[{"has_accepted_license":"1","year":"2026","citation":{"apa":"Lange, F., Niere, N., &#38; Somorovsky, J. (2026). <i>Towards Automated DNS Censorship Circumvention</i>. Free and Open Communications on the Internet, Virtual.","ama":"Lange F, Niere N, Somorovsky J. Towards Automated DNS Censorship Circumvention. In: ; 2026.","bibtex":"@inproceedings{Lange_Niere_Somorovsky_2026, title={Towards Automated DNS Censorship Circumvention}, author={Lange, Felix and Niere, Niklas and Somorovsky, Juraj}, year={2026} }","short":"F. Lange, N. Niere, J. Somorovsky, in: 2026.","mla":"Lange, Felix, et al. <i>Towards Automated DNS Censorship Circumvention</i>. 2026.","chicago":"Lange, Felix, Niklas Niere, and Juraj Somorovsky. “Towards Automated DNS Censorship Circumvention,” 2026.","ieee":"F. Lange, N. Niere, and J. Somorovsky, “Towards Automated DNS Censorship Circumvention,” presented at the Free and Open Communications on the Internet, Virtual, 2026."},"date_updated":"2026-02-21T10:20:16Z","oa":"1","author":[{"full_name":"Lange, Felix","id":"67893","last_name":"Lange","first_name":"Felix"},{"first_name":"Niklas","last_name":"Niere","full_name":"Niere, Niklas","id":"63563"},{"full_name":"Somorovsky, Juraj","id":"83504","last_name":"Somorovsky","orcid":"0000-0002-3593-7720","first_name":"Juraj"}],"date_created":"2026-02-20T14:35:34Z","title":"Towards Automated DNS Censorship Circumvention","conference":{"end_date":"2026-02-19","location":"Virtual","name":"Free and Open Communications on the Internet","start_date":"2026-02-19"},"main_file_link":[{"url":"https://www.petsymposium.org/foci/2026/foci-2026-0001.pdf","open_access":"1"}],"type":"conference","abstract":[{"lang":"eng","text":"Censorship is employed by many governments and ISPs worldwide, with an increasing trend in recent years. One of the most censored protocols is DNS: censors target unencrypted and encrypted DNS to prevent clients from resolving the domain name of unwanted websites. Despite much research on DNS censorship, only a few tools can circumvent it.To support users affected by DNS censorship, we present DPYProxy-DNS, a DNS resolver that automatically detects and employs a working DNS censorship circumvention. We demonstrate the effectiveness of DPYProxy-DNS by automatically circumventing DNS censorship in China and Iran and analyzing DNS censorship mechanisms in these countries. Our analyses re veal that DNS censorship in Iran is ineffective against encrypted DNS. In China, DPYProxy-DNS revealed two consistently working circumvention techniques for unencrypted DNS: TCP segmentation for DNS over TCP and ignoring DNS responses injected by the Great Firewall of China (GFW). Our findings reveal varying levels of DNS censorship across different countries, underscoring the importance of the automated circumvention approach we provide with DPYProxy-DNS."}],"status":"public","file":[{"date_updated":"2026-02-21T10:20:16Z","date_created":"2026-02-20T14:34:05Z","creator":"nniklas","file_size":775133,"file_name":"foci-2026-0001.pdf","file_id":"64568","access_level":"open_access","content_type":"application/pdf","relation":"main_file"}],"_id":"64566","user_id":"63563","ddc":["006"],"language":[{"iso":"eng"}],"file_date_updated":"2026-02-21T10:20:16Z"},{"status":"public","file":[{"relation":"main_file","success":1,"content_type":"application/pdf","file_id":"58802","access_level":"closed","file_name":"foci-2025-0002.pdf","file_size":535700,"date_created":"2025-02-24T08:07:59Z","creator":"flange","date_updated":"2025-02-24T08:07:59Z"}],"abstract":[{"lang":"eng","text":"Iran employs one