{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,18]],"date-time":"2025-10-18T10:56:12Z","timestamp":1760784972788},"reference-count":62,"publisher":"Privacy Enhancing Technologies Symposium Advisory Board","issue":"2","license":[{"start":{"date-parts":[[2021,1,29]],"date-time":"2021-01-29T00:00:00Z","timestamp":1611878400000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/creativecommons.org\/licenses\/by-nc-nd\/3.0"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021,4,1]]},"abstract":"<jats:title>Abstract<\/jats:title>\n               <jats:p>\n                  <jats:italic>Smart DNS<\/jats:italic> (SDNS) services advertise access to <jats:italic>geofenced<\/jats:italic> content (typically, video streaming sites such as Netflix or Hulu) that is normally inaccessible unless the client is within a prescribed geographic region. SDNS is simple to use and involves no software installation. Instead, it requires only that users modify their DNS settings to point to an SDNS resolver. The SDNS resolver \u201csmartly\u201d identifies geofenced domains and, in lieu of their proper DNS resolutions, returns IP addresses of proxy servers located within the geofence. These servers then transparently proxy traffic between the users and their intended destinations, allowing for the bypass of these geographic restrictions.<\/jats:p>\n               <jats:p>This paper presents the first academic study of SDNS services. We identify a number of serious and pervasive privacy vulnerabilities that expose information about the users of these systems. These include architectural weaknesses that enable content providers to identify which requesting clients use SDNS. Worse, we identify flaws in the design of some SDNS services that allow <jats:italic>any<\/jats:italic> arbitrary third party to enumerate these services\u2019 users (by IP address), even if said users are currently offline. We present mitigation strategies to these attacks that have been adopted by at least one SDNS provider in response to our findings.<\/jats:p>","DOI":"10.2478\/popets-2021-0022","type":"journal-article","created":{"date-parts":[[2021,4,6]],"date-time":"2021-04-06T21:01:39Z","timestamp":1617742899000},"page":"151-172","source":"Crossref","is-referenced-by-count":3,"title":["Holes in the Geofence: Privacy Vulnerabilities in \u201cSmart\u201d DNS Services"],"prefix":"10.56553","volume":"2021","author":[{"given":"Rahel A.","family":"Fainchtein","sequence":"first","affiliation":[{"name":"Georgetown University"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Adam J.","family":"Aviv","sequence":"additional","affiliation":[{"name":"The George Washington University"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Micah","family":"Sherr","sequence":"additional","affiliation":[{"name":"Georgetown University"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Stephen","family":"Ribaudo","sequence":"additional","affiliation":[{"name":"Georgetown University"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Armaan","family":"Khullar","sequence":"additional","affiliation":[{"name":"Georgetown University"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"35752","published-online":{"date-parts":[[2021,1,29]]},"reference":[{"key":"2022061423191789791_j_popets-2021-0022_ref_001_w2aab3b7c18b1b6b1ab1ab1Aa","unstructured":"[1] All Checkout Plan Links. https:\/\/www.vpnsecure.me\/other-products\/all-products\/, Accessed 13, September 2020."