Censorship Wiki. https://censorshipwiki.torproject.org.
 Linux kernel source tree. http://git.kernel. org/cgit/linux/kernel/git/torvalds/linux.git/ tree/net/ipv4/inet_connection_sock.c?h= 4d0fa8a0f01272d4de33704f20303dcecdb55df1#n562.
 tcp(7) - Linux man page. http://linux.die.net/man/7/tcp.
 Extensive Analysis and Large-Scale Empirical Evaluation of Tor Bridge Discovery. In INFOCOM, Orlando, FL, USA, 2012. IEEE.
 Alexa. Alexa top sites in China. http://www.alexa.com/ topsites/countries/CN.
 C. Anderson, P. Winter, and Roya. Global censorship detection over the RIPE Atlas network. In Free and Open Communications on the Internet. USENIX, 2014.
 Anonymous. Towards a comprehensive picture of the Great Firewall’s DNS censorship. In Free and Open Communications on the Internet. USENIX, 2014.
 Antirez. new TCP scan method, 1998.
 W. Chen, Y. Huang, B. F. Ribeiro, K. Suh, H. Zhang, E. de Souza e Silva, J. Kurose, and D. Towsley. Exploiting the IPID field to infer network path and end-system characteristics. In Passive and Active Network Measurement. Springer, 2005.
 China internet and mobile phone users. Available at http: //www.procurasia.com/china-industrial-sourcing/chinastatistics- corner/china-internet-users/.
 R. Clayton, S. J. Murdoch, and R. N. M. Watson. Ignoring the Great Firewall of China. In Privacy Enhancing Technologies. Springer, 2006.
 J. R. Crandall, D. Zinn, M. Byrd, E. Barr, and R. East. ConceptDoppler: A weather tracker for Internet censorship. In Computer and Communications Security. ACM, 2007.
 A. Dainotti, C. Squarcella, E. Aben, K. C. Claffy, M. Chiesa, M. Russo, and A. Pescapé. Analysis of country-wide Internet outages caused by censorship. In Internet Measurement Conference. ACM, 2011.
 J. Dalek, B. Haselton, H. Noman, A. Senft, M. Crete- Nishihata, P. Gill, and R. J. Deibert. A method for identifying and confirming the use of URL filtering products for censorship. In Internet Measurement Conference. ACM, 2013.
 R. Dingledine, N. Mathewson, and P. Syverson. Tor: the second-generation onion router. In USENIX Security Symposium. USENIX Association, 2004.
 Z. Durumeric, E. Wustrow, and J. A. Halderman. ZMap: fast Internet-wide scanning and its security applications. In USENIX Security Symposium. USENIX Association, 2013.
 R. Ensafi, J. Knockel, G. Alexander, and J. R. Crandall. Detecting intentional packet drops on the Internet via TCP/IP side channels: Extended version. CoRR, abs/1312.5739, 2013. Available at http://arxiv.org/abs/1312.5739.
 R. Ensafi, J. Knockel, G. Alexander, and J. R. Crandall. Detecting intentional packet drops on the internet via TCP/IP side channels. In Passive and Active Measurement Conference. Springer, 2014.
 R. Ensafi, J. C. Park, D. Kapur, and J. R. Crandall. Idle port scanning and non-interference analysis of network protocol stacks using model checking. In USENIX Security Symposium. USENIX Association, 2010.
 E. Katz-Bassett, H. V. Madhyastha, V. K. Adhikari, C. Scott, J. Sherry, P. Van Wesep, T. Anderson, and A. Krishnamurthy. Reverse Traceroute. In Networked Systems Design & Implementation. USENIX Association, 2010.
 S. Khattak, M. Javed, P. D. Anderson, and V. Paxson. Towards illuminating a censorship monitor’s model to facilitate evasion. In Free and Open Communications on the Internet. USENIX Association, 2013.
 G. Lowe, P. Winters, and M. L. Marcus. The Great DNS wall of China. Technical report, New York University, 2007.
 G. Lyon. Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning. Insecure.Org LLC, Sunnyvale, CA, USA, 2009.
 H. V. Madhyastha, T. Isdal, M. Piatek, C. Dixon, T. Anderson, A. Krishnamurthy, and A. Venkataramani. iPlane: An information plane for distributed services. In Operating Systems Design and Implementation. USENIX Association, 2006.