of the most prominent Internet censors in the world. An important part of Iran’s censorship apparatus is its analysis of unencrypted protocols such as HTTP and DNS. During routine evaluations of Iran’s HTTP and DNS censorship, we noticed several properties we believe to be unknown today. For instance, we found injections of correct static IPs for some domains such as google.com on the DNS level, unclear HTTP version parsing, and correlations between DNS and HTTP censorship. In this paper, we present our findings to the community and discuss possible takeaways for affected people and the censorship circumvention community. As some of our findings left us bewildered, we hope to ignite a discussion about Iran’s censorship behavior. We aim to use the discussion of our work to execute a thorough analysis and explanation of Iran’s censorship behavior in the future."}],"publication":"Proceedings on Privacy Enhancing Technologies","type":"conference","language":[{"iso":"eng"}],"file_date_updated":"2025-02-24T08:07:59Z","ddc":["006"],"department":[{"_id":"632"}],"user_id":"63563","_id":"58801","citation":{"apa":"Lange, F., Niere, N., von Niessen, J., Suermann, D., Heitmann, N., &#38; Somorovsky, J. (2025). I(ra)nconsistencies: Novel Insights into Iran’s Censorship. <i>Proceedings on Privacy Enhancing Technologies</i>. Free and Open Communications on the Internet, Virtual.","bibtex":"@inproceedings{Lange_Niere_von Niessen_Suermann_Heitmann_Somorovsky_2025, title={I(ra)nconsistencies: Novel Insights into Iran’s Censorship}, booktitle={Proceedings on Privacy Enhancing Technologies}, author={Lange, Felix and Niere, Niklas and von Niessen, Jonathan and Suermann, Dennis and Heitmann, Nico and Somorovsky, Juraj}, year={2025} }","mla":"Lange, Felix, et al. “I(Ra)Nconsistencies: Novel Insights into Iran’s Censorship.” <i>Proceedings on Privacy Enhancing Technologies</i>, 2025.","short":"F. Lange, N. Niere, J. von Niessen, D. Suermann, N. Heitmann, J. Somorovsky, in: Proceedings on Privacy Enhancing Technologies, 2025.","ama":"Lange F, Niere N, von Niessen J, Suermann D, Heitmann N, Somorovsky J. I(ra)nconsistencies: Novel Insights into Iran’s Censorship. In: <i>Proceedings on Privacy Enhancing Technologies</i>. ; 2025.","chicago":"Lange, Felix, Niklas Niere, Jonathan von Niessen, Dennis Suermann, Nico Heitmann, and Juraj Somorovsky. “I(Ra)Nconsistencies: Novel Insights into Iran’s Censorship.” In <i>Proceedings on Privacy Enhancing Technologies</i>, 2025.","ieee":"F. Lange, N. Niere, J. von Niessen, D. Suermann, N. Heitmann, and J. Somorovsky, “I(ra)nconsistencies: Novel Insights into Iran’s Censorship,” presented at the Free and Open Communications on the Internet, Virtual, 2025."},"year":"2025","quality_controlled":"1","has_accepted_license":"1","conference":{"name":"Free and Open Communications on the Internet","start_date":"2025-02-20","end_date":"2025-02-20","location":"Virtual"},"main_file_link":[{"open_access":"1","url":"https://www.petsymposium.org/foci/2025/foci-2025-0002.pdf"}],"title":"I(ra)nconsistencies: Novel Insights into Iran’s Censorship","author":[{"full_name":"Lange, Felix","id":"67893","last_name":"Lange","first_name":"Felix"},{"id":"63563","full_name":"Niere, Niklas","last_name":"Niere","first_name":"Niklas"},{"first_name":"Jonathan","full_name":"von Niessen, Jonathan","last_name":"von