Skip to content

How can we improve Proton VPN?

← Proton VPN

Defense Against Traffic Analysis

Implementing an option that makes traffic analysis, done by AI or otherwise, more difficult. Similar to what Mullvad has created with DAITA

322 votes

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Anon shared this idea  ·   ·  Report…  ·  Admin →
How important is this to you?

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Jason Vinion commented  ·   ·  Report

    This is a must have and is mandatory for privacy if proton wants to stay up to date with security concerns.

  • Lukas Mayer commented  ·   ·  Report

    Proton's VPN is a significant part of my paid plan's value proposition.

    As other services adapted to higher traffic analysis capabilities of adversaries and have heavily invested in research, even Proton's more secure 'Secure Core' technology feels very 'legacy' compared to the more advanced solutions that others have already mentioned here.

  • cpu world commented  ·   ·  Report

    Here's a comment you can post on the Proton VPN DAITA page about your UK IP connection issue:

    I'm experiencing an interesting issue with UK IP connections that I'm hoping someone can help explain. When I connect to a UK server and try to access my WordPress website (https://thorpeparktickets.co.uk/), the site initially appears blocked or doesn't load properly. However, when I access other UK websites, they work perfectly fine. Strangely, if I refresh the page, my website then loads correctly.
    This seems to happen consistently only with my WordPress site when using UK IPs from ProtonVPN. Other country IPs work fine for my site, and other UK sites work fine with UK IPs - it's just this specific combination that causes the initial loading issue.
    Has anyone experienced similar behavior? Could this be related to:

    WordPress security plugins detecting VPN traffic patterns?
    CDN/caching issues with UK-based servers?
    Some kind of geo-blocking mechanism that's confused by the VPN connection?

    The fact that a simple refresh fixes it makes me think it might be a caching or initial handshake issue rather than a true block. Would love to hear if others have encountered this with WordPress sites and UK servers, and if DAITA might help with this kind of traffic analysis issue.
    Any insights would be appreciated!

  • charlie commented  ·   ·  Report

    100 percent for this, yes it can reduce speed but if anyone doesn't like that trade off they don't have to use it. It should obviously be optional but it should definitely exist.

  • Anon commented  ·   ·  Report

    Like NYM & Safing SPN

  • nifon commented  ·   ·  Report

    Defense Against Traffic Analysis is mandatory for privacy and for peace of mind.

  • Gemini commented  ·   ·  Report

    Doesnt stealth mode do that

  • Nuesha Brunelli commented  ·   ·  Report

    Information link, Karlstad University, about DAITA:

    https://www.kau.se/en/news/cybersecurity-researcher-have-developed-new-protection-against-ai-analysis

    "Researcher Tobias Pulls from the Department of Computer Science at Karlstad University, together with the Gothenburg-based company Mullvad VPN, has developed a new protection named DAITA ("Defense against AI-guided Traffic Analysis").

    The protection against the rapid AI development in traffic analysis is available in Mullvad's VPN app on various platforms throughout the year, which has over a million downloads worldwide."

  • Nuesha Brunelli commented  ·   ·  Report

    I use DAITA too, I see no drastic drop in speed. It might depend of which server you are using to connect and of how many features you activate in the app or even which DNS is used.

  • Bird commented  ·   ·  Report

    Just sharing my experience. I have been testing DAITA Mullvad feature and on my country the drop speed was around 70%.
    I am not against implementing it, but think it twice on how implement this feature as it doesn't seem easy and efficient

  • sesamee commented  ·   ·  Report

    Absolutely, i'd argue this is one of the most crucial and pertinent features that should be added, i've been researching this specific attack and there's a few of papers showing that traffic-analysis based website fingerprinting is actually very practical, there's been one conducted on the tor network recently with AI, and they had about a 95% accuracy rating of being able to identify which websites or services a user was accessing.

    Largely this has to do with identifying unique patterns in traffic flow, using packet timings, packet lengths, and packet spikes to generate a unique profile for each website, and then analyzing the traffic of the victim, comparing those profiles to their traffic.

    While defenses against this type of attack are not avaliable on protonVPN, one thing you can do to protect yourself against such an attack in the meantime is running internet radio and twitch livestreams in the background.

    This will add significant noise to the traffic and make it substantially more difficult for someone to conduct such an attack.

    But protonVPN should absolutely add in a defense against this, mullvad implements DAITA essentially by 1. only transmitting packets within a certain packet size range, and 2. adding noise to the traffic, so it should not be too hard for proton to add in such a feature.

Proton VPN: New feature

Categories

Feedback and Knowledge Base

(thinking…)