{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,2]],"date-time":"2026-04-02T05:21:06Z","timestamp":1775107266132,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":60,"publisher":"ACM","license":[{"start":{"date-parts":[[2020,10,27]],"date-time":"2020-10-27T00:00:00Z","timestamp":1603756800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"NSF CAREER","award":["CNS-1553301"],"award-info":[{"award-number":["CNS-1553301"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2020,10,27]]},"DOI":"10.1145\/3419394.3423644","type":"proceedings-article","created":{"date-parts":[[2020,10,22]],"date-time":"2020-10-22T20:30:22Z","timestamp":1603398622000},"page":"111-124","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":8,"title":["How China Detects and Blocks Shadowsocks"],"prefix":"10.1145","author":[{"family":"Alice","sequence":"first","affiliation":[{"name":"GFW Report"}]},{"family":"Bob","sequence":"additional","affiliation":[{"name":"GFW Report"}]},{"family":"Carol","sequence":"additional","affiliation":[{"name":"GFW Report"}]},{"given":"Jan","family":"Beznazwy","sequence":"additional","affiliation":[{"name":"Independent consultant"}]},{"given":"Amir","family":"Houmansadr","sequence":"additional","affiliation":[{"name":"University of Massachusetts Amherst"}]}],"member":"320","published-online":{"date-parts":[[2020,10,27]]},"reference":[{"key":"e_1_3_2_2_1_1","unstructured":"Anonymous. 2014. Towards a Comprehensive Picture of the Great Firewalls DNS Censorship. In Free and Open Communications on the Internet. USENIX. https:\/\/www.usenix.org\/system\/files\/conference\/foci14\/foci14-anonymous.pdf"},{"key":"e_1_3_2_2_2_1","volume-title":"Summary on Recently Discovered V2Ray Weaknesses. Retrieved","author":"Anonymous","year":"2020","unstructured":"Anonymous. 2020. Summary on Recently Discovered V2Ray Weaknesses. Retrieved September 2020 from https:\/\/gfw.report\/blog\/v2ray_weaknesses\/en\/"},{"key":"e_1_3_2_2_3_1","volume-title":"How China Detects and Blocks Shadowsocks. Retrieved","author":"Anonymous","year":"2020","unstructured":"Anonymous, Anonymous, Anonymous, David Fifield, and Amir Houmansadr. 2019. How China Detects and Blocks Shadowsocks. Retrieved September 2020 from https:\/\/gfw.report\/blog\/gfw_shadowsocks"},{"key":"e_1_3_2_2_4_1","unstructured":"Matthieu Baerts and Quentin De Coninck. 2015. Multipath TCP with real Smartphone applications. Master's thesis. Universit\u00e9 catholique de Louvain. https:\/\/dial.uclouvain.be\/memoire\/ucl\/object\/thesis:366"},{"key":"e_1_3_2_2_5_1","volume-title":"Retrieved","year":"2020","unstructured":"bluesky. 2019. 6.4\u671f\u95f4\u7ffb\u5899\u89c2\u5bdf. Retrieved February 2020 from https:\/\/pincong.rocks\/article\/2019"},{"key":"e_1_3_2_2_6_1","volume-title":"Anonymous, Louis-Henri Merino, David Fifield, Amir Houmansadr, and Dave Levin.","author":"Bock Kevin","year":"2020","unstructured":"Kevin Bock, iyouport, Anonymous, Louis-Henri Merino, David Fifield, Amir Houmansadr, and Dave Levin. 2020. Exposing and Circumventing China's Censorship of ESNI. Retrieved September 2020 from https:\/\/github.com\/net4people\/bbs\/issues\/43#issuecomment-673322409"},{"key":"e_1_3_2_2_7_1","doi-asserted-by":"crossref","unstructured":"David Borman Bob Braden Van Jacobson and Richard Scheffenegger. 2014. TCP Extensions for High Performance. RFC 7323. RFC Editor. https:\/\/tools.ietf.org\/html\/rfc7323","DOI":"10.17487\/rfc7323"},{"key":"e_1_3_2_2_8_1","volume-title":"Retrieved","author":"\u534f\u8bae\u7684\u5f31\u70b9\u5206\u6790\u548c\u6539\u8fdb Shadowsocks","year":"2019","unstructured":"BreakWa11. 