},{"key":"2022061423191789791_j_popets-2021-0022_ref_002_w2aab3b7c18b1b6b1ab1ab2Aa","unstructured":"[2] Sadia Afroz, Michael Carl Tschantz, Shaarif Sajid, Shoaib Asif Qazi, Mobin Javed, and Vern Paxson. Exploring Server-side Blocking of Regions. arXiv preprint arXiv:1805.11606, 2018."},{"key":"2022061423191789791_j_popets-2021-0022_ref_003_w2aab3b7c18b1b6b1ab1ab3Aa","unstructured":"[3] Amazon. Alexa Top 1 Million. https:\/\/s3.amazonaws.com\/alexa-static\/top-1m.csv.zip, (Accessed on 09\/27\/2018)."},{"key":"2022061423191789791_j_popets-2021-0022_ref_004_w2aab3b7c18b1b6b1ab1ab4Aa","doi-asserted-by":"crossref","unstructured":"[4] S. Blake-Wilson, M. Nystrom, D. Hopwood, J. Mikkelsen, and T. Wright. Transport Layer Security (TLS) Extensions. RFC 3546, Internet Engineering Task Force, 2003.10.17487\/rfc3546","DOI":"10.17487\/rfc3546"},{"key":"2022061423191789791_j_popets-2021-0022_ref_005_w2aab3b7c18b1b6b1ab1ab5Aa","doi-asserted-by":"crossref","unstructured":"[5] S. Bortzmeyer. DNS Privacy Considerations. RFC 7626, Internet Engineering Task Force, 2015.10.17487\/RFC7626","DOI":"10.17487\/RFC7626"},{"key":"2022061423191789791_j_popets-2021-0022_ref_006_w2aab3b7c18b1b6b1ab1ab6Aa","doi-asserted-by":"crossref","unstructured":"[6] Sam Burnett and Nick Feamster. Encore: Lightweight Measurement of Web Censorship with Cross-origin Requests. ACM SIGCOMM Computer Communication Review, 45(4):653\u2013667, 2015.","DOI":"10.1145\/2829988.2787485"},{"key":"2022061423191789791_j_popets-2021-0022_ref_007_w2aab3b7c18b1b6b1ab1ab7Aa","unstructured":"[7] Jonas Bushart and Christian Rossow. Padding Ain\u2019t Enough: Assessing the Privacy Guarantees of Encrypted DNS. In Workshop on Free and Open Communications on the Internet (FOCI), 2020."},{"key":"2022061423191789791_j_popets-2021-0022_ref_008_w2aab3b7c18b1b6b1ab1ab8Aa","doi-asserted-by":"crossref","unstructured":"[8] Thomas Callahan, Mark Allman, and Michael Rabinovich. On Modern DNS Behavior and Properties. ACM SIGCOMM Computer Communication Review, 43(3):7\u201315, 2013.10.1145\/2500098.2500100","DOI":"10.1145\/2500098.2500100"},{"key":"2022061423191789791_j_popets-2021-0022_ref_009_w2aab3b7c18b1b6b1ab1ab9Aa","unstructured":"[9] Taejoong Chung, Roland van Rijswijk-Deij, Balakrishnan Chandrasekaran, David Choffnes, Dave Levin, Bruce M. Maggs, Alan Mislove, and Christo Wilson. A Longitudinal, End-to-End View of the DNSSEC Ecosystem. In USENIX Security Symposium (USENIX), 2017."},{"key":"2022061423191789791_j_popets-2021-0022_ref_010_w2aab3b7c18b1b6b1ab1ac10Aa","unstructured":"[10] California Code. California Consumer Privacy Act of 2018 (1.81.5 CA Civ Code \u00a71798.145)."},{"key":"2022061423191789791_j_popets-2021-0022_ref_011_w2aab3b7c18b1b6b1ab1ac11Aa","unstructured":"[11] Council of European Union. EU General Data Protection Regulation (GDPR):Regulation (EU) 2016\/679 of the European Parliament and of the Council of 27, April 2016."