Projects

Our lab investigates different types of security and privacy violations on the Internet.

We design and deploy scalable techniques and systems to detect and protect users’ Internet experience from censorship, geo-discrimnation, third-party tracking, and surveillance. By making our data and measurement practices easily accessible, we seek to facilitate multi-disciplinary research that promotes network accountability and transparency and leads to development of new technical approaches for safeguarding users at global scale.

Observatory

Our observatory is a platform that provides continuous, global data about Internet censorship practices in countries around the world. The Censored Planet Observatory builds on a long line of work that develops remote censorship measurement techniques.

We operate several of these systems, curate the collected data, and publishes semi-weekly datasets that are used by external research groups (computer scientists, social scientists, and NGOs) to understand and track global censorship

Explore Observatory

February 2020 Network and Distributed System Security Symposium (NDSS)

Measuring the Deployment of Network Censorship Filters at Global Scale

Ram Sundara Raman Adrian Stoll Jakub Dalek Armin Sarabi Reethika Ramesh Will Scott Roya Ensafi

Press: Censored Planet Michigan CSE

PDF Slides

@inproceedings{filtermap,
title={Measuring the Deployment of Network Censorship Filters at Global Scale},
author={Sundara Raman, Ram and Stoll, Adrian and Dalek, Jakub and Sarabi, Armin and Ramesh, Reethika and Scott, Will and Ensafi, Roya},
booktitle={Proceedings of the Network and Distributed System Security Symposium, NDSS 2020, San Diego, California, USA},
year={2020}
}

August 2018 USENIX Security Symposium

Quack: Scalable Remote Measurement of Application-Layer Censorship

Benjamin VanderSloot Allison McDonald J. Alex Halderman Will Scott Roya Ensafi

PDF

@inproceedings{Ben2018Quack:,
title={Quack: Scalable Remote Measurement of Application-Layer Censorship},
author={Ben VanderSloot and Allison McDonald and Will Scott and J. Alex Halderman and Roya Ensafi},
booktitle={USENIX Security Symposium},
year={2018}
}

August 2017 USENIX Security

Global Measurement of DNS Manipulation

Paul Pearce Ben Jones Frank Li Roya Ensafi Nick Feamster Nick Weaver Vern Paxson

PDF Talk Slides

@inproceedings{Paul2017Global,
title={Global Measurement of DNS Manipulation},
author={Paul Pearce and Ben Jones and Frank Li and Roya Ensafi and Nick Feamster and Nick Weaver and Vern Paxson},
booktitle={USENIX Security},
year={2017}
}

May 2017 IEEE Security and Privacy (S&P)

Augur: Internet-Wide Detection of Connectivity Disruptions

Paul Pearce Roya Ensafi Frank Li Nick Feamster Vern Paxson

PDF Talk

@inproceedings{Paul2017Augur:,
title={Augur: Internet-Wide Detection of Connectivity Disruptions},
author={Paul Pearce and Roya Ensafi and Frank Li and Nick Feamster and Vern Paxson},
booktitle={IEEE Security and Privacy},
year={2017}
}

June 2016 USENIX Annual Technical Conference

Satellite: Joint Analysis of CDNs and Network-Level Interference

Will Scott Thomas Anderson Tadayoshi Kohno Arvind Krishnamurthy

PDF Talk Slides

@inproceedings{Will2016Satellite:,
title={Satellite: Joint Analysis of CDNs and Network-Level Interference},
author={Will Scott and Thomas Anderson and Tadayoshi Kohno and Arvind Krishnamurthy},
booktitle={USENIX Annual Technical Conference},
year={2016}
}

August 2015 ACM SIGCOMM Workshop on Ethics in Networked Systems Research

Ethical Concerns for Censorship Measurement

Ben Jones Roya Ensafi Nick Feamster Vern Paxson Nick Weaver

PDF

@inproceedings{Ben2015Ethical,
title={Ethical Concerns for Censorship Measurement},
author={Ben Jones and Roya Ensafi and Nick Feamster and Vern Paxson and Nick Weaver},
booktitle={ACM SIGCOMM Workshop on Ethics in Networked Systems Research},
year={2015}
}

March 2014 Passive and Active Measurement (PAM)

Detecting intentional packet drops on the Internet via TCP/IP side channels

Roya Ensafi Jeffrey Knockel Geoffrey Alexander Jedidiah R Crandall

PDF Talk

@inproceedings{Roya2014Detecting,
title={Detecting intentional packet drops on the Internet via TCP/IP side channels},
author={Roya Ensafi, Jeffrey Knockel, Geoffrey Alexander, Jedidiah R Crandall},
booktitle={Passive and Active Measurement},
year={2014}
}