2015. Shadowsocks \u534f\u8bae\u7684\u5f31\u70b9\u5206\u6790\u548c\u6539\u8fdb. Retrieved August 2019 from https:\/\/web.archive.org\/web\/20160829052958\/https:\/\/github.com\/breakwa11\/shadowsocks-rss\/issues\/38"},{"key":"e_1_3_2_2_9_1","unstructured":"Zimo Chai Amirhossein Ghafari and Amir Houmansadr. 2019. On the Importance of Encrypted-SNI (ESNI) to Censorship Circumvention. In Free and Open Communications on the Internet. USENIX. https:\/\/www.usenix.org\/system\/files\/foci19-paper_chai_update.pdf"},{"key":"e_1_3_2_2_10_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-020-00353-z"},{"key":"e_1_3_2_2_11_1","volume-title":"Watson","author":"Clayton Richard","year":"2006","unstructured":"Richard Clayton, Steven J. Murdoch, and Robert N. M. Watson. 2006. Ignoring the Great Firewall of China. In Privacy Enhancing Technologies. Springer, 20--35. https:\/\/www.cl.cam.ac.uk\/~rnc1\/ignoring.pdf"},{"key":"e_1_3_2_2_12_1","volume-title":"Intelligent Human-Machine Systems and Cybernetics","author":"Deng Ziye","year":"2018","unstructured":"Ziye Deng, Zihan Liu, Zhouguo Chen, and Yubin Guo. 2017. The Random Forest based Detection of Shadowsock's Traffic. In Intelligent Human-Machine Systems and Cybernetics. IEEE. https:\/\/www.directory-root.com\/wp-content\/uploads\/2018\/02\/Shadowsocks-Sniffing.pdf"},{"key":"e_1_3_2_2_13_1","unstructured":"Arun Dunna Ciar\u00e1n O'Brien and Phillipa Gill. 2018. Analyzing China's Blocking of Unpublished Tor Bridges. In Free and Open Communications on the Internet. USENIX. https:\/\/www.usenix.org\/system\/files\/conference\/foci18\/foci18-paper-dunna.pdf"},{"key":"e_1_3_2_2_14_1","volume-title":"Examining How the Great Firewall Discovers Hidden Circumvention Servers. In Internet Measurement Conference. ACM. http:\/\/conferences2.sigcomm.org\/imc\/2015\/papers\/p445","author":"Ensafi Roya","year":"2015","unstructured":"Roya Ensafi, David Fifield, Philipp Winter, Nick Feamster, Nicholas Weaver, and Vern Paxson. 2015. Examining How the Great Firewall Discovers Hidden Circumvention Servers. In Internet Measurement Conference. ACM. http:\/\/conferences2.sigcomm.org\/imc\/2015\/papers\/p445.pdf"},{"key":"e_1_3_2_2_15_1","volume-title":"Shadowsocks active-probing attacks and defenses. Retrieved","author":"Fifield David","year":"2020","unstructured":"David Fifield. 2017. Shadowsocks active-probing attacks and defenses. Retrieved February 2020 from https:\/\/groups.google.com\/d\/msg\/traffic-obf\/CWO0peBJLGc\/Py-clLSTBwAJ"},{"key":"e_1_3_2_2_16_1","volume-title":"Decryption vulnerability in Shadowsocks stream ciphers. Retrieved","author":"Fifield David","year":"2020","unstructured":"David Fifield. 2019. Decryption vulnerability in Shadowsocks stream ciphers. Retrieved June 2020 from https:\/\/github.com\/net4people\/bbs\/issues\/24"},{"key":"e_1_3_2_2_17_1","volume-title":"Intensive Shadowsocks blocking in China since mid-September. Retrieved","author":"Fifield David","year":"2020","unstructured":"David Fifield. 2019. Intensive Shadowsocks blocking in China since mid-September. Retrieved February 2020 from https:\/\/github.com\/net4people\/bbs\/issues\/16"},{"key":"e_1_3_2_2_18_1","unstructured":"Vinicius Fortuna. 2020. Outline changes since the prelinimary report. https:\/\/github.com\/net4people\/bbs\/issues\/22#issuecomment-670781627"},{"key":"e_1_3_2_2_19_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2020.23087"},{"key":"e_1_3_2_2_20_1","volume-title":"HTTPT: A Probe-Resistant Proxy. In Free and Open Communications on the Internet. USENIX. https:\/\/www.usenix.org\/system\/files\/foci20-paper-frolov.pdf","author":"Frolov Sergey","year":"2020","unstructured":"Sergey Frolov and Eric Wustrow. 