Towards a Secure Zero-rating Framework with Three Parties


Zhiheng Liu and Zhen Zhang, Lehigh University; Yinzhi Cao, The Johns Hopkins University/Lehigh University; Zhaohan Xi and Shihao Jing, Lehigh University; Humberto La Roche, Cisco Systems


Zero-rating services provide users with free access to contracted or affiliated Content Providers (CPs), but also incur new types of free-riding attacks. Specifically, a malicious user can masquerade a zero-rating CP or alter an existing zero-rating communication to evade charges enforced by the Internet Service Provider (ISP). According to our study, major commercial ISPs, such as T-Mobile, China Mobile, and airport WiFi, are all vulnerable to such free-riding attacks. In this paper, we propose a secure, backward compatible, zero-rating framework, called ZFree, which only allows network traffic authorized by the correct CP to be zero-rated. We perform a formal security analysis using ProVerif, and the results show that ZFree is secure, i.e., preserving both packet integrity and CP server authenticity. We have implemented an open-source prototype of ZFree available at this repository ( A working demo is at this link ( Our evaluation shows that ZFree is lightweight, scalable and secure.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

Presentation Audio

@inproceedings {217559,
author = {Zhiheng Liu and Zhen Zhang and Yinzhi Cao and Zhaohan Xi and Shihao Jing and Humberto La Roche},
title = {Towards a Secure Zero-rating Framework with Three Parties},
booktitle = {27th {USENIX} Security Symposium ({USENIX} Security 18)},
year = {2018},
isbn = {978-1-931971-46-1},
address = {Baltimore, MD},
pages = {711-728},
url = {},
publisher = {{USENIX} Association},