pith. sign in

arxiv: 2606.22717 · v1 · pith:F4RM7NW4new · submitted 2026-06-21 · 💻 cs.CR · cs.NI

One-Prompt Censorship Evasion via Generative Diffusion Models

Shiyi Ling , Yuhang Gan , Chen Qian This is my paper

Pith reviewed 2026-06-26 09:43 UTC · model grok-4.3

classification 💻 cs.CR cs.NI
keywords censorship evasiondiffusion modelsnetwork trafficimage-to-image editinggenerative modelstraffic obfuscationinternet censorship
0
0 comments X

The pith

Diffusion models can turn censored network traffic into benign patterns with one natural language prompt.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper reframes censorship evasion as a semantic image-to-image editing problem rather than a search or configuration task. It presents FlowPaint, which applies an instruction-tuned diffusion model to reshape network flows represented as images. The model draws on its trained knowledge to produce traffic that satisfies the user's intent while matching benign patterns that evade detection. Evaluations show this single-prompt method works against both rule-based middleboxes and machine-learning classifiers and requires no per-mechanism tuning. A sympathetic reader would see the approach as removing the need for specialized expertise or brittle heuristics in the ongoing censorship arms race.

Core claim

FlowPaint is a generative framework that converts network flows to images and uses instruction-tuned diffusion models to perform semantic edits that convert censored traffic into patterns indistinguishable from benign flows, controlled entirely by natural language prompts.

What carries the argument

FlowPaint, an instruction-tuned diffusion architecture performing semantic editing on network flows cast as images.

If this is right

  • Users counter multiple censorship paradigms by changing only the natural language instruction.
  • Evasion no longer requires manual fitness functions or domain-specific languages.
  • Performance exceeds prior automated baselines on both industrial rule-based and learning-based detectors.
  • The same model can be repurposed across different censor types without retraining per modality.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • Censors may need new detectors tuned to diffusion-generated statistical signatures in traffic.
  • The method could extend to other domains where semantic editing of protocol data is useful, such as privacy-preserving data sharing.
  • Non-expert users gain practical access to evasion tools that previously demanded technical configuration.

Load-bearing premise

Representing network flows as images lets diffusion models edit them into functional traffic that evades detection without breaking the original communication or adding detectable artifacts.

What would settle it

Measure whether FlowPaint-generated flows preserve the original protocol semantics and payload delivery while passing a target censor's classifier on live traffic.

Figures

Figures reproduced from arXiv: 2606.22717 by Chen Qian, Shiyi Ling, Yuhang Gan.

Figure 1
Figure 1. Figure 1: Work Flow of FlowPaint. Traffic Encoder transforms raw flows into images (§3.3). Generative Editor refines these representations (§3.4). Protocol Decoder projects the outputs back into valid traffic (§3.5). 3.1 Overview FlowPaint transforms censorship-triggering flows into benign patterns through instructions. The core intuition driving our approach is that network flows, when visualized as a bit-level bit… view at source ↗
Figure 2
Figure 2. Figure 2: Visualization of Instruction-Guided Traffic Editing. The inference process: (1) Input Original Flow (left); (2) Textual Evasion Prompt (middle); and (3) The Repainted Flow (right) generated by Generative Editor. bits (1), Purple denotes unset flags (0), and Yellow indicates padding (−1). The center panel displays the Evasion Prompt, providing the high-level instruction that guides the editing. The Repainte… view at source ↗
Figure 3
Figure 3. Figure 3: Deep Fingerprinting Sensitivity. TPR of four OOD protocols at varied FPR thresholds (10−4 , 10−3 , 0.05, 0.1). TPR to 0.94–0.95), demonstrating its unique ability to perturb traffic features beyond the strict boundaries of benign training data. To further scrutinize evasion performance under varying strictness levels, we conduct a granular ROC analysis on Deep Fingerprinting. We select Deep Fingerprinting … view at source ↗
Figure 4
Figure 4. Figure 4: Latency Performance. TTFB trends across varying network RTTs. degrades by 10×, whereas FlowPaint increases by only 1.28×. This confirms that our system is compute-bound rather than network-bound: the 1.9s TTFB represents a one-time startup cost, as subsequent 1,024-packet blocks are processed in a fully pipelined fashion without recurring delays. Consequently, this overhead will naturally decrease with fut… view at source ↗
read the original abstract

