The Salmon Project: How to Effectively Counter Internet Censorship Using Proxies with User Trust Levels

The governments of many countries in one way or another restrict citizens' access to information and services on the Internet. Fighting such censorship is an important and difficult task. Usually simple solutions cannot boast high reliability or long-term efficiency. More complex methods of overcoming blocking have disadvantages in terms of usability, low performance, or do not allow you to maintain the quality of Internet use at the proper level.

A group of American scientists from the University of Illinois developed a new method of overcoming blocking, which is based on the use of proxy technology, as well as user segmentation by trust level in order to effectively identify agents working for censors. We present to your attention the main theses of this work.

Description of the approach

Scientists have developed the Salmon tool, a system of proxy servers managed by volunteers from countries without restrictions on the use of the Internet. In order to protect these servers from being blocked by censors, the system uses a special algorithm for assigning users a trust level.

The method involves exposing potential censor agents, who pretend to be ordinary users, in order to find out the IP address of the proxy server and block it. In addition, opposition Sibyl attacks is carried out using the requirements to provide a link to a valid social network account when registering in the system or to receive a recommendation from a user with a high level of trust.

How it works

The censor is supposed to be a state-controlled body that has the ability to take control of any router within the country. It is also assumed that the task of the censor is to block access to certain resources, and not to identify users for further arrests. The system cannot prevent such a development of events in any way - the state has a lot of opportunities to find out what services citizens use. One of them is the use of honeypot servers to intercept communications.

It is also assumed that the state has significant resources, including human resources. The censor can solve tasks that require hundreds or thousands of full-time employees.

A few more basic points:

• The purpose of the system is to allow bypassing the blocking (i.e. providing the IP address of the proxy server) to all users living in regions with online censorship.
• Agents/employees of Internet censorship bodies and departments may try to connect to the system under the guise of ordinary users.
• The censor can block any proxy server whose address becomes known to him.
• The organizers of the Salmon system in this case understand that the censor somehow found out the address of the server.

All this brings us to the description of the three key components of the system to overcome blocking.

1. The system calculates the probability that the user is an agent of censoring organizations. Users who are recognized as such agents with a high probability will be banned.
2. Each user has a level of trust that must be earned. The fastest proxy servers are dedicated to users with the highest levels of trust. In addition, this allows you to separate reliable, time-tested users from newcomers, because it is among them that the agents of the censors are most likely to be.
3. Users with a high level of trust can invite new users to the system. The result is a social graph of reliable users.

Everything is logical: the censor usually needs to block the proxy server here and now, he will not wait for a long time to try to "pump" his agents' accounts in the system. In addition, it is clear that new users may initially receive different levels of trust - for example, friends and relatives of the creators of the project are less likely to cooperate with censoring states.

Trust Levels: Implementation Details

Not only users have a level of trust, but also proxy servers. The system assigns a user with a certain level a server with the same level of trust. At the same time, the level of user confidence can both increase and decrease, and in the case of servers, it only grows.

Every time the censors block the server that a certain user was working with, his level of trust is lowered. Trust increases if the server is not blocked for a long time - with each new level, the required time doubles: to go from level n to n + 1, you need 2n + 1 days of uninterrupted operation of the proxy server. The path to the maximum, sixth, level of trust takes more than two months.

Having to wait that long to find out the addresses of the highest quality proxy servers is an extremely effective countermeasure against censors.

The server's trust level is the minimum level of trust assigned to it by users. For example, if a new server in the system is assigned to users, among which the minimum rating is 2, then the proxy will receive the same. If then a person with a rating of 3 begins to use the server, but users from the second level also remain, then the server rating will be 2. If all users of the server have increased the level, then it also increases for the proxy. At the same time, the server cannot lose the level of trust, on the contrary, if it is blocked, users will be fined.

Users with a high level of trust receive two types of rewards. First, the servers are not the same. There are minimum bandwidth requirements (100 Kbps), but a volunteer server owner can offer more - there is no upper limit. The Salmon system selects the most productive servers for users with the highest rating.

In addition, users with a high level of trust are better isolated from censor attacks, because the censor has to wait for months to figure out the proxy address. As a result, the probability of blocking servers for high-risk people is many times lower than for those with low trust.

In order to connect as many deserving users as possible to the best proxies, the creators of Salmon developed a recommender system. Users with a high rating (L) can invite their friends to join the platform. Invited people receive an L-1 rating.

The recommender system works in waves. The first wave of invited users gets the opportunity to invite their friends only after about four months. Users from the second and subsequent waves must wait 2 months.

System modules

The system consists of three components:

• Salmon client for Windows;
• a server daemon installed by volunteers (Windows and Linux versions);
• A central directory server that keeps a database of all proxy servers and distributes IP addresses to users.

System client application interface

In order to use the system, a person must create an account using a Facebook account.

Conclusion

To date, the Salmon method has not been widely adopted, with only small pilot projects known to users in Iran and China. Despite the fact that this is an interesting project, it does not fully provide anonymity, protection of volunteers, and the creators themselves admit that it is subject to attacks using honeypot services. Nevertheless, the implementation of a system with levels of trust looks like an interesting experiment that can be continued.

That's all for today, thank you for your attention!

Useful links and materials from Infatica:

• Experiment: is it possible to reduce the negative effects of DoS attacks using a proxy
• Research: Creating a block-resistant proxy service using game theory
• The history of the fight against censorship: how the flash proxy method created by scientists from MIT and Stanford works
• How to understand when proxies are lying: verification of physical locations of network proxies using the active geolocation algorithm
• How to disguise yourself on the Internet: comparing server and residential proxies

Source: habr.com