Pseudonymity is insufficient for dissent networks: social-network profile information can be correlated with external data to deanonymize users, and fixed-infrastructure networks enable localization attacks even without explicit identity. The authors argue that true anonymity—or at minimum strong deniability where usage is non-incriminating and activity is difficult to trace—is required to protect participants.

TCP-based web traffic performs poorly on mesh networks because each wireless hop halves effective bandwidth (bidirectional ACKs share the same half-duplex channel) and introduces highly variable latency and loss; voice traffic is similarly unsuitable due to jitter. Applications leveraging delay-tolerant networking principles or requiring only very low bandwidth are identified as the category of workloads that can function within mesh constraints.

§4.2 evaluation

Purpose-built or uncommon radio hardware provides governments a legal pretext for crackdowns, is subject to import restrictions, and aids identification of dissidents via radio direction-finding equipment. The authors conclude that only ubiquitous, innocuous devices—smartphones and standard indoor WiFi access points—can be used in a dissent network without raising suspicion or endangering users.

§5.1 defense

Gupta and Kumar proved that the per-node capacity of a multihop wireless network approaches zero as the number of nodes increases; Li et al. experimentally validated this result for 802.11-based mesh networks. The authors emphasize this is an architectural constraint derived from fundamental radio physics, holding for arbitrary networks regardless of routing protocol.

§4.1 evaluation

Mesh networks can reach meaningful scale only by adopting centralized management, planned growth, and a static topology—properties that simultaneously create a single point of failure and make nodes easy targets for government radio direction-finding. Decentralized, organic, mobile mesh retains safety properties but at the cost of near-zero effective capacity as network size grows.

§4, §7 defense

A three-stage detection pipeline exploiting the "dual-role" behavioral fingerprint of single-IP circumvention relays achieved 23.2% recall (96/414 ground-truth relays) with a 0.18% false-positive rate against 97,651 benign TLS servers, for an overall accuracy of 99.5%. The ground-truth set covered OpenVPN, WireGuard, and SOCKS relays identified in a 17 TB single-day backbone trace (WIDE Project, April 9, 2025).

2026-almutairi-server §3.4, Table 1 traffic-shapedpiflow-correlation

Multi-censor simulations show that single-censor-optimized distribution strategies perform suboptimally in realistic multi-region deployments. When two networks have different censor strategies (e.g., one optimal, one zig-zag), the distributor cannot detect that a proxy is blocked until all censors have blocked it; this leaves clients without reachable proxies despite the proxy appearing "available" from the distributor's view. The authors conclude that "single-censor evaluation does not accurately predict more realistic deployment performance." A zig-zag censor in one region with 0.25 weight caused 44.4% collateral damage while reducing proxy lifetime to a median of 4 steps.

2026-fares-game §6, Table 4 traffic-shapeflow-correlation

The zig-zag traffic analysis attack (confirmed supported in Geedge TSG leak) rapidly enumerates all static proxy pools. With ζ_watch ∈ {4, 6} steps and a best-quality classifier (ρ_TP=0.99, ρ_FP=0.001), almost total proxy enumeration and user blockage occurs well before step 300. Even ζ_watch=2 leaves ~50% of users blocked. Collateral damage is high across all settings when ζ_watch ≥ 4: eventually ~50% of innocent servers are also blocked. However, Snowflake-style ephemeral proxies resist zig-zag effectively: reachability remains above 95% after 360 steps because churn prevents the censor from expanding its known proxy set beyond agents' direct assignments.

2026-fares-game §5.1, Fig 3, Fig 4 traffic-shapeflow-correlation

The paper concludes with design guidelines for future FIA-based privacy-enhancing technologies, identifying that path-aware routing in SCION and NDN's in-network caching both create new surveillance exposure: SCION path headers reveal routing metadata to on-path censors; NDN caching at routers means content is replicated at points under censor control. The authors recommend that PETs built on FIAs treat these architectural features as threat vectors, not privacy benefits.

2025-wrana-sok-surveillance §6 dpiflow-correlation

Wrana et al. systematically assess how well existing surveillance and censorship mechanisms can target users of Future Internet Architectures (FIAs) — including NDN, SCION, XIA, and MobilityFirst — finding that DPI and flow-correlation techniques from the current internet map onto FIA traffic with moderate adaptation. The paper identifies that FIA naming/addressing schemes introduce new censorship attack surfaces (e.g., content-name-based filtering in NDN) not present in IP-based architectures.

2025-wrana-sok-surveillance §4, §5 dpiflow-correlationmeasurement-platform

Per-flow RTTdiff detection rates are only ~20% because the majority of proxy flows connect to CDN-cached content (Cloudflare, Google, Fastly) that sits within 5ms of the proxy, suppressing the discrepancy. However, aggregating across flows per website visit yields detection rates exceeding 70%—and from the abstract, approximately 80% of top-5K domains generate at least one detectable flow—with half of those detections made within the first 60 packets. This means an adversary can reliably expose client and proxy IPs after just a few website visits.

2025-xue-discriminative §VI-C-2, Table II traffic-shapeflow-correlation