The escalating arms race between Internet censorship and evasion has driven censors to evolve from static rule-based filtering to sophisticated deep learning-based traffic analysis. While recent automated evasion tools have attempted to counter this by leveraging stochastic search and programmable heuristics, they continue to suffer from insufficient evasion robustness across diverse censorship modalities and poor usability due to complex, mechanism-specific configurations that require manual fitness tuning or domain-specific languages. In this paper, we propose a paradigm shift that reframes censorship evasion as a semantic image-to-image editing task, allowing users to execute it with a single prompt. We introduce FlowPaint, a novel generative framework that leverages the "world knowledge" of large diffusion models to automatically reshape censored traffic into benign patterns. FlowPaint utilizes an instruction-tuned diffusion architecture to perform semantic editing on network flows. Evaluations against both industrial-grade rule-based middleboxes and learning-based classifiers demonstrate that FlowPaint outperforms existing censorship evasion baselines, enabling users to counter diverse censorship paradigms solely by varying natural language instructions

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

2 major / 0 minor

Summary. The manuscript introduces FlowPaint, a generative framework that reframes censorship evasion as a semantic image-to-image editing task using instruction-tuned diffusion models on network flows. It claims that this approach allows users to evade diverse censorship paradigms by varying natural language instructions and outperforms existing baselines against both rule-based middleboxes and learning-based classifiers.

Significance. If the core technical assumptions hold and the claimed outperformance is demonstrated, the work could offer a notable improvement in usability for evasion tools by removing the need for mechanism-specific configurations. No such validation is present in the manuscript, however, so significance cannot be assessed.

major comments (2)
  1. [Abstract] Abstract: The claim that 'Evaluations against both industrial-grade rule-based middleboxes and learning-based classifiers demonstrate that FlowPaint outperforms existing censorship evasion baselines' is unsupported by any quantitative results, datasets, experimental setup, or error analysis. This directly undermines the central claim of the paper.
  2. [Abstract] Abstract (reframing paragraph): The approach assumes that representing network flows as images allows diffusion-based semantic editing to produce functional, undetectable traffic. No justification is given that the encoding preserves protocol invariants such as sequence numbers, timing, and payload integrity, or that an inverse mapping exists that restores a syntactically valid flow; if either fails, edited outputs will break sessions or remain detectable by stateful middleboxes.

Simulated Author's Rebuttal

2 responses · 0 unresolved

Thank you for the detailed review of our manuscript. We address each major comment point by point below and indicate the revisions we will make.

read point-by-point responses

  1. Referee: [Abstract] Abstract: The claim that 'Evaluations against both industrial-grade rule-based middleboxes and learning-based classifiers demonstrate that FlowPaint outperforms existing censorship evasion baselines' is unsupported by any quantitative results, datasets, experimental setup, or error analysis. This directly undermines the central claim of the paper.

    Authors: We agree that the abstract claim lacks supporting quantitative evidence, datasets, setup details, or error analysis in the current manuscript. This is a substantive gap. We will revise the manuscript to include a full experimental section with quantitative results, specific datasets, experimental setup, baselines, and error analysis, and we will update the abstract to accurately reflect these additions rather than making an unsupported claim. revision: yes

  2. Referee: [Abstract] Abstract (reframing paragraph): The approach assumes that representing network flows as images allows diffusion-based semantic editing to produce functional, undetectable traffic. No justification is given that the encoding preserves protocol invariants such as sequence numbers, timing, and payload integrity, or that an inverse mapping exists that restores a syntactically valid flow; if either fails, edited outputs will break sessions or remain detectable by stateful middleboxes.

    Authors: We agree this is a critical technical point that requires explicit justification. The current manuscript does not provide sufficient detail on how the flow-to-image encoding preserves protocol invariants or on the inverse mapping to valid flows. We will add a dedicated subsection in the methods describing the encoding process, mechanisms for preserving sequence numbers, timing, and payload integrity, the decoding procedure, and discussion of implications for stateful middleboxes, including any limitations. revision: yes

Circularity Check

0 steps flagged

No circularity: abstract-only text contains no equations, fits, or self-citation chains

full rationale

The provided abstract reframes censorship evasion as an image-to-image editing task and introduces FlowPaint without presenting any derivation, equations, parameter fits, or citations. No load-bearing step reduces to its own inputs by construction, and the central claim remains an empirical proposal whose independence cannot be assessed from the given text alone. This is the expected honest non-finding when no derivation chain is visible.

