Virtual Private Networks (VPNs) provide secure communication mechanisms, such as encryption and tunneling, enabling users to circumvent censorship in a country (e.g. Iran), to access geo-blocked services, or to securely access an organization’s resources remotely. However, VPN services come with diﬀerent vulnerabilities or security issues, including weak security protocols, privacy issues, and reliability. First, this project aims at detecting diﬀerent VPN servers worldwide, then, at measuring how vulnerable these detected VPN service are to diﬀerent kinds of attacks such as version downgrade attack.
In this project, we perform Internet-wide active measurements to ﬁnd and characterize the VPN server deplyoment. To realize this, we plan to send VPN requests using diﬀerent VPN protocols such as L2TP/IPsec, SSTP, OpenVPN, IKEv2, Cisco AnyConnect, PPTP, Wireguard, etc. to the Internet hosts. In this way, we ﬁnd responsive IP addresses.
Then, targeting responsive IP addresses, we perform a full handshake to measure diﬀerent aspects of a VPN service, such as performance and vulnerabilities. Detecting VPN servers might also help in detecting VPN traﬃc which is an open research question sometimes addressed by machine learning techniques.