Countering a flaw in anti-censorship tools to improve global internet freedom

A newly identified time-based vulnerability exposes a widely used technique to evade internet censorship, University of Michigan researchers have found.
The findings emphasize the need to develop more robust countermeasures for the millions of people in heavily censored regions who rely on evasion techniques.
“In an era where internet censorship is increasing, ensuring that people can communicate freely and safely is more crucial than ever. This research aims to strengthen the tools that allow individuals in censored regions to access information without restrictions,” said Roya Ensafi, an associate professor of computer science and engineering at U-M and co-corresponding author of the study. The team presented the findings at the Network and Distributed System Security Symposium in San Diego, California.
The researchers focused on obfuscated proxies, which provide user-friendly access to the free flow of information by connecting to a server outside the censoring jurisdiction. Compared to traditional proxies, an obfuscated proxy adds an extra layer of obfuscation to prevent detection and blocking by censors and firewalls.
A potential adversary could detect proxy traffic by looking for a particular time discrepancy between two Open Systems Interconnection (OSI) layers—the steps computers follow when communicating over a network. This unique timing pattern creates a “fingerprint” that is shared by all proxied connections, regardless of their choice of communication or obfuscation protocols.
When a user visits a website through a proxy, the user maintains a session directly with the web server, known as the application layer. However, the transport layer (TCP), which sits below the application and handles the actual data transmission, is broken into two parts—communicating between client and proxy and proxy to server.
This creates different round-trip times, the time between a web request and a response from a server, for the two layers. Censors can pick up on this difference, getting around previously successful obfuscation techniques.
To test the vulnerability, the research team took up the censor role, leveraging a mixture of experimental and real user proxy requests across eight geographic locations. Round-trip times were used to evaluate whether results aligned more with what we expect from a direct connection or a proxy.
During the study, 80% of the 5,000 most frequently accessed websites generated a detectable fingerprint while using an obfuscated proxy. While round-trip time differences are greater when the proxy server is geographically further away from the web server, the differences exist across all geographic regions when a proxy is used.
Unlike previous methods that may target specific proxy protocols, the fingerprint approach works for a wide range of proxies, broadening the scope of its applicability.
“By emphasizing timing aspects, this method reveals fundamental flaws in current proxy obfuscation techniques, highlighting an area previously under-explored in circumvention tool development,” said Diwen Xue, a doctoral student of computer science and engineering at U-M and lead author of the study.
One workaround could be to delay the acknowledgement receipt in the transmission step by 500 milliseconds, the maximum time allowed. This reduces the time difference between the transmission and application layer.
Multiplexing, firing multiple requests off at once and receiving responses at any order, can also lower detection risk by creating uncertainty. While these methods could help reduce detection in the short-term, the researchers caution they could create a fingerprint of their own.
“In the long term, a more principled countermeasure requires not only mitigating specific fingerprints, but realistically simulating the timing patterns of ‘normal’ traffic. Defining and quantifying this normality however remains an active area of research,” said Xue.
This research was supported in part by the National Science Foundation (Grant Numbers CNS-2237552; CNS-2141512).
Full citation: “The discriminative power of cross-layer RTTs in fingerprinting proxy traffic,” Diwen Xue, Robert Stanley, Piyush Kumar, and Roya Ensafi, Network and Distributed System Security Symposium (2025). DOI: 10.14722/ndss.2025.240966