},{"key":"2022061423191789791_j_popets-2021-0022_ref_012_w2aab3b7c18b1b6b1ab1ac12Aa","doi-asserted-by":"crossref","unstructured":"[12] Roger Dingledine, Nick Mathewson, and Paul Syverson. Tor: The Second-Generation Onion Router. In USENIX Security Symposium (USENIX), August 2004.10.21236\/ADA465464","DOI":"10.21236\/ADA465464"},{"key":"2022061423191789791_j_popets-2021-0022_ref_013_w2aab3b7c18b1b6b1ab1ac13Aa","unstructured":"[13] David Dittrich, Erin Kenneally, et al. The Menlo Report: Ethical Principles Guiding Information and Communication Technology Research. Technical report, US Department of Homeland Security, August 2012."},{"key":"2022061423191789791_j_popets-2021-0022_ref_014_w2aab3b7c18b1b6b1ab1ac14Aa","unstructured":"[14] Zakir Durumeric, Eric Wustrow, and J Alex Halderman. ZMap: Fast Internet-wide Scanning and its Security Applications. In USENIX Security Symposium (USENIX), 2013."},{"key":"2022061423191789791_j_popets-2021-0022_ref_015_w2aab3b7c18b1b6b1ab1ac15Aa","unstructured":"[15] Experian. How well do you know customers - really? https:\/\/www.experian.com\/marketing-services\/identity-resolution, Accessed on 12, September 2020."},{"key":"2022061423191789791_j_popets-2021-0022_ref_016_w2aab3b7c18b1b6b1ab1ac16Aa","unstructured":"[16] ExpressVPN. What Is VPN? https:\/\/www.expressvpn.com\/what-is-vpn, (Accessed on 05\/08\/2019)."},{"key":"2022061423191789791_j_popets-2021-0022_ref_017_w2aab3b7c18b1b6b1ab1ac17Aa","unstructured":"[17] Rahel A. Fainchtein, Adam J. Aviv, Micah Sherr, Stephen Ribaudo, and Armaan Khullar. Holes in the Geofence: Privacy Vulnerabilities in \u201cSmart\u201d DNS Services (Extended Version). https:\/\/arxiv.org\/abs\/2012.07944, 2020."},{"key":"2022061423191789791_j_popets-2021-0022_ref_018_w2aab3b7c18b1b6b1ab1ac18Aa","unstructured":"[18] David Fifield. meek. https:\/\/trac.torproject.org\/projects\/tor\/wiki\/doc\/meek."},{"key":"2022061423191789791_j_popets-2021-0022_ref_019_w2aab3b7c18b1b6b1ab1ac19Aa","unstructured":"[19] David Fifield, Jiang Jian, and Paul Pearce. SNI Proxies. https:\/\/www.bamsoftware.com\/computers\/sniproxy\/, 2016."},{"key":"2022061423191789791_j_popets-2021-0022_ref_020_w2aab3b7c18b1b6b1ab1ac20Aa","doi-asserted-by":"crossref","unstructured":"[20] David Fifield, Chang Lan, Rod Hynes, Percy Wegmann, and Vern Paxson. Blocking-resistant Communication through Domain Fronting. In Privacy Enhancing Technologies Symposium (PETS), 2015.10.1515\/popets-2015-0009","DOI":"10.1515\/popets-2015-0009"},{"key":"2022061423191789791_j_popets-2021-0022_ref_021_w2aab3b7c18b1b6b1ab1ac21Aa","unstructured":"[21] Arturo Filasto and Jacob Appelbaum. OONI: Open Observatory of Network Interference. In USENIX Workshop on Free and Open Communications on the Internet (FOCI), 2012."},{"key":"2022061423191789791_j_popets-2021-0022_ref_022_w2aab3b7c18b1b6b1ab1ac22Aa","doi-asserted-by":"crossref","unstructured":"[22] Paul Francis, Sugih Jamin, Cheng Jin, Yixin Jin, Danny Raz, Yuval Shavitt, and Lixia Zhang. IDMaps: A Global Internet Host Distance Estimation Service. IEEE\/ACM Transactions on Networking, 9(5):525\u2013540, 2001.","DOI":"10.1109\/90.958323"},{"key":"2022061423191789791_j_popets-2021-0022_ref_023_w2aab3b7c18b1b6b1ab1ac23Aa","doi-asserted-by":"crossref","unstructured":"[23] Amy Friedlander, Allison Mankin, W. Douglas Maughan, and Stephen D. Crocker. DNSSEC: A Protocol