August 2010 USENIX Security Symposium

Idle Port Scanning & Non-interference Analysis of Network Protocol Stacks Using Model Checking

Roya Ensafi Jong Chun Park Deepak Kapur Jedidiah R Crandall

PDF

@inproceedings{Roya2010Idle,
title={Idle Port Scanning & Non-interference Analysis of Network Protocol Stacks Using Model Checking},
author={Roya Ensafi and Jong Chun Park and Deepak Kapur and Jedidiah R. Crandall},
booktitle={USENIX Security Symposium},
year={2010}
}

Network Measurement

Internet Measurement helps understand and analyze network behavior, helping the community understand phenomena such as routing and network interference in practice. We design and develop techniques that bridge remote and in-situ measurement techniques, and use them to collect, analyze and distribute measurement data of unprecedented scope and detail.

July 2018 ACM SIGCAS Conference on Computing and Sustainable Societies

Nation-State Hegemony in Internet Routing

Annie Edmundson Roya Ensafi Nick Feamster Jennifer Rexford

@inproceedings{Annie2018Nation-State,
title={Nation-State Hegemony in Internet Routing},
author={Annie Edmundson and Roya Ensafi and Nick Feamster and Jennifer Rexford},
booktitle={ACM SIGCAS Conference on Computing and Sustainable Societies},
year={2018}
}

February 2018 IEEE Security & Privacy (S&P)

Towards Continual Measurement of Global Network-Level Censorship

Paul Pearce Roya Ensafi Frank Li Nick Feamster Vern Paxson

PDF

@article{Paul2018Towards,
author={Paul Pearce and Roya Ensafi and Frank Li and Nick Feamster and Vern Paxson},
title={Towards Continual Measurement of Global Network-Level Censorship},
journal={IEEE Security & Privacy},
volume={16},
number={1},
year={2018}
}

March 2017 ACM Internet Measurement Conference (IMC)

A Look at Infrastructure Geolocation in Public and Commercial Databases

Manaf Gharaibeh Anant Shah Bradley Huffaker Han Zhang Roya Ensafi Christos Papadopoulos

PDF

@inproceedings{Manaf2017A,
title={A Look at Infrastructure Geolocation in Public and Commercial Databases},
author={Manaf Gharaibeh and Anant Shah and Bradley Huffaker and Han Zhang and Roya Ensafi and Christos Papadopoulos},
booktitle={ACM Internet Measurement Conference},
year={2017}
}

August 2016 USENIX Security Symposium

Identifying and Characterizing Sybils in the Tor Network

Philipp Winter Roya Ensafi Karsten Loesing Nick Feamster

PDF

@inproceedings{Philipp2016Identifying,
title={Identifying and Characterizing Sybils in the Tor Network},
author={Philipp Winter and Roya Ensafi and Karsten Loesing and Nick Feamster},
booktitle={USENIX Security Symposium},
year={2016}
}

August 2014 USENIX Workshop on Free and Open Communications on the Internet (USENIX FOCI)

Global Censorship Detection over the RIPE Atlas Network

Collin Anderson Philipp Winter Roya Ensafi

PDF

@inproceedings{Collin2014Global,
title={Global Censorship Detection over the RIPE Atlas Network},
author={Collin Anderson and Phillipp Winter and Roya Ensafi},
booktitle={USENIX Workshop on Free and Open Communications on the Internet},
year={2014}
}

Web Privacy

We look into how web protocols are deployed and are evolving, while collecting empirical evidence on how websites and 3rd party services collect user data.

May 2019 International World Wide Web Conference (WWW)

The chain of implicit trust: An analysis of the Web third-party resources loading

Muhammad Ikram Rahat Masood Gareth Tyson Kaafar Mohamed Ali Noha Loizon Roya Ensafi

PDF

@inproceedings{065961dc95474ceaa258c117581529ec,
title={The chain of implicit trust: an analysis of the Web third-party resources loading},
author={Muhammad Ikram and Rahat Masood and Gareth Tyson and Kaafar, Mohamed Ali and Noha Loizon and Roya Ensafi},
year={2019},
booktitle={Proceeding WWW ’19 The World Wide Web Conference},
publisher={Association for Computing Machinery (ACM)}
}

Geo Discrimination

The Internet is becoming increasingly regionalized due to sanctions, financial regulations, copyright and licensing rights, perceived abuse, or a perceived lack of customers. For instance, the majority of the news has been either on geoblocking of multimedia products or geolocation-based price discrimination.

We lack a global perspective on the extent of this phenomenon and we are looking at the multitude of ways that netizens can be discriminated while using the Internet-based on their location. An example , we performed the first wide-scale measurement study of geoblocking; our data showed that certain practices by content-delivery networks (CDN) likely contributed to overly aggressive blocking by their customers, resulting in entire national populations being unable to reach valuable sites and content.