Niessen"},{"full_name":"Suermann, Dennis","last_name":"Suermann","first_name":"Dennis"},{"first_name":"Nico","id":"74619","full_name":"Heitmann, Nico","orcid":"0009-0003-7687-7044","last_name":"Heitmann"},{"first_name":"Juraj","last_name":"Somorovsky","orcid":"0000-0002-3593-7720","full_name":"Somorovsky, Juraj","id":"83504"}],"date_created":"2025-02-24T08:09:56Z","oa":"1","date_updated":"2025-05-06T13:48:32Z"},{"type":"conference","status":"public","user_id":"63563","department":[{"_id":"632"}],"_id":"59824","file_date_updated":"2025-05-06T13:51:45Z","has_accepted_license":"1","citation":{"short":"N. Niere, F. Lange, R. Merget, J. Somorovsky, in: 2025 IEEE Symposium on Security and Privacy (SP), 2025.","bibtex":"@inproceedings{Niere_Lange_Merget_Somorovsky_2025, title={Transport Layer Obscurity: Circumventing SNI Censorship on the TLS-Layer}, DOI={<a href=\"https://doi.org/10.1109/SP61157.2025.00151\">10.1109/SP61157.2025.00151</a>}, booktitle={2025 IEEE Symposium on Security and Privacy (SP)}, author={Niere, Niklas and Lange, Felix and Merget, Robert and Somorovsky, Juraj}, year={2025} }","mla":"Niere, Niklas, et al. “Transport Layer Obscurity: Circumventing SNI Censorship on the TLS-Layer.” <i>2025 IEEE Symposium on Security and Privacy (SP)</i>, 2025, doi:<a href=\"https://doi.org/10.1109/SP61157.2025.00151\">10.1109/SP61157.2025.00151</a>.","apa":"Niere, N., Lange, F., Merget, R., &#38; Somorovsky, J. (2025). Transport Layer Obscurity: Circumventing SNI Censorship on the TLS-Layer. <i>2025 IEEE Symposium on Security and Privacy (SP)</i>. 46th IEEE Symposium on Security and Privacy, San Francisco. <a href=\"https://doi.org/10.1109/SP61157.2025.00151\">https://doi.org/10.1109/SP61157.2025.00151</a>","ama":"Niere N, Lange F, Merget R, Somorovsky J. Transport Layer Obscurity: Circumventing SNI Censorship on the TLS-Layer. In: <i>2025 IEEE Symposium on Security and Privacy (SP)</i>. ; 2025. doi:<a href=\"https://doi.org/10.1109/SP61157.2025.00151\">10.1109/SP61157.2025.00151</a>","chicago":"Niere, Niklas, Felix Lange, Robert Merget, and Juraj Somorovsky. “Transport Layer Obscurity: Circumventing SNI Censorship on the TLS-Layer.” In <i>2025 IEEE Symposium on Security and Privacy (SP)</i>, 2025. <a href=\"https://doi.org/10.1109/SP61157.2025.00151\">https://doi.org/10.1109/SP61157.2025.00151</a>.","ieee":"N. Niere, F. Lange, R. Merget, and J. Somorovsky, “Transport Layer Obscurity: Circumventing SNI Censorship on the TLS-Layer,” presented at the 46th IEEE Symposium on Security and Privacy, San Francisco, 2025, doi: <a href=\"https://doi.org/10.1109/SP61157.2025.00151\">10.1109/SP61157.2025.00151</a>."},"author":[{"first_name":"Niklas","last_name":"Niere","full_name":"Niere, Niklas","id":"63563"},{"full_name":"Lange, Felix","id":"67893","last_name":"Lange","first_name":"Felix"},{"full_name":"Merget, Robert","last_name":"Merget","first_name":"Robert"},{"first_name":"Juraj","orcid":"0000-0002-3593-7720","last_name":"Somorovsky","full_name":"Somorovsky, Juraj","id":"83504"}],"date_updated":"2025-06-02T12:03:51Z","oa":"1","conference":{"end_date":"2025-05-14","location":"San Francisco","name":"46th IEEE Symposium on Security and Privacy","start_date":"2025-05-12"},"doi":"10.1109/SP61157.2025.00151","publication":"2025 IEEE Symposium on Security and Privacy (SP)","file":[{"relation":"main_file","content_type":"application/pdf","file_size":463431,"file_id":"59826","file_name":"TLS_Obscurity.pdf","access_level":"open_access","date_updated":"2025-05-06T13:51:45Z","date_created":"2025-05-06T13:49:35Z","creator":"nniklas"}],"abstract":[{"lang":"eng","text":"HTTPS composes large parts of today’s Internet traffic and has long been subject to censorship efforts in different countries. While censors analyze the Transport Layer Security (TLS) protocol to block encrypted HTTP