SegmentGeneva: Packet segmentation strategy and genetic algorithm based escape detection technique

Censorship evasion has been a long-standing game between evaders and censors in cybersecurity and has evolved from manual evasion to automated evasion using complex protocol information. However, censorship techniques like deep packet inspection and machine learning-based traffic identification techniques have undergone dynamic upgrades. In this paper, we build a prototype genetic algorithm system for packet segmentation and automated censorship circumvention , SegmentGeneva. Specifically, we combine the advantages of packet segmentation operations, which cause incomplete content recognition by censors, difficulties in large-scale packet reorganization, and high resource consumption, with the relevant points of packet segmentation features in TCP/IP protocols and traffic censorship techniques, automated exploration and evolution of genetic algorithms for packet manipulation policy reasoning. The packet operation policies that can break through the firewall are generated by sending packet requests containing sensitive fields to the border firewall and automatically optimizing them according to the different response results. Fifty-one packet operation policies with strong evasion capabilities are obtained, and the final results are analyzed and compared. The system can effectively explore the censor’s censorship mechanism for packet segmentation traffic and evolve excellent censorship evasion strategies based on the response results of automated exploration.