On Modeling the Costs of Censorship

We argue that the evaluation of censorship evasion tools should depend upon economic models of censorship. We illustrate our position with a simple model of the costs of censorship. We show how this model makes suggestions for how to evade censorship. In particular, from it, we develop evaluation criteria. We examine how our criteria compare to the traditional methods of evaluation employed in prior works.

💡 Research Summary

The paper argues that the evaluation of Internet censorship‑evasion tools should be grounded in economic models of the censor rather than in ad‑hoc, tool‑specific test suites. After highlighting the shortcomings of existing evaluation practices—namely, the difficulty of cross‑tool comparison, the lack of predictive power for real‑world deployments, and the tendency to focus only on the features the tool’s designers consider—the authors propose a cost‑based framework that treats the censor as a rational decision‑maker seeking to minimize expected expenses.

The core of the model defines a cost function c(t, a) for the censor’s action a (allow or disallow) on a packet of type t (allowed or disallowed). Given a set of observable features F, the censor selects the action d(i|F) that minimizes the expected cost over the probability distribution of packet types conditioned on those features. The total cost incurred for a packet i, C(i|F), captures the penalty of false negatives (failing to block disallowed traffic) and false positives (blocking allowed traffic), both of which are assumed to be positive because they harm the censor’s objectives.

Beyond classification errors, the model incorporates three additional expense categories:

1. Measurement costs (op(m)) – the resources needed to collect each feature (e.g., timing, packet length).
2. Storage costs (store(f)) – memory required to retain feature statistics, especially for flow‑level or distributional features that are more expensive than per‑packet attributes.
3. Implementation costs (imp(f)) – development effort required to add a new feature to the censor’s detection pipeline.

The expected total cost for a development cycle is expressed as the sum of classification costs over the traffic distribution plus the measurement, storage, and implementation costs for the feature set used in that cycle. This formulation makes explicit that more sophisticated, stateful, or distribution‑based features impose higher operational burdens on the censor.

To illustrate how the model can guide tool design, the authors discuss two classic evasion strategies:

• Polymorphism – varying the values of a single feature across many instances, thereby breaking a static blacklist signature. The censor must either adopt a more complex decision boundary (incurring higher computational and maintenance costs) or introduce a new feature (incurring measurement, storage, and implementation costs).
• Steganography – shaping traffic to mimic allowed protocols so closely that the feature becomes indistinguishable. In this case, refining the decision boundary offers little benefit; the censor must add a new discriminating feature, which again raises operational expenses.

Both cases demonstrate that an evasion tool that forces the censor to expend additional resources—whether by complicating classification logic or by expanding the feature set—achieves a higher “cost‑increase” score under the proposed framework.

The paper also touches on active manipulation, where the censor probes suspected evaders with crafted traffic to elicit recognizable responses. This strategy can force evaders to reveal more stable patterns, but it also adds a layer of interaction cost for the censor, reinforcing the arms‑race nature of the problem.

In the “Prior Work” section, the authors review existing evaluation methods such as usability studies, performance benchmarks, and binary notions of undetectability/unblockability. They argue that these approaches lack a quantitative economic dimension and often ignore the broader set of features a censor might exploit. By contrast, their cost‑based criteria evaluate a tool on the number of inexpensive features it successfully obfuscates, using surrogate metrics (e.g., feature entropy, statefulness) to approximate the censor’s real costs.

The authors acknowledge several limitations: the actual budgets and cost parameters of real‑world censors are unknown, so the model can only provide relative comparisons; the current formulation focuses solely on the censor’s side, leaving the evader’s development and deployment costs for future work; and the model assumes a blacklisting censor, which, while common, does not cover whitelist‑based regimes.

Despite these caveats, the paper makes a compelling case for integrating economic reasoning into censorship‑evasion research. By quantifying how many low‑cost features a tool can hide, researchers can prioritize designs that raise the censor’s operational burden, thereby achieving more durable circumvention. Future work is suggested to refine the cost parameters with empirical data, extend the model to include evader costs, and explore game‑theoretic equilibria between censors and evaders.