November 2018 ACM Internet Measurement Conference (IMC)

403 Forbidden: A Global View of CDN Geoblocking

Allison McDonald Matthew Bernhard Luke Valenta Benjamin VanderSloot Will Scott Nick Sullivan J. Alex Halderman Roya Ensafi

PDF

@inproceedings{Allison2018403,
title={403 Forbidden: A Global View of CDN Geoblocking},
author={Allison McDonald and Matthew Bernhard and Luke Valenta and Benjamin VanderSloot and Will Scott and Nick Sullivan and J. Alex Halderman and Roya Ensafi},
booktitle={ACM Internet Measurement Conference},
year={2018}
}

Country Studies

Sometimes to understand the nuances of security and privacy violations within specific countries, we perform interdisciplinary investigation into uncovering and exposing malpractices by different actors such as governments and service providers.

An example of such study is how the Russian government is gradually building national-level censorship policies on thousands of privately owned ISPs using inexpensive commodity middle-boxes, a trend that we fear other countries with similar topological structure will follow. Our country studies also include work on the Kazakhstan MiTM, Great Cannon, Great Firewall of China, etc.

Russia’s Information Control

How the Russian government is gradually building national-level cen...

Read Report

Kazakhstan’s HTTPS Interception

The Kazakhstan government recently began using a fake root CA to pe...

Read Report

February 2020 Network and Distributed System Security Symposium (NDSS)

Decentralized Control: A Case Study of Russia

Reethika Ramesh Ram Sundara Raman Matthew Bernhard Victor Ongkowijaya Leonid Evdokimov Annie Edmundson S. Sprecher Muhammad Ikram Roya Ensafi

Press: Associated Press CPJ Voice of America MSN ABC News New York Times Washington Post University of Michigan News

PDF

@inproceedings{ndss20-russia,
title={Decentralized Control: A Case Study of Russia},
author={R. Ramesh, R. Sundara Raman, M. Bernhard, V. Ongkowijaya, L. Evdokimov, A. Edmundson, S. Sprecher, M. Ikram, R.Ensafi},
booktitle={Proceedings of the Network and Distributed System Security Symposium, NDSS 2020, San Diego, California, USA},
year={2020}
}

August 2015 USENIX Workshop on Free and Open Communications on the Internet (USENIX FOCI)

An Analysis of China's Great Cannon

Bill Marczak Nicholas Weaver Jakub Dalek Roya Ensafi David Fifield Sarah McKune Arn Rey John Scott-Railton Ron Deibert Vern Paxson

PDF

@inproceedings{Bill2015An,
title={An Analysis of China's Great Cannon},
author={Bill Marczak and Nicholas Weaver and Jakub Dalek and Roya Ensafi and David Fifield and Sarah McKune and Arn Rey and John Scott-Railton and Ron Deibert and Vern Paxson},
booktitle={USENIX Workshop on Free and Open Communications on the Internet},
year={2015}
}

July 2015 Privacy Enhancing Technologies Symposium (PETS)

Analyzing the Great Firewall of China Over Space and Time

Roya Ensafi Philipp Winter Abdullah Mueen Jedidiah R. Crandall

PDF

@inproceedings{Roya2015Analyzing,
title={Analyzing the Great Firewall of China Over Space and Time},
author={Roya Ensafi and Philipp Winter and Abdullah Mueen and Jedidiah R. Crandall},
booktitle={Privacy Enhancing Technologies Symposium},
year={2015}
}

Dual-Use Tech

Security threats have driven rapid progress in the sophistication and deployment of network security technologies, such as firewalls, deep-packet inspection middleboxes (DPIs), and intrusion detection systems (IDSes).

Studying how these technologies are configured and applied, and where they are deployed, can help us better understand how to monitor and defend against interference. An example of such a study is our FilterMap, a novel framework for discovering and monitoring DPI-based filtering at Internet scale, based on the blockpages DPI systems display.

February 2020 Network and Distributed System Security Symposium (NDSS)

Measuring the Deployment of Network Censorship Filters at Global Scale

Ram Sundara Raman Adrian Stoll Jakub Dalek Armin Sarabi Reethika Ramesh Will Scott Roya Ensafi

Press: Censored Planet Michigan CSE

PDF Slides

@inproceedings{filtermap,
title={Measuring the Deployment of Network Censorship Filters at Global Scale},
author={Sundara Raman, Ram and Stoll, Adrian and Dalek, Jakub and Sarabi, Armin and Ramesh, Reethika and Scott, Will and Ensafi, Roya},
booktitle={Proceedings of the Network and Distributed System Security Symposium, NDSS 2020, San Diego, California, USA},
year={2020}
}


© 2020 Censored Planet|Terms of Service