It is hardly a secret that China is filtering what their people can see on the internet. This censorship is used to control propaganda, control sentiments, and to silence unfavorable views to the government.
This paper seeks to discover where this filtering takes place.
Some terms before diving into the paper:
AS - Autonomous System, a collection of IP routing prefixes that have a clear routing policy to the internet. These are assigned a number, and each ISP has at least one.
Border AS - these AS connect to ASes from other countries.
Internal AS - these AS connect to ASes within the country.
IDS - Intrusion Detection System - these devices are what the paper is looking for, and effectively create the filter.
The paper is primarily separated into two parts, first getting a better understanding of China's AS Topology, then finding out which ASes the IDSes are attached to. In getting a better sense of China's AS Topology, the paper describes lots of research into which ASes belong to China and all that good stuff. Basically, they find that most ASes are internal (138) with 24 border ASes and 92 external ASes, with 133 unique peerings with external ASes. Another interesting result is that treating each border AS as the root of a tree, the maximum depth is 2, where only 18 ASes are at level 2. This shows that almost all ASes are either a border AS or connected directly to a border AS. This is significant as it shows that the easiest way for the Great Firewall of China to menace over its citizens is by setting itself up at these border ASes.
The second part of the paper describes a method to find out which ASes the IDSes are attached to - they simply send HTTP GET requests with known keywords that trigger the firewall and procure the IP address from where interference is sent. This is done to a variety of websites all over the country. Here, they find that almost all of the IDSes belong to the border ASes, with only 2.9% belonging to internal ASes. This shows that there is not very much domestic filtering, but mostly external filtering.
Overall, the paper is pretty informational - however, it constantly laments the difficulty in getting complete data. The paper also expects an understanding of networking terms and concepts (RST packets, AS, BGP, etc) which can be explained pretty quickly, greatly expanding the target audience of the paper as the topic is quite controversial and brought up often. Results are pretty consistent with their hypotheses. While the paper does not seek methods of bypassing the filter, it does mention that it is the "first study dedicated to explore both AS and router-level structures of China's censored network," and thus it seems it may be prudent to suggest how this information may contribute to the difficulties in bypassing the firewall. In fact, the paper never mentions (as far as I know) what else can be done in the topic for the future.
This paper seemed rather limited in scope, and had little confidence in its own results. They even admit that one of their central findings, that there is content filtering in so-called Internal As's, might be a result of an error. Though it is clearly difficult to ascertain much information about the GFC, this paper doesn't really offer much as far as I can tell, and completely lacks any recommendations for further work.
ReplyDeleteThey did say something about how their observations are worth further investigation, but the only observations I saw that were meaningful were that most of their firewalls were in heavy traffic areas, and that China offloads most of its peering devices to neighboring countries, neither of which take a whole lot of investigation to figure out answers to. I thought that they did a really good job doing the investigation, but as Max said, they didn't really show confidence in their results.
ReplyDeleteI mostly agree with the previous two posts. I went into and came out of this paper thinking the same thing: what's the point? There was a very limited scope in the research done, results were unconfident, and there don't seem to be any real implications from the paper. Is this a survey of the inner workings of the GFC? Can we glean more information about China's network topology and censorship from these findings? It's hard to say.
ReplyDeleteI totally agree with what other comments indicated. This paper could be meaningful in terms of showing the structures of Chinese censored network. Also this paper shows that most filtering in China occurs not surprisingly in border ASes and censorship is happened more in provincial devices than backbones. And that is pretty much it.
ReplyDeleteIn terms of censorship of distributed data, I have some questions. What if encrypted data is passed to Chinese network? Can it be censored?
If some distributed data are censored, what happen to those data and users of it?
I know that the http packets traveling through the censorship network will be checked for sensitive content/keywords. if such contents are detected, the TCP packet will be dropped, the system will create some fake packets to both the sender and the receiver, so that the connection is interrupted. if you use HTTPS protocol, however, such mechanism may fail, because the packets will have their data encrypted.
DeleteI actually liked the idea of the paper. And, as Jin pointed out, it was meaningful and relevant in showing the basic structure of the Chinese censored network. I think it achieved the objective of the paper....basically it's a measurement paper (and therefore rightly, informational by nature) and it need not go beyond it (for e.g. be a candidate for further work etc). Only place where I was disheartened was that there were no real surprises in the results. All said the "Great Wall of China" is literally and even actually insurmountable (as compared to temporary firewalls imposed by many other countries) and I agree with David that it's a commendable piece of work in difficult terrain and gives us a quite clear understanding of the "Unknown".
ReplyDelete