 Z. M. Mao, J. Rexford, J. Wang, and R. H. Katz. Towards an accurate AS-level traceroute tool. In SIGCOMM ’03: Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications, pages 365-378, New York, NY, USA, 2003. ACM Press.
 Global RIPE Atlas Network Coverage. Available at https: //atlas.ripe.net/results/maps/network-coverage/.
 World map of PlanetLab nodes. Available at https://www. planet-lab.org/generated/World50.png.
 The DIMES project: Active Agents by Countries in Last 7 Days. Available at http://www.netdimes.org/new/?q= node/52.
 M-Lab Platform: Server Map. Available at http://www. measurementlab.net/infrastructure.
 MaxMind - GeoIP2 City Accuracy. Available at https:// www.maxmind.com/en/geoip2-city-database-accuracy.
 M. Morbitzer. TCP idle scans in IPv6. Master’s thesis, Radboud University Nijmegen, The Netherlands, 2013.
 D. Nobori and Y. Shinjo. VPN gate: A volunteer-organized public vpn relay system with blocking resistance for bypassing government censorship firewalls. In Networked Systems Design and Implementation. USENIX, 2014.
 J. C. Park and J. R. Crandall. Empirical study of a nationalscale distributed intrusion detection system: Backbone-level filtering of HTML responses in China. In Distributed Computing Systems. IEEE, 2010.
 T. H. Ptacek and T. N. Newsham. Insertion, evasion, and denial of service: Eluding network intrusion detection. Technical report, Secure Networks, Inc., 1998.
 Z. Qian and Z. M. Mao. Off-path TCP sequence number inference attack. In Security & Privacy. IEEE, 2012.
 Z. Qian, Z. M. Mao, Y. Xie, and F. Yu. Investigation of triangular spamming: a stealthy and efficient spamming technique. In Symposium on Security and Privacy. IEEE, 2010.
 S. Sanfilippo. hping. http://www.hping.org, 2006.
 Sparks, Neo, Tank, Smith, and Dozer. The collateral damage of internet censorship by dns injection. SIGCOMM Computer Communication Review, 42(3):21-27, 2012. [Web of Science]
 The Tor Project. Relay descriptor archives. https://metrics. torproject.org/data.html#relaydesc.
 The Tor Project. Tor metrics - direct users by country. https://metrics.torproject.org/userstats-relay-country.html? graph=userstats-relay-country&start=2014-01-01&end= 2014-07-01&country=cn&events=off.
 Tokachu. The not-so-great firewall of China. 2600 Magazine, Winter 2006-2007.
 TorStatus. Tor network status. http://torstatus.blutmagie. de.
 G. Walton. China’s golden shield : corporations and the development of surveillance technology in the People’s Republic of China. International Centre for Human Rights and Democratic Development, 2001.
 Y. A. Wang, C. Huang, J. Li, and K. W. Ross. Queen: Estimating packet loss rate between arbitrary internet hosts. In Passive and Active Network Measurement. Springer, 2009.
 N. Weaver, R. Sommer, and V. Paxson. Detecting Forged TCP Reset Packets. In Network and Distributed System Security. The Internet Society, 2009.
 P. Winter and S. Lindskog. How the Great Firewall of China is blocking Tor. In Free and Open Communications on the Internet. USENIX Association, 2012.
 J. Wright. Regional variation in Chinese internet filtering. Technical report, University of Oxford, 2012.
 X. Xu, Z. M. Mao, and J. A. Halderman. Internet censorship in china: Where does the filtering occur? In Passive and Active Measurement Conference. Springer, 2011.
Published Online: 2015-04-18
Published in Print: 2015-04-01
Citation Information: Proceedings on Privacy Enhancing Technologies. Volume 2015, Issue 1, Pages 61–76, ISSN (Online) 2299-0984, DOI: https://doi.org/10.1515/popets-2015-0005, April 2015
© 2015. This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 3.0 License. (CC BY-NC-ND 3.0)