Home | robgjansen.com

Rob G. Jansen, PhD

Computer Scientist, Researcher, and Principal Investigator
U.S. Naval Research Laboratory, Washington, DC, USA

EXPERIENCE

2011 – present

U.S. Naval Research Laboratory
2008 – 2012

PhD, University of Minnesota

INTERESTS

Computer Security
Privacy Enhancing Technologies
Distributed Systems
Networking

CURRENT FOCI

Website Fingerprinting Methods and Analysis
Censorship Evasion with Proteus
Network Simulation with Shadow

RESEARCH THEMES

Internet Censorship Circumvention

How can we design technology that disrupts censorship and promotes free and open communication on the internet?

Encrypted Traffic Analysis

What can we learn from encrypted network traffic patterns and how can we protect against encrypted traffic analysis?

Privacy-Preserving Network Measurement

How can we conduct measurements of internet communication systems without invading the privacy of the systems' users?

Network and Distributed System Simulation

How can we run real, unmodified applications in a network simulation environment while meeting high performance requirements?

Overlay Network Performance Analysis

Which technologies can improve performance in overlay networks and how can we analyze and compare performance trade-offs?

RECENT PUBLICATIONS

Ryan Wails, Rob Jansen, Aaron Johnson, and Micah Sherr:

Censorship Evasion with Unidentified Protocol Generation. USENIX Security Symposium, 2025.

pdf abs bib details

We present the design and implementation of a novel approach to internet censorship evasion called Unidentified Protocol Generation (UPGen). UPGen automatically generates novel protocols for encrypted communication that are not easily recognizable as being UPGen protocols, but instead as some benign encrypted protocol unknown to the adversary. UPGen protocols are to be used to relay traffic to censored destinations via proxies, where each proxy can run a different UPGen-generated protocol. An adversary attempting to block at the protocol level but unable to identify UPGen protocols could cause significant collateral damage if it attempted to block all unidentified protocols. We conduct a security evaluation of UPGen employing state-of-the-art machine learning classifiers and find that it is infeasible to block UPGen protocols without also blocking existing encrypted protocols. We conduct small- and large-scale performance evaluations and find that UPGen protocols meet or exceed the performance of other common censorship evasion protocols.
```
@inproceedings{upgen-sec2025,
  title = {Censorship Evasion with Unidentified Protocol Generation},
  author = {Wails, Ryan and Jansen, Rob and Johnson, Aaron and Sherr, Micah},
  booktitle = {USENIX Security Symposium},
  year = {2025},
}
```
Paul Syverson, Rasmus Dahlberg, Tobias Pulls, and Rob Jansen:

Onion-Location Measurements and Fingerprinting. Proceedings on Privacy Enhancing Technologies, vol. 2025, no. 2, 2025.

pdf abs bib details

Onion-Location makes it easy for websites offering onion service access to support automatic discovery in Tor Browser of the random-looking onion address associated with their domain. We provide the first measurement study of how many websites are currently using Onion-Location. We also describe the open-source tools we created to conduct the study. Onion-Location has been criticized elsewhere for its lack of transparency and vulnerability to blocking. Perhaps even more troubling, we show that Onion-Location is vulnerable to very accurate fingerprinting. We present recommended changes to and alternatives to Onion-Location as well as steps towards even more secure onion discovery and association.
```
@article{onionloc-popets2025,
  title = {Onion-Location Measurements and Fingerprinting},
  author = {Syverson, Paul and Dahlberg, Rasmus and Pulls, Tobias and Jansen, Rob},
  journal = {Proceedings on Privacy Enhancing Technologies},
  volume = {2025},
  number = {2},
  year = {2025},
  doi = {10.56553/popets-2025-0074},
}
```
Rob Jansen, Ryan Wails, and Aaron Johnson:

Repositioning Real-World Website Fingerprinting on Tor. Workshop on Privacy in the Electronic Society, 2024.

pdf abs bib details

Website fingerprinting (WF) is a potentially devastating attack against Tor because it can break anonymity by linking a Tor user to their purportedly unlinkable internet destinations. Previous work proposes that an adversary trains WF classifiers either on synthetic traces that are programmatically generated using automated tools, or on real-world traces collected from one or more Tor exit relays. However, no existing work accurately represents a real-world threat model in which a WF adversary’s classifiers must be tested against real-world entry traces that are naturally created by real Tor users. In this paper we present Retracer, a novel method for producing labeled entry traces of genuine Tor traffic patterns. Retracer uses high-fidelity network simulation to accurately transform real-world exit traces into entry traces prior to training and testing WF classifiers. After first demonstrating that Retracer accurately transforms exit traces into entry traces, we then apply it to the recently released GTT23 dataset in a WF evaluation in which more than 3500 classifiers are tested against, for the first time, labeled entry traces of real Tor traffic patterns. Our evaluation yields the best available estimate of the performance an adversary can achieve when directing WF attacks at real Tor users.
```
@inproceedings{retracer-wpes2024,
  title = {Repositioning Real-World Website Fingerprinting on Tor},
  author = {Jansen, Rob and Wails, Ryan and Johnson, Aaron},
  booktitle = {Workshop on Privacy in the Electronic Society},
  year = {2024},
  doi = {10.1145/3689943.3695047},
}
```

see all