traffic, censorship circumvention efforts have primarily focused on other protocols such as TCP. In this paper, we hypothesize that the TLS protocol offers previously unseen opportunities for censorship circumvention techniques. We tested our hypothesis by proposing possible censorship circumvention techniques that act on the TLS protocol. To validate the effectiveness of these techniques, we evaluate their acceptance by popular TLS servers and successfully demonstrate that these techniques can circumvent censors in China and Iran. In our evaluations, we discovered 38—partially standard-compliant—distinct censorship circumvention techniques, which we could group into 11 unique categories. Additionally, we provide novel insights into how China censors TLS traffic by presenting evidence of at least three distinct censorship appliances. We suspect that other parts of China’s censorship apparatus and other censors exhibit similar structures and advocate future censorship research to anticipate them. With this work, we hope to aid people affected by censorship and stimulate further\r\nresearch into censorship circumvention using cryptographic protocols."}],"language":[{"iso":"eng"}],"ddc":["006"],"year":"2025","date_created":"2025-05-06T13:40:50Z","title":"Transport Layer Obscurity: Circumventing SNI Censorship on the TLS-Layer"},{"type":"conference","abstract":[{"lang":"eng","text":"Censors have long censored Transport Layer Security (TLS) traffic by inspecting the domain name in the unencrypted Server Name Indication (SNI) extension. By encrypting the SNI extension, the Encrypted ClientHello (ECH) prevents censors from blocking TLS traffic to certain domains. Despite this promising outlook, ECH’s current capability to contest TLS censorship is unclear; for instance, Russia has started censoring ECH connections successfully. This paper clarifies ECH’s current role for TLS censorship. To this end, we evaluate servers’ support for ECH and its analysis and subsequent blocking by censors. We determine Cloudflare as the only major provider supporting ECH. Additionally, we affirm previously known ECH censorship in Russia and uncover indirect censorship of ECH through encrypted DNS censorship in China and Iran. Our findings suggest that ECH’s contribution to censorship circumvention is currently limited: we consider ECH’s dependence on encrypted DNS especially challenging for ECH’s capability to circumvent censorship. We stress the importance of censorship-resistant ECH to solve the long-known problem of SNI-based TLS censorship."}],"file":[{"content_type":"application/pdf","relation":"main_file","date_created":"2025-07-03T07:11:14Z","creator":"nniklas","date_updated":"2025-10-23T14:26:38Z","file_id":"60505","access_level":"open_access","file_name":"foci-2025-0016.pdf","file_size":755171}],"status":"public","_id":"60503","user_id":"63563","ddc":["006"],"keyword":["censorship","circumvention","ECH","TLS"],"language":[{"iso":"eng"}],"file_date_updated":"2025-10-23T14:26:38Z","has_accepted_license":"1","year":"2025","citation":{"mla":"Niere, Niklas, et al. <i>Encrypted Client Hello (ECH) in Censorship Circumvention</i>. 