP-based censorship is easily achievable with some kind of Proxy where the Proxy servers as an intermediate between you and the denied server. Practically, censors can also detect and ban the IPs of proxy servers or perform deep-packet inspection (SNI extension of TLS) to still censor connections that are send over a Proxy server. On top of that, different kind of Proxies allow for different kinds of additional censorship.

In this thesis, you will analyze the prevalence of Proxy servers and their censorship in different countries around the world. To this end, you will become familiar with the different types of Proxy servers and detect them on the Internet. Furthermore, you will analyze the censorship mechanism regarding Proxy servers of countries around the world. Building on that, you can search for circumvention techniques and/or build a new type of Proxy based on the ESNI/ECH extension of the TLS protocol.

Requirements:
- Programming, knowledge of Java preferred
- Knowledge of TLS, HTTP, Network Stack (TCP/IP)
- Interest in censorship (circumvention)

Who to message:
Prof. Dr.-Ing. Juraj Somorovsky or Niklas Niere