Axiom & Free-Parameter Ledger

0 free parameters · 0 axioms · 0 invented entities

Abstract-only review yields no explicit free parameters, axioms, or invented entities beyond the introduction of the FlowPaint framework itself.

pith-pipeline@v0.9.1-grok · 5696 in / 1142 out tokens · 25519 ms · 2026-06-26T09:43:35.282100+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Reference graph

Works this paper leans on

46 extracted references · 17 canonical work pages

  1. [1]

    Alice, Bob, Carol, Jan Beznazwy, and Amir Houmansadr. 2020. How China Detects and Blocks Shadowsocks. In Proceedings of the Internet Measurement Conference (IMC ’20)(Virtual Event, USA)(IMC ’20). Association for Computing Machinery, New York, NY, USA, 111–124. doi:10.1145/3419394.3423644

    work page doi:10.1145/3419394.3423644 2020

  2. [2]

    2019.obfs4 (The obfourscator) Protocol Specification

    Yawning Angel. 2019.obfs4 (The obfourscator) Protocol Specification. Technical Report. The Tor Project. https: //github.com/Yawning/obfs4/blob/master/doc/obfs4-spec.txt

    2019

  3. [3]

    Kevin Bock, George Hughey, Xiao Qiang, and Dave Levin. 2019. Geneva: Evolving Censorship Evasion Strategies. InProceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS ’19)(London, United Kingdom)(CCS ’19). Association for Computing Machinery, New York, NY, USA, 2199–2214. doi:10.1145/3319535.3363 189

    work page doi:10.1145/3319535.3363 2019

  4. [4]

    Leo Breiman. 2001. Random Forests.Machine Learning45, 1 (2001), 5–32

    2001

  5. [5]

    Tim Brooks, Aleksander Holynski, and Alexei A. Efros. 2023. InstructPix2Pix: Learning to Follow Image Editing Instructions. In2023 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR). 18392–18402. doi:10.110 9/CVPR52729.2023.01764

    arXiv 2023

  6. [6]

    Sam Burnett, Nick Feamster, and Santosh Vempala. 2010. Chipping away at censorship firewalls with user-generated content. InProceedings of the 19th USENIX Security Symposium(Washington, DC)(USENIX Security’10). USENIX Association, USA, 29

    2010

  7. [7]

    Adriel Cheng. 2019. PAC-GAN: Packet Generation of Network Traffic using Generative Adversarial Networks. In2019 IEEE 10th Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON). 0728–0734. doi:10.1109/IEMCON.2019.8936224

    work page doi:10.1109/iemcon.2019.8936224 2019

  8. [8]

    2008.The Transport Layer Security (TLS) Protocol Version 1.2

    Tim Dierks and Eric Rescorla. 2008.The Transport Layer Security (TLS) Protocol Version 1.2. RFC 5246. RFC Editor. https://www.rfc-editor.org/rfc/rfc5246.txt https://www.rfc-editor.org/rfc/rfc5246.txt

    2008

  9. [9]

    Hugging Face Diffusers. 2023. SDXL-InstructPix2Pix-768. https://huggingface.co/diffusers/sdxl-instructpix2pix-768. Accessed: 2026

    2023

  10. [10]

    Lucas Dixon, Thomas Ristenpart, and Thomas Shrimpton. 2016. Network Traffic Obfuscation and Automated Internet Censorship.IEEE Security & Privacy14, 6 (2016), 43–53. doi:10.1109/MSP.2016.121

    work page doi:10.1109/msp.2016.121 2016

  11. [11]

    Dyer, Scott E

    Kevin P. Dyer, Scott E. Coull, Thomas Ristenpart, and Thomas Shrimpton. 2013. Protocol misidentification made easy with format-transforming encryption. InProceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS ’13)(Berlin, Germany)(CCS ’13). Association for Computing Machinery, New York, NY, USA, 61–72. doi:10.1145/2508859.25...

