Infranet: Circumventing Web Censorship and Surveillance
Nick Feamster, Magdalena Balazinska, Greg Harfst, Hari Balakrishnan, David Karger
MIT Laboratory for Computer Science

feamster, mbalazin, gch, hari, karger
@lcs.mit.edu
http://nms.lcs.mit.edu/projects/infranet
Abstract
An increasing number of countries and companies rou-
tinely block or monitor access to parts of the Internet.
To counteract these measures, we propose Infranet, a sys-
tem that enables clients to surreptitiously retrieve sensitive
content via cooperating Web servers distributed across the
global Internet. These Infranet servers provide clients ac-
cess to censored sites while continuing to host normal un-
censored content. Infranet uses a tunnel protocol that pro-
vides a covert communication channel between its clients
and servers, modulated over standard HTTP transactions
that resemble innocuous Web browsing. In the upstream
direction, Infranet clients send covert messages to Infranet
servers by associating meaning to the sequence of HTTP
requests being made. In the downstream direction, Infranet
servers return content by hiding censored data in uncen-
sored images using steganographic techniques. We describe
the design, a prototype implementation, security properties,
and performance of Infranet. Our security analysis shows
that Infranet can successfully circumvent several sophisti-
cated censoring techniques.
1 Introduction
The World Wide Web is a prime facilitator of free
speech; many people rely on it to voice their views and to
gain access to information that traditional publishing venues
may be loath to publish. However, over the past few years,
many countries, political regimes, and corporations have at-
tempted to monitor and often restrict access to portions of
the Web by clients who use networks they control. Many of
these attempts have been successful, and the use of the Web
as a free-flowing medium for information exchange is being
severely compromised.
Several countries filter Internet content at their borders,
fearful of alternate political views or external influences.
For example, China forbids access to many news sites that
have been critical of the country’s domestic policies. Saudi
Arabia is currently soliciting content filter vendors to help
block access to sites that the government deems inappro-
priate for political or religious reasons [10]. Germany cen-
sors all Nazi-related material. Australia’s laws ban pornog-
raphy. In addition, Internet censorship repeatedly threat-
ens to cross political boundaries. For example, the U.S.
Supreme Court recently rejected France’s request to censor
Nazi-related material on Yahoo’s site [12]. Censorship and
surveillance also extend into free enterprise, with several
companies in the U.S. reportedly blocking access to sites
that are not related to conducting business. In addition to
blocking sites, many companies routinely monitor their em-
ployees’ Web surfing habits.
This paper focuses on the challenging technical prob-
lems of circumventing Web censorship and largely ignores
the many related political, legal, and policy issues. In par-
ticular, we investigate how to leverage Web communication
with accessible servers in order to surreptitiously retrieve
censored content, while simultaneously maintaining plausi-
ble deniability against receiving that content. To this end,
we develop a covert communication tunnel that securely
hides the exchange of censored content in normal, innocu-
ous Web transactions.
Our system, called Infranet, consists of requesters and
responders communicating over this covert tunnel. A re-
quester, running on a user’s computer, first uses the tunnel
to request censored content. Upon receiving the request, the
responder, a standard public Web server running Infranet
software, retrieves the sought content from the Web and re-
turns it to the requester via the tunnel.1
The covert tunnel protocol between an Infranet requester
and responder must be difficult to detect and block. More
specifically, a censor should not be able to detect that a
Web server is an Infranet responder or that a client is an In-
1We use the terms “requester” and “responder” rather than the more
traditional “client” and “server” to avoid confusion with Web clients
(“browsers”) and Web servers. We also considered a number of terms
like “proxy”, “gateway”, “front-end”, etc., but rejected them for similar
reasons.

franet requester. Nothing in their HTTP transactions ought
to arouse suspicion.
The Infranet tunnel protocol uses novel techniques for
covert upstream communication. It modulates covert mes-
sages on standard HTTP requests for uncensored con-
tent using a confidentially negotiated function which maps
URLs to message fragments that compose requests for cen-
sored content. For downstream communication, the tunnel
protocol leverages existing data hiding techniques, such as
steganography. While steganography provides little defense
against certain attacks, we are confident that the ideas we
present can be used in conjunction with other data hiding
techniques.