toward Securing the Internet Infrastructure. Communications of the ACM, 50(6):44\u201350, June 2007.10.1145\/1247001.1247004","DOI":"10.1145\/1247001.1247004"},{"key":"2022061423191789791_j_popets-2021-0022_ref_024_w2aab3b7c18b1b6b1ab1ac24Aa","doi-asserted-by":"crossref","unstructured":"[24] Sergey Frolov and Eric Wustrow. The Use of TLS in Censorship Circumvention. In Network and Distributed System Security Symposium (NDSS), 2019.10.14722\/ndss.2019.23511","DOI":"10.14722\/ndss.2019.23511"},{"key":"2022061423191789791_j_popets-2021-0022_ref_025_w2aab3b7c18b1b6b1ab1ac25Aa","unstructured":"[25] Henry Gemmer. 10 Best Unlimited Bandwidth VPS Providers. https:\/\/uncensoredhosting.com\/unlimited-bandwidth-vps\/, 2019."},{"key":"2022061423191789791_j_popets-2021-0022_ref_026_w2aab3b7c18b1b6b1ab1ac26Aa","unstructured":"[26] Alessandro Ghedini. Encrypt It or Lose It: How Encrypted SNI Works (Blog Post). https:\/\/blog.cloudflare.com\/encrypted-sni\/, (Accessed on 05\/09\/2019)."},{"key":"2022061423191789791_j_popets-2021-0022_ref_027_w2aab3b7c18b1b6b1ab1ac27Aa","unstructured":"[27] GlobalSign. What is an OrganizationSSL Certificate? https:\/\/www.globalsign.com\/en\/ssl\/organization-ssl\/, (Accessed on 09\/07\/2019)."},{"key":"2022061423191789791_j_popets-2021-0022_ref_028_w2aab3b7c18b1b6b1ab1ac28Aa","unstructured":"[28] Google. HTTPS Encryption on the Web. https:\/\/transparencyreport.google.com\/https\/overview?hl=en, 2020."},{"key":"2022061423191789791_j_popets-2021-0022_ref_029_w2aab3b7c18b1b6b1ab1ac29Aa","unstructured":"[29] Google Public DNS. Frequently Asked Questions. https:\/\/developers.google.com\/speed\/public-dns\/faq#anycast, 2020."},{"key":"2022061423191789791_j_popets-2021-0022_ref_030_w2aab3b7c18b1b6b1ab1ac30Aa","unstructured":"[30] Luis Grangeia. DNS Cache Snooping. Technical report, Securi Team\u2014Beyond Security, 2004."},{"key":"2022061423191789791_j_popets-2021-0022_ref_031_w2aab3b7c18b1b6b1ab1ac31Aa","doi-asserted-by":"crossref","unstructured":"[31] Benjamin Greschbach, Tobias Pulls, Laura M Roberts, Philipp Winter, and Nick Feamster. The Effect of DNS on Tor\u2019s Anonymity. In Network and Distributed System Security Symposium (NDSS), 2017.10.14722\/ndss.2017.23311","DOI":"10.14722\/ndss.2017.23311"},{"key":"2022061423191789791_j_popets-2021-0022_ref_032_w2aab3b7c18b1b6b1ab1ac32Aa","doi-asserted-by":"crossref","unstructured":"[32] P. Hoffman and P. McManus. DNS Queries over HTTPS (DoH). RFC 8484, Internet Engineering Task Force, 2018.10.17487\/RFC8484","DOI":"10.17487\/RFC8484"},{"key":"2022061423191789791_j_popets-2021-0022_ref_033_w2aab3b7c18b1b6b1ab1ac33Aa","doi-asserted-by":"crossref","unstructured":"[33] Rebekah Houser, Zhou Li, Chase Cotton, and Haining Wang. An Investigation on Information Leakage of DNS over TLS. In International Conference on Emerging Networking Experiments And Technologies (CoNEXT), 2019.10.1145\/3359989.3365429","DOI":"10.1145\/3359989.3365429"},{"key":"2022061423191789791_j_popets-2021-0022_ref_034_w2aab3b7c18b1b6b1ab1ac34Aa","doi-asserted-by":"crossref","unstructured":"[34] Z. Hu, L. Zhu, J. Heidemann, A. Mankin, D. Wessels, and P. Hoffman. Specification for DNS over Transport Layer Security (TLS). RFC 7858, Internet Engineering Task Force, 2016.10.17487\/RFC7858","DOI":"10.17487\/RFC7858"},{"key":"2022061423191789791_j_popets-2021-0022_ref_035_w2aab3b7c18b1b6b1ab1ac35Aa","unstructured":"[35] ipinfo.io. Comcast Cable Communications, LLC (AS7922). https:\/\/ipinfo.io\/AS7922, Accessed on 9\/11\/2019."