2025.","short":"N. Niere, F. Lange, N. Heitmann, J. Somorovsky, in: 2025.","bibtex":"@inproceedings{Niere_Lange_Heitmann_Somorovsky_2025, title={Encrypted Client Hello (ECH) in Censorship Circumvention}, author={Niere, Niklas and Lange, Felix and Heitmann, Nico and Somorovsky, Juraj}, year={2025} }","apa":"Niere, N., Lange, F., Heitmann, N., &#38; Somorovsky, J. (2025). <i>Encrypted Client Hello (ECH) in Censorship Circumvention</i>. Free and Open Communications on the Internet, Washington, D.C.","ama":"Niere N, Lange F, Heitmann N, Somorovsky J. Encrypted Client Hello (ECH) in Censorship Circumvention. In: ; 2025.","ieee":"N. Niere, F. Lange, N. Heitmann, and J. Somorovsky, “Encrypted Client Hello (ECH) in Censorship Circumvention,” presented at the Free and Open Communications on the Internet, Washington, D.C., 2025.","chicago":"Niere, Niklas, Felix Lange, Nico Heitmann, and Juraj Somorovsky. “Encrypted Client Hello (ECH) in Censorship Circumvention,” 2025."},"oa":"1","date_updated":"2025-10-23T14:26:38Z","author":[{"first_name":"Niklas","id":"63563","full_name":"Niere, Niklas","last_name":"Niere"},{"full_name":"Lange, Felix","id":"67893","last_name":"Lange","first_name":"Felix"},{"first_name":"Nico","full_name":"Heitmann, Nico","id":"74619","orcid":"0009-0003-7687-7044","last_name":"Heitmann"},{"id":"83504","full_name":"Somorovsky, Juraj","orcid":"0000-0002-3593-7720","last_name":"Somorovsky","first_name":"Juraj"}],"date_created":"2025-07-03T07:14:00Z","title":"Encrypted Client Hello (ECH) in Censorship Circumvention","main_file_link":[{"open_access":"1","url":"https://www.petsymposium.org/foci/2025/foci-2025-0016.pdf"}],"conference":{"location":"Washington, D.C.","end_date":"2025-07-14","start_date":"2025-07-14","name":"Free and Open Communications on the Internet"}},{"citation":{"bibtex":"@inproceedings{Müller_Niere_Lange_Somorovsky_2024, place={Bristol}, title={Turning Attacks into Advantages: Evading HTTP Censorship with HTTP Request Smuggling}, booktitle={Proceedings on Privacy Enhancing Technologies}, author={Müller, Philipp and Niere, Niklas and Lange, Felix and Somorovsky, Juraj}, year={2024} }","short":"P. Müller, N. Niere, F. Lange, J. Somorovsky, in: Proceedings on Privacy Enhancing Technologies, Bristol, 2024.","mla":"Müller, Philipp, et al. “Turning Attacks into Advantages: Evading HTTP Censorship with HTTP Request Smuggling.” <i>Proceedings on Privacy Enhancing Technologies</i>, 2024.","apa":"Müller, P., Niere, N., Lange, F., &#38; Somorovsky, J. (2024). Turning Attacks into Advantages: Evading HTTP Censorship with HTTP Request Smuggling. <i>Proceedings on Privacy Enhancing Technologies</i>. Free and Open Communications on the Internet 2024 , Bristol.","ieee":"P. Müller, N. Niere, F. Lange, and J. Somorovsky, “Turning Attacks into Advantages: Evading HTTP Censorship with HTTP Request Smuggling,” presented at the Free and Open Communications on the Internet 2024 , Bristol, 2024.","chicago":"Müller, Philipp, Niklas Niere, Felix Lange, and Juraj Somorovsky. “Turning Attacks into Advantages: Evading HTTP Censorship with HTTP Request Smuggling.” In <i>Proceedings on Privacy Enhancing Technologies</i>. Bristol, 2024.","ama":"Müller P, Niere N, Lange F, Somorovsky J. Turning Attacks into Advantages: Evading HTTP Censorship with HTTP Request Smuggling. In: <i>Proceedings on Privacy Enhancing Technologies</i>. ; 2024."},"place":"Bristol","has_accepted_license":"1","publication_status":"published","conference":{"start_date":"2024-07-15","name":"Free and Open Communications on the Internet 2024 ","location":"Bristol","end_date":"2024-07-15"},"main_file_link":[{"url":"https://www.petsymposium.org/foci/2024/foci-2024-0012.pdf","open_access":"1"}],"author":[{"first_name":"Philipp","last_name":"Müller","full_name":"Müller, Philipp"},{"first_name":"Niklas","last_name":"Niere","id":"63563","full_name":"Niere, Niklas"},{"id":"67893","full_name":"Lange, Felix","last_name":"Lange","first_name":"Felix"},{"first_name":"Juraj","id":"83504","full_name":"Somorovsky, Juraj","last_name":"Somorovsky","orcid":"0000-0002-3593-7720"}],"oa":"1","date_updated":"2024-07-09T07:49:59Z","status":"public","type":"conference","file_date_updated":"2024-07-09T07:42:54Z","department":[{"_id":"632"}],"user_id":"67893","_id":"55137","year":"2024","quality_controlled":"1","title":"Turning