2020. HTTPT: A Probe-Resistant Proxy. In Free and Open Communications on the Internet. USENIX. https:\/\/www.usenix.org\/system\/files\/foci20-paper-frolov.pdf"},{"key":"e_1_3_2_2_21_1","volume-title":"How did GFW block circumvention tools during the 19th people's congress? Retrieved","year":"2020","unstructured":"ghost (unnamed user). 2017. How did GFW block circumvention tools during the 19th people's congress? Retrieved February 2020 from https:\/\/github.com\/net4people\/bbs\/issues\/1"},{"key":"e_1_3_2_2_22_1","unstructured":"go Shadowsocks2 developers. [n.d.]. go-Shadowsocks2. https:\/\/github.com\/shadowsocks\/go-shadowsocks2"},{"key":"e_1_3_2_2_23_1","unstructured":"isofew. 2017. sssniff. https:\/\/github.com\/isofew\/sssniff"},{"key":"e_1_3_2_2_24_1","volume-title":"China further tightens grip on the Internet. The New York Times (Jan","author":"Jacobs Andrew","year":"2015","unstructured":"Andrew Jacobs. 2015. China further tightens grip on the Internet. The New York Times (Jan. 2015). Retrieved February 2020 from https:\/\/www.nytimes.com\/2015\/01\/30\/world\/asia\/china-clamps-down-still-harder-on-internet-access.html"},{"key":"e_1_3_2_2_25_1","unstructured":"Jigsaw. [n.d.]. Outline. https:\/\/getoutline.org\/"},{"key":"e_1_3_2_2_26_1","unstructured":"Jigsaw. [n.d.]. Outline v1.1.0. https:\/\/github.com\/Jigsaw-Code\/outline-ss-server\/releases\/tag\/v1.1.0"},{"key":"e_1_3_2_2_27_1","unstructured":"klzgrad. [n.d.]. Na\u00efveProxy. https:\/\/github.com\/klzgrad\/naiveproxy"},{"key":"e_1_3_2_2_28_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cogsys.2018.12.005"},{"key":"e_1_3_2_2_29_1","unstructured":"Zhen Lu Zhenhua Li Jian Yang Tianyin Xu Ennan Zhai Yao Liu and Christo Wilson. 2017. Accessing Google Scholar under Extreme Internet Censorship: A Legal Avenue. In Middleware. ACM. https:\/\/censorbib.nymity.ch\/pdf\/Lu2017a.pdf"},{"key":"e_1_3_2_2_30_1","unstructured":"madeye. 2016. Changes between shadowsocks-libev v2.5.4 and v2.5.5. https:\/\/github.com\/shadowsocks\/shadowsocks-libev\/compare\/v2.5.4...v2.5.5"},{"key":"e_1_3_2_2_31_1","unstructured":"madeye. 2017. sssniff. https:\/\/github.com\/madeye\/sssniff"},{"key":"e_1_3_2_2_32_1","volume-title":"Simplify the server auto blocking mechanism. Retrieved","year":"2020","unstructured":"madeye. 2019. Simplify the server auto blocking mechanism. Retrieved September 2020 from https:\/\/github.com\/shadowsocks\/shadowsocks-libev\/commit\/a99c39c7dd314939082348d96d06727570b514a8"},{"key":"e_1_3_2_2_33_1","volume-title":"Some extra ways of active probing. Retrieved","year":"2020","unstructured":"nametoolong. 2020. Some extra ways of active probing. Retrieved September 2020 from https:\/\/github.com\/v2ray\/v2ray-core\/issues\/2539"},{"key":"e_1_3_2_2_34_1","unstructured":"Daiyuu Nobori and Yasushi Shinjo. 