Operator makes useable tools to help people around the world with censorship, security, and privacy.
Adversary Lab is a service that analyzes captured network traffic to extract statistical properties. Using this analysis, filtering rules can be synthesized to block sampled traffic.
The purpose of Adversary Lab is to give researchers and developers studying network filtering a way to understand how easy it is to block different protocols. If you have an application that uses a custom protocol, Adversary Lab will demonstrate how a rule can be synthesized to systematically block all traffic using that protocol. Similarly, if you have a network filtering circumvention tool, then Adversary Lab can synthesize a rule to block your tool. This analysis can also be used to study tools that specifically attempt to defeat networking filtering, such as Pluggable Transports.
Adversary Lab analysis works by training a classifier on two observed data sets, the "allow" set and the "block" set. For instance, a simulated adversary could allow HTTP, but block HTTPS. By training the system with HTTP and HTTPS data, it will generate a rule that distinguishes these two classes of traffic based on properties observed in the traffic.
Swift 5.6, included in Xcode 11
To add network traffic to Adversary Lab for analysis you can use CanaryDesktop for macOS, or CanaryLinux for Linux. When selecting data to load, you should browse to the location of one of the zip files created by Canary. These zip files are named "adversary_data" followed by a timestamp.
- Datable - Swift convenience functions to convert between various different types and Data
- Song - Data structure serialization with static typing.
- Abacus - Swift data structures for data processing.
- SwiftUICharts - A charts / plotting library for SwiftUI.
- ZIPFoundation - ZIP Foundation is a library to create, read and modify ZIP archive files.
Please read CONTRIBUTING.md for details on our code of conduct, and the process for submitting pull requests.
SemVer is used for versioning. For the versions available, see the tags on this repository.
- Dr. Brandon Wiley - Concept and initial work - Operator Foundation
- Adelita Schule - Swift implementation - Operator Foundation
This project is licensed under the MIT License - see the LICENSE.md file for details
AdversaryLab is based on Dr. Brandon Wiley's dissertation work, "Circumventing Network Filtering with Polymorphic Protocol Shapeshifting".