The main challenge in the design of the tunnel protocol is
ensuring covertness while providing a level of performance
suitable for interactive browsing. Furthermore, the tunnel
protocol must defend against a censor capable of passive at-
tacks based on logging all transactions and packets, active
attacks that modify messages or transactions, and imper-
sonation attacks where the adversary pretends to be a legit-
imate Infranet requester or responder. Our security analy-
sis indicates that Infranet can successfully circumvent sev-
eral sophisticated censoring techniques, including various
active and passive attacks. Our system handles almost all of
these threats while achieving reasonable performance. This
is achieved by taking advantage of the asymmetric band-
width requirements of Web transactions, which require sig-
nificantly less upstream bandwidth than downstream band-
width.
To assess the feasibility of our design, we implemented
an Infranet prototype and conducted a series of tests using
client-side Web traces to evaluate the performance of our
system. Our experimental evaluation shows that Infranet
provides acceptable bandwidth for covert Web browsing.
Our range-mapping algorithm for upstream communication
allows a requester to innocuously transmit a hidden request
in a number of visible HTTP requests that is proportional
to the binary entropy of the hidden request distribution. For
two typical Web sites running Infranet responders, we find
that a requester using range-mapping can modulate 50% of
all requests for hidden content in 6 visible HTTP requests or
fewer and 90% of all hidden requests in 10 visible HTTP re-
quests or fewer. Using typical Web images, our implemen-
tation of downstream hiding transmits approximately 1 kB
of hidden data per visible HTTP response.
2 Related Work
Many existing systems seek to circumvent censorship
and surveillance of Internet traffic. Anonymizer.com
provides anonymous Web sessions by requiring users to
make Web requests through a proxy that anonymizes user-
specific information, such as the user’s IP address [2]. The
company also provides a product that encrypts HTTP re-
quests to protect user privacy; Zero Knowledge provides a
similar product [24]. Squid is a caching Web proxy that
can be used as an anonymizing proxy [21]. The primary
shortcoming of these schemes is that a well-known proxy is
subject to being blocked by a censor. Additionally, the use
of an encrypted tunnel between a user and the anonymizing
proxy (e.g., port forwarding overssh) engenders suspicion.
Because censoring organizations are actively discover-
ing and blocking anonymizing proxies, SafeWeb has pro-
posed a product called Triangle Boy, a peer-to-peer appli-
cation that volunteers run on their personal machines and
that forwards clients’ Web requests to SafeWeb’s anonymiz-
ing proxy [19, 27]. SafeWeb recently formed an alliance
with the Voice of America [28], whose mission is to en-
able Chinese Internet users to gain access to censored sites.
However, Triangle Boy has several drawbacks. First, the
encrypted connection to a machine running Triangle Boy is
suspicious and can be trivially blocked since SSL handshak-
ing is unencrypted. Second, SafeWeb’s dependence on an
encrypted channel for confidentiality makes it susceptible to
traffic analysis, since Web site fingerprinting can expose the
Web sites that a user requests, even if the request itself is en-
crypted [7]. Third, SafeWeb is vulnerable to several attacks
that allow an adversary to discover the identity of a SafeWeb
user, as well as every Web site visited by that user [11].
Peekabooty also attempts to circumvent censoring firewalls
by sending SSL-encrypted requests for censored content to
a third party, but its reliance on SSL also makes it suscepti-
ble to traffic analysis and blocking attacks [26].
Various systems have attempted to protect anonymity
for users who publish and retrieve censored content. In
Crowds, users join a large, geographically diverse group
whose members cooperate in issuing requests, thus mak-
ing it difficult to associate requests with the originating
user [18]. Onion routing also separates requests from the
users who make them [25]. Publius [30], Tangler [29], and
Free Haven [4] focus on protecting the anonymity of pub-
lishers of censored content and the content itself. Freenet
provides anonymous content storage and retrieval [3].
Infranet aims to overcome censorship and surveillance,
but also provides plausible deniability for users. In addition
to establishing a secure channel between users and Infranet
responders, our system creates a covert channel within
HTTP, i.e., a communication channel that transmits infor-
mation in a manner not envisioned by the original design of
HTTP [9]. In contrast with techniques that attempt to over-
come censorship using a confidential channel (e.g., using
SSL, which is trivial to detect and block) [19, 23, 24, 26],
our approach is significantly harder to detect or block. To
be effective against blocking, a scheme for circumventing
censorship must be covert as well as secure.