Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Anti-Traffic Analysis measure like Mullvad #375

Open
TimmyBoi155 opened this issue May 8, 2024 · 3 comments
Open

Anti-Traffic Analysis measure like Mullvad #375

TimmyBoi155 opened this issue May 8, 2024 · 3 comments

Comments

@TimmyBoi155
Copy link

https://mullvad.net/en/blog/introducing-defense-against-ai-guided-traffic-analysis-daita

"With the sophisticated AI of today, traffic analysis can potentially be used for mass surveillance. The extent to which traffic analysis is used today is difficult to ascertain. But the ambition is there. In 2021, Vice reported that the FBI purchased netflow data from a data broker claiming to cover over 90 percent of the world’s internet traffic."

How we combat traffic analysis: this is how DAITA works.

DAITA has been developed together with Computer Science at Karlstad University and uses three types of cover traffic to resist traffic analysis.

  1. Constant Packet Sizes

The size of network packets can be particularly revealing, especially small packets, so DAITA makes all packets sent over the VPN the same constant size.
2. Random Background Traffic

By unpredictably interspersing dummy packets into the traffic, DAITA masks the routine signals to and from your device. This makes it harder for observers to distinguish between meaningful activity and background noise.
3. Data Pattern Distortion

When visiting websites (or doing any other activity that causes significant traffic), DAITA modifies the traffic pattern by unpredictably sending cover traffic in both directions between client and VPN server. This distorts the recognizable pattern of a website visit, resisting accurate identification of the site.

Will IVPN plan on doing something similar?
@stenya
Copy link
Member

stenya commented May 8, 2024

Currently, IVPN apps support obfuscation options that can be used as part of a defense strategy against AI-guided traffic analysis:

  • V2Ray
  • Obfsproxy (for OpenVPN)

@TimmyBoi155
Copy link
Author

TimmyBoi155 commented May 14, 2024
edited
Loading

@stenya if IVPN wants to look at doing some advanced anti-traffic analysis like mullvad, here is the following info for it:

DAITA is built using the open-source Maybenot defense framework, which Mullvad helps to fund development of. The work has been academically peer reviewed and published as open access.

https://dl.acm.org/doi/pdf/10.1145/3603216.3624953

Quote from PDF:
"The Maybenot Framework and Simulator are available at https://crates.io/crates/maybenot and https://crates.io/crates/maybenot-simulator. They are both dual-licensed under either the MIT or Apache 2.0 licenses.
Our implementations of FRONT and RegulaTor are available on GitHub under the BSD-3-Clause license at https://github.com/ewitwer/maybenot-defenses."

@gyrusdentatus
Copy link

@TimmyBoi155 what you are describing sounds like something where you'd want a mixnet architecture instead of a VPN.
Looks like an interesting paper though, thanks for sharing !

It all depends on your security profile and use case. I do not want to be watching YouTube over Tor or mixnet. If you do not want to be fingerprinted AT ALL, just don't use internet at all. Otherwise the existing solutions are pretty painful to use as a daily-driver...

Does not mean I do not agree with you that we have to do something about it either way !!!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@stenya @gyrusdentatus @TimmyBoi155