Researchers have found that the “Great Firewall” technology that controls internet traffic entering and leaving China is not merely an apparatus that statically blocks traffic. It also actively sends probes across the internet, preemptively searching for internet infrastructure and services that seek to circumvent its defenses.
“The Great Firewall is actively trying to find these sites so it can block them,” said Nick Feamster, a professor of computer science at Princeton and the acting director of the University’s Center for Information Technology Policy. “Active reconnaissance is the next step in the arms race,” he said.
In contrast to the decentralized management that characterizes much of the internet, China’s internet is tightly controlled: Traffic entering and leaving the country passes through infrastructure in just a few physical locations.
“It allows the Chinese government to see most traffic between China and the rest of the world,” said Roya Ensafi, a postdoctoral researcher who worked on the project.
To avoid this control, citizens often use online systems that encrypt communications and disguise sites visited. Princeton researchers have found that the government has responded to this with sophisticated efforts to identify and block these systems, leading to an online game of cat and mouse.
“It is an ongoing battle,” Ensafi said.