Throttling—capping total CRS traffic at Fab and withholding surplus—strictly dominates dumping surplus traffic onto a sacrificial protocol that will subsequently be blocked. Table 2 shows that at CTP = Fab·1.05 the circumventor's relative utility drops to 0.88 of the Fab baseline when dumping, while throttling preserves all open protocols; under a censor flooding attack dumping additionally loses protocol n entirely, making throttling the dominant strategy in both attack and no-attack conditions.

Adding a DPI apparatus with true positive rate TPR and false positive rate FPR creates three ordered thresholds Fam ≤ Fab ≤ Fmb governing censor strategy: allow all traffic (CTP ≤ Fam), deploy the apparatus (Fam < CTP ≤ Fmb), or block all traffic (CTP > Fmb). The apparatus does not qualitatively change the Nash equilibrium structure; it only shrinks the CTP range the circumventor can sustain, with the ordering Fmb ≥ Fab ≥ Fam holding whenever TPR ≥ FPR.

§4.3 detection

A censor can mount a zero-collateral-damage flooding attack by injecting fake CRS-protocol-conformant traffic into open channels, inflating the apparent CTP and evicting real circumvention traffic to throttled or sacrificial protocols. If injection is costless the censor can drive real circumvention throughput to zero while keeping all channels nominally open; the attack is equally effective against both throttling and dumping CTP control strategies.

§6.1 detection

In a single-round censorship game the only Nash equilibrium that keeps the channel open requires the circumvention traffic proportion (CTP) satisfy CTP ≤ F, where F = (βant+βbnt)/(αact+αbct+βant+βbnt). In repeated indefinite games a stable equilibrium exists at CTP = Z = (1−p)·CTPmax, where p is the per-round continuation probability, allowing a non-zero proportion of circumvention traffic to flow indefinitely without triggering shutdown.

§4.1–4.2 defense

The optimal multi-protocol CRS traffic allocation distributes circumvention traffic across n cover protocols proportionally to each protocol's non-circumvention traffic volume (CTPi = Li · CTP/(1−CTP)), keeping every individual protocol below the blocking threshold. This makes individual protocol channels independently optimizable, with the sole selection criterion being maximizing cover traffic volume L rather than any other protocol property.

§5.1 defense