Attacks into Advantages: Evading HTTP Censorship with HTTP Request Smuggling","date_created":"2024-07-09T07:49:37Z","file":[{"content_type":"application/pdf","relation":"main_file","date_updated":"2024-07-09T07:42:54Z","date_created":"2024-07-09T07:42:54Z","creator":"flange","file_size":189676,"file_name":"Turning Attacks into Advantages_ Evading HTTP Censorship with HTTP Request Smuggling - foci-2024-0012.pdf","file_id":"55139","access_level":"open_access"}],"abstract":[{"text":"Many countries limit their residents' access to various websites. As a substantial number of these websites do not support TLS encryption, censorship of unencrypted HTTP requests remains prevalent. Accordingly, circumvention techniques can and have been found for the HTTP protocol. In this paper, we infer novel circumvention techniques on the HTTP layer from a web security vulnerability by utilizing HTTP request smuggling (HRS). To demonstrate the viability of our techniques, we collected various test vectors from previous work about HRS and evaluated them on popular web servers and censors in China, Russia, and Iran. Our findings show that HRS can be successfully employed as a censorship circumvention technique against multiple censors and web servers. We also discover a standard-compliant circumvention technique in Russia, unusually inconsistent censorship in China, and an implementation bug in Iran. The results of this work imply that censorship circumvention techniques can successfully be constructed from existing vulnerabilities. We conjecture that this implication provides insights to the censorship circumvention community beyond the viability of specific techniques presented in this work.","lang":"eng"}],"publication":"Proceedings on Privacy Enhancing Technologies","language":[{"iso":"eng"}],"keyword":["censorship","censorship circumvention","http","http request smuggling"],"ddc":["006"]},{"author":[{"last_name":"Bäumer","full_name":"Bäumer, Fabian","first_name":"Fabian"},{"full_name":"Brinkmann, Marcus","last_name":"Brinkmann","first_name":"Marcus"},{"full_name":"Erinola, Nurullah","last_name":"Erinola","first_name":"Nurullah"},{"id":"55616","full_name":"Hebrok, Sven Niclas","orcid":"0009-0006-1172-1665","last_name":"Hebrok","first_name":"Sven Niclas"},{"full_name":"Heitmann, Nico","id":"74619","last_name":"Heitmann","orcid":"0009-0003-7687-7044","first_name":"Nico"},{"last_name":"Lange","id":"67893","full_name":"Lange, Felix","first_name":"Felix"},{"first_name":"Marcel","full_name":"Maehren, Marcel","last_name":"Maehren"},{"first_name":"Robert","full_name":"Merget, Robert","last_name":"Merget"},{"first_name":"Niklas","id":"63563","full_name":"Niere, Niklas","last_name":"Niere"},{"first_name":"Maximilian Manfred","orcid":"0009-0005-3059-6823","last_name":"Radoy","id":"68826","full_name":"Radoy, Maximilian Manfred"},{"first_name":"Conrad","last_name":"Schmidt","full_name":"Schmidt, Conrad"},{"last_name":"Schwenk","full_name":"Schwenk, Jörg","first_name":"Jörg"},{"full_name":"Somorovsky, Juraj","id":"83504","last_name":"Somorovsky","orcid":"0000-0002-3593-7720","first_name":"Juraj"}],"date_created":"2024-12-17T11:25:14Z","date_updated":"2025-02-27T08:02:30Z","conference":{"end_date":"2024-12-13","location":"Hawaii","name":"Annual Computer Security Applications Conference","start_date":"2024-12-09"},"title":"TLS-Attacker: A Dynamic Framework for Analyzing TLS Implementations","quality_controlled":"1","citation":{"ieee":"F. Bäumer <i>et al.