},{"key":"2022061423191789791_j_popets-2021-0022_ref_036_w2aab3b7c18b1b6b1ab1ac36Aa","unstructured":"[36] IronSocket. Access Your Favorite Social Network Sites. https:\/\/ironsocket.com\/, Accessed on 12, September 2020."},{"key":"2022061423191789791_j_popets-2021-0022_ref_037_w2aab3b7c18b1b6b1ab1ac37Aa","doi-asserted-by":"crossref","unstructured":"[37] Jaeyeon Jung, Emil Sit, Hari Balakrishnan, and Robert Morris. DNS Performance and the Effectiveness of Caching. IEEE\/ACM Transactions on Networking, 10(5):589\u2013603, 2002.10.1109\/TNET.2002.803905","DOI":"10.1109\/TNET.2002.803905"},{"key":"2022061423191789791_j_popets-2021-0022_ref_038_w2aab3b7c18b1b6b1ab1ac38Aa","unstructured":"[38] Mohammad Taha Khan, Joe DeBlasio, Chris Kanich, Geoffrey M. Voelker, Alex C. Snoeren, and Narseo Vallina-Rodriguez. An Empirical Analysis of the Commercial VPN Ecosystem. In ACM SIGCOMM Conference on Internet Measurement (IMC), 2018."},{"key":"2022061423191789791_j_popets-2021-0022_ref_039_w2aab3b7c18b1b6b1ab1ac39Aa","doi-asserted-by":"crossref","unstructured":"[39] Sheharbano Khattak, Tariq Elahi, Laurent Simon, Colleen M. Swanson, Steven J. Murdoch, and Ian Goldberg. SoK: Making Sense of Censorship Resistance Systems. Proceedings on Privacy Enhancing Technologies (PoPETS), 2016(4):37\u201361, July 2016.10.1515\/popets-2016-0028","DOI":"10.1515\/popets-2016-0028"},{"key":"2022061423191789791_j_popets-2021-0022_ref_040_w2aab3b7c18b1b6b1ab1ac40Aa","doi-asserted-by":"crossref","unstructured":"[40] Sheharbano Khattak, David Fifield, Sadia Afroz, Mobin Javed, Srikanth Sundaresan, Damon McCoy, Vern Paxson, and Steven J Murdoch. Do You See What I See? Differential Treatment of Anonymous Users. In Network and Distributed System Security Symposium (NDSS), 2016.10.14722\/ndss.2016.23342","DOI":"10.14722\/ndss.2016.23342"},{"key":"2022061423191789791_j_popets-2021-0022_ref_041_w2aab3b7c18b1b6b1ab1ac41Aa","doi-asserted-by":"crossref","unstructured":"[41] Akshaya Mani, Tavish Vaidya, David Dworken, and Micah Sherr. An Extensive Evaluation of the Internet\u2019s Open Proxies. In Annual Computer Security Applications Conference (ACSAC), December 2018.10.1145\/3274694.3274711","DOI":"10.1145\/3274694.3274711"},{"key":"2022061423191789791_j_popets-2021-0022_ref_042_w2aab3b7c18b1b6b1ab1ac42Aa","doi-asserted-by":"crossref","unstructured":"[42] P. Mockapetris. Domain Names - Implementation and Spec-ification. RFC 1035, Internet Engineering Task Force, 1987.10.17487\/rfc1035","DOI":"10.17487\/rfc1035"},{"key":"2022061423191789791_j_popets-2021-0022_ref_043_w2aab3b7c18b1b6b1ab1ac43Aa","unstructured":"[43] NordVPN. Advantages & Benefits of VPN (Virtual Private Network). https:\/\/nordvpn.com\/features\/, (Accessed on 05\/08\/2019)."