Post-handshake tampering signatures (⟨SYN;ACK→RST⟩ and ⟨SYN;ACK→RST+ACK⟩) constitute 34.4% of tampered connections from Iranian networks, but over 70% from Sri Lanka networks and over 81% from Turkmenistan networks, suggesting that censors in the latter two countries disproportionately block at the IP/TCP-handshake level before any application-layer content is visible — consistent with IP-list-based blocking rather than SNI-based DPI.

Manual analysis of 700+ unique packet groupings from possibly tampered connections yielded 19 high-confidence tampering signatures — up from 6 in prior work — covering 86.9% of all possibly tampered connections. Post-SYN signatures account for 43.2% of possibly tampered connections (99.5% matching a known signature), post-ACK for 16.1% (98.7%), and post-first-data-packet (PSH+ACK) for 5.3% (97.9%), with 19 signatures described as flag-sequence patterns of the form ⟨X→Y⟩ in Table 1.

§4.1, Table 1 detection

Sampling 1-in-10,000 TCP connections at Cloudflare's 285+ PoPs (serving ~17–20% of the Internet's websites, handling 45M HTTP requests/second at average load) over two weeks in January 2023 revealed that 25.7% of all sampled connections were 'possibly tampered.' The passive technique requires no vantage points inside censored networks, covering cellular, enterprise, and low-penetration-country networks that active measurement cannot reach.

§3.2, Abstract evaluation

Censoring middleboxes predominantly use RST injection rather than in-path packet dropping because injecting forged RST/RST+ACK packets does not require the middlebox to sit in the data path — off-path copies of packets suffice. The GFW specifically injects both RST and RST+ACK packets simultaneously after an offending PSH, a known idiosyncratic signature, while Iran's censor uses post-handshake RST injection (⟨SYN;ACK→RST⟩) and packet drops at the same stage.

§2.1, §4.1 detection

Passive measurement of real user connections demonstrates that published active-measurement test lists (Citizen Lab, Herdict, GreatFire, Berkman Klein, and top-K lists) miss a considerable fraction of domains that are actively being tampered with, as confirmed in §5.5. Because passive measurement is driven by real user requests rather than an a priori domain list, it can discover blocked domains that were never included in any test list and has no dependency on volunteers providing ground truth.

§5.5, §2.2 evaluation

An internet-wide scan of 500k IP addresses from an in-country VPS vantage point found TCP establishment-interception injections on 43,479 addresses (8.7% of scanned), with over 70% concentrated in two Akamai ASes (AS16625 and AS20940). The injection pattern — triggered by the first packet sent to these addresses — is consistent with targeted blocking of domain-fronting proxies hosted on Akamai CDN.

2025-alaraj-iran-refraction §4.1.2 packet-injectionrst-injectionip-blocking

Iran's censorship of refraction-networking proxies (Conjure via Psiphon) is not monolithic: different ISPs independently deploy different techniques and timelines. Over 800 million logged Conjure connections from July 2023–February 2025 across 10+ Iranian ASes show TCI (AS58224, ~33% of traffic) uses packet injection, while MCCI/Hamrah-e Avval (AS197207, ~22%) applies IP-based blocking, and some ASes (Parsonline AS16322, Shatel AS31549) show no proxy blocking at all.

2025-alaraj-iran-refraction §4 rst-injectionip-blockingpacket-injectiondpi

DeResistor-generated evasion strategies achieve an overall success rate of up to 98.61% against GFW (across vantage points in Qingdao, Shanghai, and Beijing) for the best strategy, and 100% in both India (Bangalore) and Kazakhstan (Oral) for the top-performing strategy, while standalone Geneva strategies tested in the same environment achieve comparable or slightly lower rates on some censors but are blocked at the IP level before training completes.

2023-amich-deresistor §6.3, Table 2 rst-injectiondns-poisoningip-blocking

The authors' blockpage-based methodology cannot detect transit censorship implemented via TCP RST injection or packet drops, because distinguishing these from transient network errors requires identifying their location on the routing path. As a result, the 8-country, 6-AS finding is explicitly characterized as a lower bound on the true extent of Russian transit censorship.

2023-ortwein-towards §4.1 Gathering Blockpages / §6 Conclusion rst-injectionip-blockingmeasurement-platform

OONI data shows anomaly rates in Russia's top five ASes (including Rostelecom AS12389, Vimpelcom AS8402) rose from roughly 7–11% in January and early February 2022 to 12–21% in mid-March 2022, with social-media and news domains such as Facebook, Twitter, Instagram, and BBC going from available to near-completely blocked after the invasion.

2023-ramesh-network §4.1 dpirst-injectionip-blockingdns-poisoning

DNEye detected DoTH (DoT and DoH) blocking across the largest number of ASes in China, with interference against Cloudflare, Quad9, AdGuard, and CleanBrowsing resolvers emerging in early March 2021. Blocking patterns varied per-AS rather than following a centralized GFW DNS-level policy, indicating individual ISP implementation. Saudi Arabia, by contrast, showed coordinated SNI-based blocking of the same DoH resolvers across different ASes, indicating centralized policy.

2022-hoang-measuring §4.2, Table 5 rst-injectionsni-blockingip-blocking