</i>, “TLS-Attacker: A Dynamic Framework for Analyzing TLS Implementations,” presented at the Annual Computer Security Applications Conference, Hawaii, 2024.","chicago":"Bäumer, Fabian, Marcus Brinkmann, Nurullah Erinola, Sven Niclas Hebrok, Nico Heitmann, Felix Lange, Marcel Maehren, et al. “TLS-Attacker: A Dynamic Framework for Analyzing TLS Implementations.” In <i>Proceedings of Cybersecurity Artifacts Competition and Impact Award (ACSAC ’24)</i>, 2024.","ama":"Bäumer F, Brinkmann M, Erinola N, et al. TLS-Attacker: A Dynamic Framework for Analyzing TLS Implementations. In: <i>Proceedings of Cybersecurity Artifacts Competition and Impact Award (ACSAC ’24)</i>. ; 2024.","apa":"Bäumer, F., Brinkmann, M., Erinola, N., Hebrok, S. N., Heitmann, N., Lange, F., Maehren, M., Merget, R., Niere, N., Radoy, M. M., Schmidt, C., Schwenk, J., &#38; Somorovsky, J. (2024). TLS-Attacker: A Dynamic Framework for Analyzing TLS Implementations. <i>Proceedings of Cybersecurity Artifacts Competition and Impact Award (ACSAC ’24)</i>. Annual Computer Security Applications Conference, Hawaii.","short":"F. Bäumer, M. Brinkmann, N. Erinola, S.N. Hebrok, N. Heitmann, F. Lange, M. Maehren, R. Merget, N. Niere, M.M. Radoy, C. Schmidt, J. Schwenk, J. Somorovsky, in: Proceedings of Cybersecurity Artifacts Competition and Impact Award (ACSAC ’24), 2024.","bibtex":"@inproceedings{Bäumer_Brinkmann_Erinola_Hebrok_Heitmann_Lange_Maehren_Merget_Niere_Radoy_et al._2024, title={TLS-Attacker: A Dynamic Framework for Analyzing TLS Implementations}, booktitle={Proceedings of Cybersecurity Artifacts Competition and Impact Award (ACSAC ’24)}, author={Bäumer, Fabian and Brinkmann, Marcus and Erinola, Nurullah and Hebrok, Sven Niclas and Heitmann, Nico and Lange, Felix and Maehren, Marcel and Merget, Robert and Niere, Niklas and Radoy, Maximilian Manfred and et al.}, year={2024} }","mla":"Bäumer, Fabian, et al. “TLS-Attacker: A Dynamic Framework for Analyzing TLS Implementations.” <i>Proceedings of Cybersecurity Artifacts Competition and Impact Award (ACSAC ’24)</i>, 2024."},"year":"2024","user_id":"67893","department":[{"_id":"632"}],"_id":"57816","language":[{"iso":"eng"}],"keyword":["SSL","TLS","DTLS","Protocol State Fuzzing","Planning Based"],"type":"conference","publication":"Proceedings of Cybersecurity Artifacts Competition and Impact Award (ACSAC ’24)","status":"public","abstract":[{"text":"TLS-Attacker is an open-source framework for analyzing Transport\r\nLayer Security (TLS) implementations. The framework allows users\r\nto specify custom protocol flows and provides modification hooks to\r\nmanipulate message contents. Since its initial publication in 2016 by\r\nJuraj Somorovsky, TLS-Attacker has been used in numerous studies\r\npublished at well-established conferences and helped to identify\r\nvulnerabilities in well-known open-source TLS libraries. To enable\r\nautomated analyses, TLS-Attacker has grown into a suite of projects,\r\neach designed as a building block that can be applied to facilitate\r\nvarious analysis methodologies. The framework still undergoes\r\ncontinuous improvements with feature extensions, such as DTLS\r\n1.3 or the addition of new dialects such as QUIC, to continue its\r\neffectiveness and relevancy as a security analysis