},{"key":"2022061423191789791_j_popets-2021-0022_ref_044_w2aab3b7c18b1b6b1ab1ac44Aa","doi-asserted-by":"crossref","unstructured":"[44] Ingmar Poese, Steve Uhlig, Mohamed Ali Kaafar, Benoit Donnet, and Bamba Gueye. IP Geolocation Databases: Unreliable? ACM SIGCOMM Computer Communication Review, 41(2):53\u201356, April 2011.10.1145\/1971162.1971171","DOI":"10.1145\/1971162.1971171"},{"key":"2022061423191789791_j_popets-2021-0022_ref_045_w2aab3b7c18b1b6b1ab1ac45Aa","doi-asserted-by":"crossref","unstructured":"[45] Moheeb Abu Rajab, Fabian Monrose, and Niels Provos. Peeking Through the Cloud: Client Density Estimation via DNS Cache Probing. ACM Transactions on Internet Technology (TOIT), 10(3):9, 2010.","DOI":"10.1145\/1852096.1852097"},{"key":"2022061423191789791_j_popets-2021-0022_ref_046_w2aab3b7c18b1b6b1ab1ac46Aa","unstructured":"[46] Eric Rescorla, F. Oku, N. Sullivan, and C. Wood. Encrypted Server Name Indication for TLS 1.3. IETF draft tls-esni-03, Internet Engineering Task Force, 2019."},{"key":"2022061423191789791_j_popets-2021-0022_ref_047_w2aab3b7c18b1b6b1ab1ac47Aa","unstructured":"[47] RIPE Network Coordination Centre. RIPE Atlas. https:\/\/atlas.ripe.net\/, 2020."},{"key":"2022061423191789791_j_popets-2021-0022_ref_048_w2aab3b7c18b1b6b1ab1ac48Aa","doi-asserted-by":"crossref","unstructured":"[48] Sandra Siby, Marc Juarez, Claudia Diaz, Narseo Vallina-Rodriguez, and Carmela Troncoso. Encrypted DNS) Privacy? A Traffic Analysis Perspective. 2020.10.14722\/ndss.2020.24301","DOI":"10.14722\/ndss.2020.24301"},{"key":"2022061423191789791_j_popets-2021-0022_ref_049_w2aab3b7c18b1b6b1ab1ac49Aa","doi-asserted-by":"crossref","unstructured":"[49] Rachee Singh, Rishab Nithyanand, Sadia Afroz, Paul Pearce, Michael Carl Tschantz, Phillipa Gill, and Vern Paxson. Characterizing the Nature and Dynamics of Tor Exit Blocking. In USENIX Security Symposium (USENIX), August 2017.10.1145\/3232755.3232786","DOI":"10.1145\/3232755.3232786"},{"key":"2022061423191789791_j_popets-2021-0022_ref_050_w2aab3b7c18b1b6b1ab1ac50Aa","unstructured":"[50] Technology Analysis Branch of the Office of the Privacy Commissioner of Canada. What an IP Address Can Reveal About You. https:\/\/www.priv.gc.ca\/media\/1767\/ip_201305_e.pdf, May 2013."},{"key":"2022061423191789791_j_popets-2021-0022_ref_051_w2aab3b7c18b1b6b1ab1ac51Aa","unstructured":"[51] ThatsThem. Find People for free using an IP Address. https:\/\/thatsthem.com\/reverse-ip-lookup, Accessed on 12, September 2020."},{"key":"2022061423191789791_j_popets-2021-0022_ref_052_w2aab3b7c18b1b6b1ab1ac52Aa","unstructured":"[52] ThatsThem. Ptivacy Policy. https:\/\/thatsthem.com\/privacy-policy, Accessed on 13, September 2020."},{"key":"2022061423191789791_j_popets-2021-0022_ref_053_w2aab3b7c18b1b6b1ab1ac53Aa","doi-asserted-by":"crossref","unstructured":"[53] Michael Carl Tschantz, Sadia Afroz, Anonymous, and Vern Paxson. SoK: Towards Grounding Censorship Circumvention in Empiricism. In IEEE Symposium on Security and Privacy (Oakland), 2016.10.1109\/SP.2016.59","DOI":"10.1109\/SP.2016.59"},{"key":"2022061423191789791_j_popets-2021-0022_ref_054_w2aab3b7c18b1b6b1ab1ac54Aa","doi-asserted-by":"crossref","unstructured":"[54] Giorgos Tsirantonakis, Panagiotis Ilia, Sotiris Ioannidis, Elias Athanasopoulos, and Michalis Polychronakis. A Large-scale Analysis of Content Modification by Open HTTP Proxies. In Network and Distributed System Security Symposium (NDSS), 2018.10.14722\/ndss.2018.23244","DOI":"10.14722\/ndss.2018.23244"},{"key":"2022061423191789791_j_popets-2021-0022_ref_055_w2aab3b7c18b1b6b1ab1ac55Aa","unstructured":"[55] U.S. Code. Computer Fraud and Abuse Act (18 U.S. Code \u00a71030)."