    work page doi:10.1145/2508859.2516657 2013

  12. [12]

    Dyer, Scott E

    Kevin P. Dyer, Scott E. Coull, and Thomas Shrimpton. 2015. Marionette: A Programmable Network Traffic Obfuscation System. InProceedings of the 24th USENIX Security Symposium. USENIX Association, Washington, D.C., 367–382. https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/dyer

    2015

  13. [13]

    Roya Ensafi, David Fifield, Philipp Winter, Nick Feamster, Nicholas Weaver, and Vern Paxson. 2015. Examining How the Great Firewall Discovers Hidden Circumvention Servers. InProceedings of the Internet Measurement Conference (IMC ’15)(Tokyo, Japan)(IMC ’15). Association for Computing Machinery, New York, NY, USA, 445–458. doi:10.1145/ 2815675.2815690

    arXiv 2015

  14. [14]

    Jiajun Gong and Tao Wang. 2020. Zero-delay Lightweight Defenses against Website Fingerprinting. In29th USENIX Security Symposium (USENIX Security 20). USENIX Association, 717–734. https://www.usenix.org/conference/usenix security20/presentation/gong

    2020

  15. [15]

    Google. 2026. Recommended upload encoding settings. https://support.google.com/youtube/answer/1722171 Accessed: 2026

    arXiv 2026

  16. [16]

    Zhiyuan He, Aashish Gottipati, Lili Qiu, Xufang Luo, Kenuo Xu, Yuqing Yang, and Francis Y. Yan. 2024. Designing Network Algorithms via Large Language Models. InProceedings of the 23rd ACM Workshop on Hot Topics in Networks (Irvine, CA, USA)(HotNets ’24). Association for Computing Machinery, New York, NY, USA, 205–212. doi:10.1145/36 96348.3696868

    work page doi:10.1145/36 2024

  17. [17]

    Pieter Hintjens. 2013. CurveZMQ: ZeroMQ Security Handshake. https://rfc.zeromq.org/spec/26/. ZeroMQ RFC 26

    2013

  18. [18]

    Jonathan Ho, Ajay Jain, and Pieter Abbeel. 2020. Denoising diffusion probabilistic models. InProceedings of the 34th International Conference on Neural Information Processing Systems(Vancouver, BC, Canada)(NIPS ’20). Curran Associates Inc., Red Hook, NY, USA, Article 574, 12 pages

    2020

  19. [19]

    Jonathan Ho and Tim Salimans. 2022. Classifier-Free Diffusion Guidance.arXiv preprint arXiv:2207.12598(2022)

    Pith/arXiv arXiv 2022

  20. [20]

    Jordan Holland, Paul Schmitt, Nick Feamster, and Prateek Mittal. 2021. New Directions in Automated Traffic Analysis. InProceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS ’21)(Virtual Event, Republic of Korea)(CCS ’21). Association for Computing Machinery, New York, NY, USA, 3366–3383. doi:10.1145/3460 120.3484758

    work page doi:10.1145/3460 2021

  21. [21]

    Michio Honda, Yoshifumi Nishida, Costin Raiciu, Adam Greenhalgh, Mark Handley, and Hideyuki Tokuda. 2011. Is it still possible to extend TCP?. InProceedings of the Internet Measurement Conference (IMC ’11)(Berlin, Germany)(IMC ’11). Association for Computing Machinery, New York, NY, USA, 181–194. doi:10.1145/2068816.2068834

    work page doi:10.1145/2068816.2068834 2011

  22. [22]

    Rob Jansen and Nicholas Hopper. 2012. Shadow: Running Tor in a Box for Accurate and Efficient Experimentation. In Proceedings of the Network and Distributed System Security Symposium (NDSS). The Internet Society

    2012

  23. [23]

    Xi Jiang, Shinan Liu, Aaron Gember-Jacobson, Arjun Nitin Bhagoji, Paul Schmitt, Francesco Bronzino, and Nick Feamster. 2024. NetDiffusion: Network Data Augmentation Through Protocol-Constrained Traffic Generation.Proc. ACM Meas. Anal. Comput. Syst.8, 1, Article 11 (Feb. 2024), 32 pages. doi:10.1145/3639037

    work page doi:10.1145/3639037 2024

  24. [24]