framework.","lang":"eng"}]},{"publication":"Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security","type":"conference","status":"public","abstract":[{"lang":"eng","text":"State actors around the world censor the HTTPS protocol to block access to certain websites. While many circumvention strategies utilize the TCP layer only little emphasis has been placed on the analysis of TLS-a complex protocol and integral building block of HTTPS. In contrast to the TCP layer, circumvention methods on the TLS layer do not require root privileges since TLS operates on the application layer. With this proposal, we want to motivate a deeper analysis of TLS in regard to censorship circumvention techniques. To prove the existence of such techniques, we present TLS record fragmentation as a novel circumvention technique and circumvent the Great Firewall of China (GFW) using this technique. We hope that our research fosters collaboration between censorship and TLS researchers."}],"department":[{"_id":"632"}],"user_id":"83504","_id":"49654","language":[{"iso":"eng"}],"publication_status":"published","citation":{"chicago":"Niere, Niklas, Sven Niclas Hebrok, Juraj Somorovsky, and Robert Merget. “Poster: Circumventing the GFW with TLS Record Fragmentation.” In <i>Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security</i>. ACM, 2023. <a href=\"https://doi.org/10.1145/3576915.3624372\">https://doi.org/10.1145/3576915.3624372</a>.","ieee":"N. Niere, S. N. Hebrok, J. Somorovsky, and R. Merget, “Poster: Circumventing the GFW with TLS Record Fragmentation,” 2023, doi: <a href=\"https://doi.org/10.1145/3576915.3624372\">10.1145/3576915.3624372</a>.","ama":"Niere N, Hebrok SN, Somorovsky J, Merget R. Poster: Circumventing the GFW with TLS Record Fragmentation. In: <i>Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security</i>. ACM; 2023. doi:<a href=\"https://doi.org/10.1145/3576915.3624372\">10.1145/3576915.3624372</a>","short":"N. Niere, S.N. Hebrok, J. Somorovsky, R. Merget, in: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, ACM, 2023.","bibtex":"@inproceedings{Niere_Hebrok_Somorovsky_Merget_2023, title={Poster: Circumventing the GFW with TLS Record Fragmentation}, DOI={<a href=\"https://doi.org/10.1145/3576915.3624372\">10.1145/3576915.3624372</a>}, booktitle={Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security}, publisher={ACM}, author={Niere, Niklas and Hebrok, Sven Niclas and Somorovsky, Juraj and Merget, Robert}, year={2023} }","mla":"Niere, Niklas, et al. “Poster: Circumventing the GFW with TLS Record Fragmentation.” <i>Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security</i>, ACM, 2023, doi:<a href=\"https://doi.org/10.1145/3576915.3624372\">10.1145/3576915.3624372</a>.","apa":"Niere, N., Hebrok, S. N., Somorovsky, J., &#38; Merget, R. (2023). Poster: Circumventing the GFW with TLS Record Fragmentation. <i>Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security</i>. <a href=\"https://doi.org/10.1145/3576915.3624372\">https://doi.org/10.1145/3576915.3624372</a>"},"year":"2023","author":[{"first_name":"Niklas","id":"63563","full_name":"Niere, Niklas","last_name":"Niere"},{"first_name":"Sven Niclas","orcid":"0009-0006-1172-1665","last_name":"Hebrok","id":"55616","full_name":"Hebrok, Sven Niclas"},{"id":"83504","full_name":"Somorovsky, Juraj","last_name":"Somorovsky","orcid":"0000-0002-3593-7720","first_name":"Juraj"},{"first_name":"Robert","full_name":"Merget, Robert","last_name":"Merget"}],"date_created":"2023-12-15T07:34:24Z","publisher":"ACM","date_updated":"2024-04-02T12:17:18Z","doi":"10.1145/3576915.3624372","title":"Poster: Circumventing the GFW with TLS Record Fragmentation"}]