2014. VPN Gate: A Volunteer-Organized Public VPN Relay System with Blocking Resistance for Bypassing Government Censorship Firewalls. In Networked Systems Design and Implementation. USENIX. https:\/\/www.usenix.org\/system\/files\/conference\/nsdi14\/nsdi14-paper-nobori.pdf"},{"key":"e_1_3_2_2_35_1","volume-title":"studentmain, et al","year":"2020","unstructured":"p4gefau1t, studentmain, et al. 2020. vmess \u534f\u8bae\u8bbe\u8ba1\u548c\u5b9e\u73b0\u7f3a\u9677\u53ef\u5bfc\u81f4\u670d\u52a1\u5668\u906d\u5230\u4e3b\u52a8\u63a2\u6d4b\u7279\u5f81\u8bc6\u522b(\u9644PoC). Retrieved September 2020 from https:\/\/github.com\/v2ray\/v2ray-core\/issues\/2523"},{"key":"e_1_3_2_2_36_1","volume-title":"Redirect attack on Shadowsocks stream ciphers. Retrieved","author":"Peng Zhiniang","year":"2020","unstructured":"Zhiniang Peng. 2020. Redirect attack on Shadowsocks stream ciphers. Retrieved June 2020 from https:\/\/github.com\/edwardz246003\/shadowsocks"},{"key":"e_1_3_2_2_37_1","volume-title":"Retrieved","author":"\u4e3a\u4f55shadowsocks","year":"2020","unstructured":"printempw. 2017. \u4e3a\u4f55shadowsocks \u8981\u5f03\u7528\u4e00\u6b21\u6027\u9a8c\u8bc1(OTA). Retrieved February 2020 from https:\/\/web.archive.org\/web\/20191002190325\/https:\/\/printempw.github.io\/why-do-shadowsocks-deprecate-ota\/"},{"key":"e_1_3_2_2_38_1","volume-title":"Retrieved","author":"Think Program","year":"2019","unstructured":"Program Think. 2017. 2017 \u5e7410\u6708\u7ffb\u5899\u5feb\u62a5 (\u517c\u8c08\u7528I2P\u7a81\u7834\u5c01\u9501). Retrieved February 2019 from https:\/\/program-think.blogspot.com\/2017\/10\/gfw-news.html"},{"key":"e_1_3_2_2_39_1","volume-title":"Replay attack monitored by V2Ray. Retrieved","year":"2020","unstructured":"projectv2ray. 2017. Replay attack monitored by V2Ray. Retrieved February 2020 from https:\/\/github.com\/shadowsocks\/shadowsocks-org\/issues\/44#issuecomment-282525358 (originally from https:\/\/twitter.com\/projectv2ray\/status\/833959357423448064)."},{"key":"e_1_3_2_2_40_1","volume-title":"Mygod, et al.","year":"2017","unstructured":"riobard, madeye, Mygod, et al. 2017. Defend against replay attack. Retrieved February 2020 from https:\/\/github.com\/shadowsocks\/shadowsocks-org\/issues\/44"},{"key":"e_1_3_2_2_41_1","unstructured":"Shadowsocks rust developers. [n.d.]. Shadowsocks-rust. https:\/\/github.com\/shadowsocks\/shadowsocks-rust"},{"key":"e_1_3_2_2_42_1","volume-title":"Reports of China disrupting shadowsocks. Retrieved","author":"Scott Will","year":"2019","unstructured":"Will Scott. 2017. Reports of China disrupting shadowsocks. Retrieved February 2019 from https:\/\/groups.google.com\/d\/msg\/traffic-obf\/dqw6CQLR944\/1Icd4691AQAJ"},{"key":"e_1_3_2_2_43_1","unstructured":"Sergey Frolov and others. [n.d.]. forwardproxy. https:\/\/github.com\/caddyserver\/forwardproxy"},{"key":"e_1_3_2_2_44_1","unstructured":"Shadowsocks developers. [n.d.]. Shadowsocks. https:\/\/github.com\/shadowsocks\/shadowsocks\/tree\/master"},{"key":"e_1_3_2_2_45_1","unstructured":"Shadowsocks developers. [n.d.]. Shadowsocks-libev. https:\/\/github.com\/shadowsocks\/shadowsocks-libev"},{"key":"e_1_3_2_2_46_1","volume-title":"Shadowsocks whitepaper. Retrieved","author":"Shadowsocks","year":"2020","unstructured":"Shadowsocks developers. 2019. Shadowsocks whitepaper. Retrieved February 2020 from https:\/\/github.com\/shadowsocks\/shadowsocks-org\/blob\/master\/whitepaper\/whitepaper.md"},{"key":"e_1_3_2_2_47_1","unstructured":"shadowsocksr-csharp developers. [n.d.]. shadowsocksr-csharp. https:\/\/github.com\/shadowsocksrr\/shadowsocksr-csharp"},{"key":"e_1_3_2_2_48_1","volume-title":"alalamav, et al","year":"2019","unstructured":"tatianab, alalamav, et al. 2019. Probing resistance via timeout. Retrieved September 2020 from https:\/\/github.com\/Jigsaw-Code\/outline-ss-server\/commit\/c70d512e78525eba36bb1e6ad7a0868593166cf9"},{"key":"e_1_3_2_2_49_1","unstructured":"trojan developers. [n.d.]. trojan. https:\/\/github.com\/trojan-gfw\/trojan"},{"key":"e_1_3_2_2_50_1","unstructured":"V2Ray developers. [n.d.]