https://gfw.report/publications/sp25/zh/

长期以来，中国的互联网审查有着相对集中的政策和统一的实现，这套系统被称为中国防火长城（GFW）。然而，自2023年8月以来，有传闻称河南省部署了自己的地区性审查系统。

在这项工作中，我们对河南省的省级审查进行描述和分析，并将其与国家级的GFW进行了比较。我们发现，河南建立了基于TLS SNI和HTTP Host的审查机制，用于检测和封锁离开该省的流量。虽然河南防火墙在复杂性和应对网络流量多样性方面有所欠缺，但其不稳定且激进的二级域名封锁策略，一度使其封锁的网站数量达到GFW的十倍之多。

我们基于对河南防火墙的流量解析缺陷和注入行为的观察，提出了一些简单的仅需客户端实现的办法来绕过河南省的审查。我们的工作记录了一种值得警惕的现象，即中国的地区性审查正在抬头。

GFW Report's Chinese homepage is LIVE! 🎉 Thanks to many amazing volunteers, our work (blogs, papers, speeches) is also available in Chinese.

We're dedicated to helping more people understand the censorship and restrictions users face globally:

https://gfw.report/zh/

GFW Report自2019年成立以来，今天终于拥有了自己的中文主页。在许多默默无闻的志愿者、好心人的帮助下，现在几乎所有的博文、论文和演讲也都有了中文版。我们希望能让更多的，不同背景的朋友们都更好地了解互联网审查，了解身处各地的网民所经历的审查限制 ：

https://gfw.report/zh/

在Xiaohuangbo还有其他许多志愿者的热心帮助下，“河南省防火墙”现在有了自己的维基百科条目！该条目目前只有中文版，如果您也想做贡献，我们非常欢迎您帮忙创建该条目的英文版。

https://zh.wikipedia.org/zh-hans/%E6%B2%B3%E5%8D%97%E7%9C%81%E9%98%B2%E7%81%AB%E5%A2%99

Henan Firewall now has an official Wikipedia page! Huge thanks to Xiaohuangbo and many other dedicated volunteers! It's currently only in Chinese, so if you'd like to contribute, we'd love your help creating an English edition.

https://zh.wikipedia.org/zh-cn/%E6%B2%B3%E5%8D%97%E7%9C%81%E9%98%B2%E7%81%AB%E5%A2%99

Our USENIX Security’23 paper, “How the Great Firewall of China Detects and Blocks Fully Encrypted Traffic,” won the 2025 Caspar Bowden Award for Outstanding Research Runner-up at PETS'25!

Thanks to the Privacy Enhancing Technologies Symposium and all our amazing co-authors.

Our paper is available at: https://gfw.report/publications/usenixsecurity23/en/

我们发表在USENIX Security’23 的论文《中国的防火长城是如何检测和封锁完全加密流量的》获得了 PETS 2025 Caspar Bowden 隐私增强技术杰出研究奖亚军。我们由衷的感谢多年来我们的合作者以及中国网民们对我们的无私帮助与支持。我们会再接再厉的。

论文链接：https://gfw.report/publications/usenixsecurity23/zh/

Our NDSS'25 "Wallbleed" paper has received the FOCI'25 Best Practical Paper Award. 🏆

This work was a true labor of love, and we are deeply grateful for the recognition from the Internet freedom community and support from everyone on this long journey.

https://gfw.report/publications/ndss25/en/

我们发表在NDSS'25 的论文《Wallbleed（墙出血）》获得了 FOCI'25 最佳实践论文奖。🏆

这项工作是我们心血的结晶，论文发表的过程更是历经坎坷。我们在此由衷地感谢反审查社区对我们工作的认可与支持，也借此机会感谢所有陪伴我们一路走来的各位的支持。

论文中文版：https://gfw.report/publications/ndss25/zh/

BREAKING: The Great Firewall of China Has Evolved its QUIC Censorship Capabilities

Our latest research, to be presented at USENIX Security '25, reveals that the Great Firewall of China (GFW) can now inspect encrypted QUIC Initial packets to perform real-time, SNI-based censorship and block specific domains. Our paper provides a deep analysis of the GFW's new censorship logic, reverse-engineers its heuristic parsing rules, and maps out its blocklist of targeted domains and services.

This new system introduces two critical vulnerabilities:

1️⃣ Degradation Attack: We propose a novel attack that can overwhelm the censorship apparatus by sending a moderate amount of carefully crafted traffic, temporarily reducing the GFW's effectiveness.

2️⃣ Availability Attack: We discovered that anyone can exploit the GFW and use it as a weapon to launch availability attacks, blocking UDP traffic between arbitrary hosts from China and the rest of the world.

Given the severity of the availability attack, we followed responsible disclosure protocols and notified CNCERT and Fang Binxing of the vulnerability. Their reaction (or lack thereof) is discussed in the paper.

To protect users, we have already collaborated with industry leaders including Mozilla (Firefox & Neqo), the quic-go project, and developers of all major QUIC-based circumvention tools to design and deploy effective countermeasures.

Read the full paper here:
https://gfw.report/publications/usenixsecurity25/en/