    Ding Li, Yuefei Zhu, Minghao Chen, and Jue Wang. 2022. Minipatch: Undermining DNN-Based Website Fingerprinting With Adversarial Patches.IEEE Transactions on Information Forensics and Security17 (2022), 2437–2451. doi:10.1109/TI FS.2022.3186743

    work page doi:10.1109/ti 2022

  25. [25]

    libp2p Team. 2017. SECIO Security Transport Layer Specification. https://github.com/libp2p/specs/tree/master/secio. Accessed: 2026

    2017

  26. [26]

    Xinjie Lin, Gang Xiong, Gaopeng Gou, Zhen Li, Junzheng Shi, and Jing Yu. 2022. ET-BERT: A Contextualized Datagram Representation with Pre-training Transformers for Encrypted Traffic Classification. InProceedings of the ACM Web Conference 2022(Virtual Event, Lyon, France)(WWW ’22). Association for Computing Machinery, New York, NY, USA, 633–642. doi:10.114...

    work page doi:10.1145/3485447.3512217 2022

  27. [27]

    Ruijie Meng, Martin Mirchev, Marcel Böhme, and Abhik Roychoudhury. 2024. Large language model guided protocol fuzzing. InProceedings of the Network and Distributed System Security Symposium (NDSS), Vol. 2024

    2024

  28. [28]

    Milad Nasr, Alireza Bahramali, and Amir Houmansadr. 2021. Defeating DNN-Based Traffic Analysis Systems in Real-Time With Blind Adversarial Perturbations. In30th USENIX Security Symposium (USENIX Security 21). USENIX Association, 2705–2722. https://www.usenix.org/conference/usenixsecurity21/presentation/nasr

    2021

  29. [29]

    Netflix. 2026. Internet connection speed recommendations. https://help.netflix.com/en/node/306 Accessed: 2026

    2026

  30. [30]

    Niklas Niere, Felix Lange, Robert Merget, and Juraj Somorovsky. 2025. Transport Layer Obscurity: Circumventing SNI Censorship on the TLS-Layer. In2025 IEEE Symposium on Security and Privacy (SP). 1344–1362. doi:10.1109/SP61157.20 25.00151

    work page doi:10.1109/sp61157.20 2025

  31. [31]

    Sadia Nourin, Van Tran, Xi Jiang, Kevin Bock, Nick Feamster, Nguyen Phong Hoang, and Dave Levin. 2023. Measuring and Evading Turkmenistan’s Internet Censorship: A Case Study in Large-Scale Measurements of a Low-Penetration Country. InProceedings of the ACM Web Conference 2023(Austin, TX, USA)(WWW ’23). Association for Computing Machinery, New York, NY, US...

    work page doi:10.1145/3543507.3583189 2023

  32. [32]

    2018.The Transport Layer Security (TLS) Protocol Version 1.3

    Eric Rescorla. 2018.The Transport Layer Security (TLS) Protocol Version 1.3. RFC 8446. RFC Editor. https://www.rfc- editor.org/rfc/rfc8446.txt https://www.rfc-editor.org/rfc/rfc8446.txt. , Vol. 1, No. 1, Article . Publication date: June 2026. 20 Shiyi Ling, Yuhang Gan, and Chen Qian

    2018

  33. [33]

    Robin Rombach, Andreas Blattmann, Dominik Lorenz, Patrick Esser, and Bjorn Ommer. 2022. High-Resolution Image Synthesis with Latent Diffusion Models. In2022 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR). IEEE Computer Society, Los Alamitos, CA, USA, 10674–10685. doi:10.1109/CVPR52688.2022.01042

    work page doi:10.1109/cvpr52688.2022.01042 2022

  34. [34]

    Shadowsocks Team. 2012. Shadowsocks: A Secure Socks5 Proxy. https://shadowsocks.org/. Accessed: 2026

    2012

  35. [35]

    Tal Shapira and Yuval Shavitt. 2021. FlowPic: A Generic Representation for Encrypted Traffic Classification and Applications Identification.IEEE Transactions on Network and Service Management18, 2 (2021), 1218–1232. doi:10.110 9/TNSM.2021.3071441

    arXiv 2021

  36. [36]

