Saved in:
Bibliographic Details
Main Author: Parker, Amy Iris
Format: Preprint
Published: 2024
Subjects:
Online Access:https://arxiv.org/abs/2412.17352
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866913638937264128
author Parker, Amy Iris
author_facet Parker, Amy Iris
contents Full-packet encryption is a technique used by modern evasive Virtual Private Networks (VPNs) to avoid protocol-based flagging from censorship models by disguising their traffic as random noise on the network. Traditional methods for censoring full-packet-encryption based VPN protocols requires assuming a substantial amount of collateral damage, as other non-VPN network traffic that appears random will be blocked. I tested several machine learning-based classification models against the Aggressive Circumvention of Censorship (ACC) protocol, a fully-encrypted evasive VPN protocol which merges strategies from a wide variety of currently in-use evasive VPN protocols. My testing found that while ACC was able to survive our models when compared to random noise, it was easily detectable with minimal collateral damage using several different machine learning models when within a stream of regular network traffic. While resistant to the current techniques deployed by nation-state censors, the ACC protocol and other evasive protocols are potentially subject to packet-based protocol identification utilizing similar classification models.
format Preprint
id arxiv_https___arxiv_org_abs_2412_17352
institution arXiv
publishDate 2024
record_format arxiv
spellingShingle Efficacy of Full-Packet Encryption in Mitigating Protocol Detection for Evasive Virtual Private Networks
Parker, Amy Iris
Cryptography and Security
Machine Learning
Networking and Internet Architecture
C.2.2; E.3
Full-packet encryption is a technique used by modern evasive Virtual Private Networks (VPNs) to avoid protocol-based flagging from censorship models by disguising their traffic as random noise on the network. Traditional methods for censoring full-packet-encryption based VPN protocols requires assuming a substantial amount of collateral damage, as other non-VPN network traffic that appears random will be blocked. I tested several machine learning-based classification models against the Aggressive Circumvention of Censorship (ACC) protocol, a fully-encrypted evasive VPN protocol which merges strategies from a wide variety of currently in-use evasive VPN protocols. My testing found that while ACC was able to survive our models when compared to random noise, it was easily detectable with minimal collateral damage using several different machine learning models when within a stream of regular network traffic. While resistant to the current techniques deployed by nation-state censors, the ACC protocol and other evasive protocols are potentially subject to packet-based protocol identification utilizing similar classification models.
title Efficacy of Full-Packet Encryption in Mitigating Protocol Detection for Evasive Virtual Private Networks
topic Cryptography and Security
Machine Learning
Networking and Internet Architecture
C.2.2; E.3
url https://arxiv.org/abs/2412.17352