Censorship systems generally operate in a deterministic fashion: they aim to block all content that matches the target criteria. The GC, on the other hand — at least for this particular attack — appears to act probabilistically, and ignores most of the traffic it could act on. In one test, it completely ignored all traffic from one of four measurement IP addresses, and on the three other measurement IP addresses it only responded to 526 requests out of an initial 30,000 from the three (1.75%).
审 查系统通常是决定性的风格:他们的目标是阻挡所有匹配上目标标准的内容。巨炮,另一方面——至少是对于这个特别的攻击而言——表现出了概率性的行动,忽略 了绝大部分可以展开行动的流量。在一次测试中,巨炮完全忽略了所有从四个测量IP地址中的一个中发出的通信,对于其他三个测量IP地址,巨炮只响应了初始 30000个请求中的526个请求(1.75%)。
The cache capacity test also provides evidence that the GC’s probabilistic choice occurs on the decision to act on a particular flow, and not as some sort of pre-filter for reducing analysis load. When we succeeded in completely filling the flow cache, subsequently injected packets occurred for different source ports than in the initial test. If the GC only intercepted a subset of flows to the target IP address, we would expect subsequent injections to appear for the same flows, since most schemes to probabilistically select flows for interception (such as hashing the connection 4-tuple) would select the same set of flows the second time around.
缓存能力测试也提供了关于巨炮在决定对一个特别的流行动时的概率化选择的证据,测试过程中并没有为了降低分析负担的预先过滤。当我们成功塞满了流缓存时,有序的注入的包出现了,针对不同的源端口,这点和初始测试不同。
24/26 首页 上一页 22 23 24 25 26 下一页 尾页
|