Injecting a single replayed ACK packet every 100 ms into a SkypeMorph session is sufficient to permanently stall data transfer: the server continuously resets its sequence counter back to the replayed position and never advances, while legitimate VoIP call traffic is completely unaffected. The attack requires the censor to induce only a small amount of server-to-client packet loss to prevent the legitimate ACK counter from overtaking the injected value, as shown in Figure 5b.

FreeWave's modem synchronization depends on a preamble transmitted only at connection start (approximately 0.25 seconds for a 2048-symbol preamble); a censor applying 95% packet loss for under one second at the beginning of the session reliably prevents synchronization and breaks the connection, while reducing VoIP MOS only briefly and leaving the remainder of the session intact (Figure 2). With fixed data-frame designs, the censor can repeat preamble-targeted drops on every frame, achieving complete desynchronization at low average packet loss rates tolerable to legitimate VoIP.

§4.2, Figure 2 detection

SkypeMorph and FreeWave both overlay a client-proxy communication model onto a peer-to-peer VoIP network; because Skype clients attempt direct peer contact before falling back to supernodes, initiating a call to a FreeWave proxy reveals its IP address directly to the caller, and proxy nodes accumulate user-to-bridge ratios that reached 8–12× in Syria/Iran and up to 120:1 in China (Figure 8), producing concentration signatures uncharacteristic of normal P2P call distributions. These architectural mismatches allow enumeration and fingerprinting attacks independent of traffic-content analysis.

§5, Figure 8 detection

By targeting SkypeMorph's deterministic ACK-flagging schedule (one ACK every ~100 ms) and capping overall packet loss at 5–20%, a censor can drop up to 47% of ACK packets, reducing SkypeMorph throughput from its normal ~200 KB/s to 5–10 KB/s (a 90–95% reduction) while VoIP call quality remains within acceptable MOS thresholds. The attack exploits the reliability mismatch between the loss-tolerant UDP cover channel and the TCP-like retransmission layer SkypeMorph builds over it.

§4.3.2, Figure 4 detection

FreeWave's modem generates audio whose packet-length distribution has dramatically lower variance than human speech, even when transmitted through Skype's variable-bit-rate encoder; Figure 9 shows that English and Portuguese speech samples produce high-variance packet-length sequences while modem audio produces a narrow, nearly constant distribution, providing a reliable passive classifier for modem-over-VoIP traffic. This content mismatch persists even with perfect emulation of the VoIP protocol framing.

§6, Figure 9 detection

An internet-wide scan of 500k IP addresses from an in-country VPS vantage point found TCP establishment-interception injections on 43,479 addresses (8.7% of scanned), with over 70% concentrated in two Akamai ASes (AS16625 and AS20940). The injection pattern — triggered by the first packet sent to these addresses — is consistent with targeted blocking of domain-fronting proxies hosted on Akamai CDN.

2025-alaraj-iran-refraction §4.1.2 packet-injectionrst-injectionip-blocking

Iran's censorship of refraction-networking proxies (Conjure via Psiphon) is not monolithic: different ISPs independently deploy different techniques and timelines. Over 800 million logged Conjure connections from July 2023–February 2025 across 10+ Iranian ASes show TCI (AS58224, ~33% of traffic) uses packet injection, while MCCI/Hamrah-e Avval (AS197207, ~22%) applies IP-based blocking, and some ASes (Parsonline AS16322, Shatel AS31549) show no proxy blocking at all.

2025-alaraj-iran-refraction §4 rst-injectionip-blockingpacket-injectiondpi

Wallbleed was a buffer over-read in the GFW's DNS injection subsystem that caused middleboxes to append up to 125 bytes of their own process memory to forged DNS responses. The bug persisted for at least two years (confirmed from October 2021); the GFW issued an incorrect partial patch in November 2023 (Wallbleed v2 remained exploitable) and fully patched it in March 2024. Over 5.1 billion Wallbleed responses were collected during continuous measurement, and an IPv4-wide scan found 242 million IP addresses across 381 autonomous systems receiving Wallbleed-injected responses — including some traffic whose source and destination were both outside China, due to routing through China's network border.

2025-fan-wallbleed §1–§3, §7 dns-poisoningpacket-injection

Iran's DNS censor now injects two distinct block-page IPs: 10.10.34.36 (≈87% of 47,633 censored domains) and 10.10.34.34 (≈13%). Both originate from the same network node at Iran's border. Prior research (Aryan et al. 2013) described only 10.10.34.34. The IP injected correlates strongly with the HTTP censorship method applied: domains with 10.10.34.34 in DNS receive TCP RST via HTTP (86.8% of RST cases), while domains with 10.10.34.36 in DNS receive HTTP block pages (84.6% of block-page cases).

2025-lange-i-ra-nconsistencies §3.1, Table 2 dns-poisoningrst-injectionpacket-injection

Over 2.5 months (Nov 2024–Jan 15, 2025), IRBlock scanned all 11M Iranian IPv4 addresses daily, finding 6.8M IPs subject to DNS poisoning and HTTP blockpage injection, and 5.4M IPs subject to UDP-based traffic disruption. Testing over 700M FQDNs (500M apex domains) revealed 6M banned FQDNs from 3.3M censored apex domains. Of 537 active ASes in Iran, 485 (90.3%) exhibited blocking for at least 25% of assigned IPs. DNS and HTTP censorship overlapped at >99% of censored IPs; UDP blocking was a strict subset of DNS-censored IPs, affecting ~5M addresses.

2025-tai-irblock §5.1, §1 dns-poisoningpacket-injectionhttp3-quic-block

The GFI's HTTP and HTTPS filters are now stateful (requiring initial SYN packet with matching sequence numbers) and have been activated on all TCP ports—not only standard ports 80 and 443 as reported by prior studies. This is a significant departure from previous work that found stateless HTTP/HTTPS blocking limited to standard ports. The HTTP filter injects a 403 Forbidden blockpage (not RST packets as used by the GFW), while HTTPS injects a single RST+ACK packet. The GFI also exhibits TCP non-compliance (not requiring a full three-way handshake to trigger filtering), enabling outside-in measurement without in-country servers.

2025-tai-irblock §2.1, §3.2 dpirst-injectionpacket-injectionmiddlebox-interference