    Payap Sirinam, Mohsen Imani, Marc Juarez, and Matthew Wright. 2018. Deep Fingerprinting: Undermining Website Fingerprinting Defenses with Deep Learning. InProceedings of the ACM SIGSAC Conference on Computer and Commu- nications Security (CCS ’18)(Toronto, Canada)(CCS ’18). Association for Computing Machinery, New York, NY, USA, 1928–1943. doi:10.1145/324...

    work page doi:10.1145/3243734.3243768 2018

  37. [37]

    Stratosphere Laboratory. 2014. Stratosphere IPS Dataset. https://www.stratosphereips.org/datasets-normal. Accessed: 2025

    2014

  38. [38]

    Ryan Wails, Rob Jansen, Aaron Johnson, and Micah Sherr. 2025. Censorship evasion with unidentified protocol generation. InProceedings of the 34th USENIX Security Symposium(Seattle, WA, USA)(SEC ’25). USENIX Association, USA, Article 40, 20 pages

    2025

  39. [39]

    Dyer, Aditya Akella, Thomas Ristenpart, and Thomas Shrimpton

    Liang Wang, Kevin P. Dyer, Aditya Akella, Thomas Ristenpart, and Thomas Shrimpton. 2015. Seeing through Network- Protocol Obfuscation. InProceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS ’15)(Denver, Colorado, USA)(CCS ’15). Association for Computing Machinery, New York, NY, USA, 57–69. doi:10.1145/2810103.2813715

    work page doi:10.1145/2810103.2813715 2015

  40. [40]

    Yahui Wang, Zhiyong Zhang, Kejing Zhao, Peng Wang, and Ruirui Wu. 2024. A few-shot learning based method for industrial internet intrusion detection.International Journal of Information Security23, 5 (2024), 3241–3252

    2024

  41. [41]

    Zhongjie Wang and Shitong Zhu. 2020. SymTCP: Eluding stateful deep packet inspection with automated discrepancy discovery. InProceedings of the Network and Distributed System Security Symposium (NDSS)

    2020

  42. [42]

    Philipp Winter, Tobias Pulls, and Juergen Fuss. 2013. ScrambleSuit: a polymorphic network protocol to circumvent censorship. InProceedings of the 12th ACM Workshop on Workshop on Privacy in the Electronic Society(Berlin, Germany) (WPES ’13). Association for Computing Machinery, New York, NY, USA, 213–224. doi:10.1145/2517840.2517856

    work page doi:10.1145/2517840.2517856 2013

  43. [43]

    Wright, Scott E

    Charles V. Wright, Scott E. Coull, and Fabian Monrose. 2009. Traffic Morphing: An Efficient Defense Against Statistical Traffic Analysis. InProceedings of the Network and Distributed System Security Symposium (NDSS). https://api.semant icscholar.org/CorpusID:2562331

    2009

  44. [44]

    Alex Halderman

    Eric Wustrow, Scott Wolchok, Ian Goldberg, and J. Alex Halderman. 2011. Telex: Anticensorship in the Network Infrastructure. InProceedings of the 20th USENIX Security Symposium. USENIX Association, San Francisco, CA. https: //www.usenix.org/conference/usenix-security-11/telex-anticensorship-network-infrastructure

    2011

  45. [45]

    Guorui Xie, Qing Li, Zhenning Shi, Gianni Antichi, Yijia Zhu, Kejun Li, Changxing Weng, Sebastiano Miano, Yong Jiang, and Mingwei Xu. 2026. Defending against Traffic Analysis Attacks with Flexible In-Network Obfuscation. In Proceedings of the 23rd USENIX Symposium on Networked Systems Design and Implementation (NSDI ’26, to appear). USENIX Association

    2026

  46. [46]

    Ylonen and C

    T. Ylonen and C. Lonvick. 2006.The Secure Shell (SSH) Transport Layer Protocol. RFC 4253. RFC Editor. https://www.rfc- editor.org/rfc/rfc4253.txt https://www.rfc-editor.org/rfc/rfc4253.txt. , Vol. 1, No. 1, Article . Publication date: June 2026

    2006