Off-campus UMass Amherst users: To download campus access dissertations, please use the following link to log into our proxy server with your UMass Amherst user name and password.

Non-UMass Amherst users: Please talk to your librarian about requesting this dissertation through interlibrary loan.

Dissertations that have an embargo placed on them will not be available to anyone until the embargo expires.

Author ORCID Identifier

https://orcid.org/0000-0002-4050-7012

AccessType

Open Access Dissertation

Document Type

dissertation

Degree Name

Doctor of Philosophy (PhD)

Degree Program

Computer Science

Year Degree Awarded

2022

Month Degree Awarded

May

First Advisor

Phillipa Gill

Subject Categories

OS and Networks | Other Computer Sciences

Abstract

The Internet has emerged as one of the most important tools of communication. With around 4.5 billion active users as of July 2020, it provides people the opportunity to access a vast treasure trove of information and express their opinions online. How- ever, some countries consider the Internet as a critical communication medium and attempt to deploy network interference strategies. National governments, in particular, are notorious for their attempts to impose restrictions on online communication. Further, certain Internet service providers (ISPs) have been known to throttle specific applications and violate net neutrality principles.

Alongside the proliferation of network interference and an increasing awareness of the security and privacy of users over the Internet, we have seen a rise in the usage of network traffic encryption technologies. However, even with encryption enabled, network interference is still possible due to the information leakage of the DNS and TLS protocols. To this end, a rich ecosystem of DNS/TLS improvements has come to light with the purpose of improving user privacy by obfuscating the domains a user visits. These protocols have the potential to render certain forms of censorship ineffective.

In this dissertation, I will describe my contributions towards understanding net-work interference, including Internet censorship, as well as the throttling of specific network applications (traffic differentiation). I develop a network measurement platform that enables monitoring of network interference globally on an ongoing basis. I then focus on understanding the DNS censorship behavior of the Great Firewall of China (GFW) by leveraging remote network measurement techniques. Additionally, I investigate the prevalence of traffic differentiation practices and how they impact popular video streaming applications. I demonstrate that network interference is prevalent even with encryption enabled. This has led to the development of DNS and TLS improvements that aim to enhance user privacy and security. I review two recent proposals, namely DNS over HTTPS/TLS (DoH/DoT) and Encrypted Server Name Indication (ESNI), and investigate their potential to mitigate network interference and improve user privacy.

DOI

https://doi.org/10.7275/28406713

Creative Commons License

Creative Commons Attribution 4.0 License
This work is licensed under a Creative Commons Attribution 4.0 License.

Share

COinS