. V2Ray. https:\/\/github.com\/v2fly\/v2ray-core"},{"key":"e_1_3_2_2_51_1","doi-asserted-by":"crossref","unstructured":"Liang Wang Kevin P. Dyer Aditya Akella Thomas Ristenpart and Thomas Shrimpton.2015. Seeing through Network-Protocol Obfuscation. In Computer and Communications Security. ACM. http:\/\/pages.cs.wisc.edu\/~liangw\/pub\/ccsfp653-wangA.pdf","DOI":"10.1145\/2810103.2813715"},{"key":"e_1_3_2_2_52_1","volume-title":"GFW actively probes obfs2bridges. Retrieved","author":"Wilde Tim","year":"2020","unstructured":"Tim Wilde. 2012. GFW actively probes obfs2bridges. Retrieved February 2020 from https:\/\/blog.torproject.org\/blog\/knock-knock-knockin-bridges-doors"},{"key":"e_1_3_2_2_53_1","volume-title":"Re: Reports of China disrupting shadowsocks. Retrieved","author":"Wiley Brandon","year":"2017","unstructured":"Brandon Wiley. 2017. Re: Reports of China disrupting shadowsocks. Retrieved July 2019 from https:\/\/groups.google.com\/d\/msg\/traffic-obf\/dqw6CQLR944\/V5_61SVTBAAJ"},{"key":"e_1_3_2_2_54_1","unstructured":"Philipp Winter. 2010. brdgrd. https:\/\/github.com\/NullHypothesis\/brdgrd"},{"key":"e_1_3_2_2_55_1","volume-title":"GFW actively probes obfs2bridges. Retrieved","author":"Winter Philipp","year":"2020","unstructured":"Philipp Winter. 2013. GFW actively probes obfs2bridges. Retrieved February 2020 from https:\/\/bugs.torproject.org\/8591"},{"key":"e_1_3_2_2_56_1","unstructured":"Philipp Winter and Stefan Lindskog. 2012. How the Great Firewall of China is Blocking Tor. In Free and Open Communications on the Internet. USENIX. https:\/\/www.usenix.org\/system\/files\/conference\/foci12\/foci12-final2.pdf"},{"key":"e_1_3_2_2_57_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2019.2907149"},{"key":"e_1_3_2_2_58_1","volume-title":"Revisiting Website Fingerprinting Attacks in Real-World Scenarios: A Case Study of Shadowsocks. In International Conference on Network and System Security. Springer, 319--336","author":"Zhao Yankang","year":"2018","unstructured":"Yankang Zhao, Xiaobo Ma, Jianfeng Li, Shui Yu, and Wei Li. 2018. Revisiting Website Fingerprinting Attacks in Real-World Scenarios: A Case Study of Shadowsocks. In International Conference on Network and System Security. Springer, 319--336."},{"key":"e_1_3_2_2_59_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2017.2762825"},{"key":"e_1_3_2_2_60_1","unstructured":"zonyitoo. [n.d.]. Shadowsocks-rust v1.8.5. https:\/\/github.com\/shadowsocks\/shadowsocks-rust\/releases\/tag\/v1.8.5"}],"event":{"name":"IMC '20: ACM Internet Measurement Conference","location":"Virtual Event USA","acronym":"IMC '20","sponsor":["SIGCOMM ACM Special Interest Group on Data Communication","SIGMETRICS ACM Special Interest Group on Measurement and Evaluation"]},"container-title":["Proceedings of the ACM Internet Measurement Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3419394.3423644","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3419394.3423644","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,12,15]],"date-time":"2025-12-15T23:35:41Z","timestamp":1765841741000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3419394.3423644"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,10,27]]},"references-count":60,"alternative-id":["10.1145\/3419394.3423644","10.1145\/3419394"],"URL":"https:\/\/doi.org\/10.1145\/3419394.3423644","relation":{},"subject":[],"published":{"date-parts":[[2020,10,27]]},"assertion":[{"value":"2020-10-27","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}