},{"key":"2022061423191789791_j_popets-2021-0022_ref_056_w2aab3b7c18b1b6b1ab1ac56Aa","unstructured":"[56] Benjamin VanderSloot, Allison McDonald, Will Scott, J. Alex Halderman, and Roya Ensafi. Scalable Remote Measurement of Application-Layer Censorship. In USENIX Security Symposium (USENIX), 2018."},{"key":"2022061423191789791_j_popets-2021-0022_ref_057_w2aab3b7c18b1b6b1ab1ac57Aa","unstructured":"[57] VPNUK. Secure Virtual Private Networking with VPNUK. https:\/\/www.vpnuk.net\/, Accessed on 12, September 2020."},{"key":"2022061423191789791_j_popets-2021-0022_ref_058_w2aab3b7c18b1b6b1ab1ac58Aa","doi-asserted-by":"crossref","unstructured":"[58] Zachary Weinberg, Shinyoung Cho, Nicolas Christin, Vyas Sekar, and Phillipa Gill. How to Catch when Proxies Lie: Verifying the Physical Locations of Network Proxies with Active Geolocation. In ACM SIGCOMM Conference on Internet Measurement (IMC), 2018.10.1145\/3278532.3278551","DOI":"10.1145\/3278532.3278551"},{"key":"2022061423191789791_j_popets-2021-0022_ref_059_w2aab3b7c18b1b6b1ab1ac59Aa","doi-asserted-by":"crossref","unstructured":"[59] W. Wimer. Clarifications and Extensions for the Bootstrap Protocol. RFC 1542, Internet Engineering Task Force, 1993.10.17487\/rfc1532","DOI":"10.17487\/rfc1532"},{"key":"2022061423191789791_j_popets-2021-0022_ref_060_w2aab3b7c18b1b6b1ab1ac60Aa","doi-asserted-by":"crossref","unstructured":"[60] Zhao Zhang, Tavish Vaidya, Kartik Subramanian, Wenchao Zhou, and Micah Sherr. Ephemeral Exit Bridges for Tor. In IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN), June 2020.10.1109\/DSN48063.2020.00042","DOI":"10.1109\/DSN48063.2020.00042"},{"key":"2022061423191789791_j_popets-2021-0022_ref_061_w2aab3b7c18b1b6b1ab1ac61Aa","doi-asserted-by":"crossref","unstructured":"[61] Zhao Zhang, Wenchao Zhou, and Micah Sherr. Bypassing Tor Exit Blocking with Exit Bridge Onion Services. In ACM Conference on Computer and Communications Security (CCS), November 2020.10.1145\/3372297.3417245","DOI":"10.1145\/3372297.3417245"},{"key":"2022061423191789791_j_popets-2021-0022_ref_062_w2aab3b7c18b1b6b1ab1ac62Aa","unstructured":"[62] zzz (Pseudonym) and Lars Schimmer. Peer Profiling and Selection in the I2P Anonymous Network. In PET-CON 2009.1, March 2009."}],"container-title":["Proceedings on Privacy Enhancing Technologies"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.sciendo.com\/pdf\/10.2478\/popets-2021-0022","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,7,20]],"date-time":"2022-07-20T16:31:24Z","timestamp":1658334684000},"score":1,"resource":{"primary":{"URL":"https:\/\/petsymposium.org\/popets\/2021\/popets-2021-0022.php"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,1,29]]},"references-count":62,"journal-issue":{"issue":"2","published-online":{"date-parts":[[2021,1,29]]},"published-print":{"date-parts":[[2021,4,1]]}},"alternative-id":["10.2478\/popets-2021-0022"],"URL":"https:\/\/doi.org\/10.2478\/popets-2021-0022","relation":{},"ISSN":["2299-0984"],"issn-type":[{"value":"2299-0984","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,1,29]]}}}