GGrantIndex
← Search

Collaborative Research: SaTC: CORE: Medium: Rethinking the Fundamentals of Tunneling Technologies for Security, Privacy, and Usability

$466,619FY2022CSENSF

Arizona State University, Scottsdale AZ

Investigators

Abstract

Virtual Private Networks, or VPNs, are an important and integral part of the security and privacy practices of tens of millions of Americans, and of activists, journalists, and NGOs around the world that protect U.S. interests and help to carry out U.S. foreign policy. Despite the fact that the VPN ecosystem has expanded into a multi-billion dollar industry, there are many aspects of VPN security and privacy in practice that remain severely understudied and unvetted. How well does a VPN protect users against an attacker who can make educated guesses about what traffic is hidden behind the VPN? How feasible is it to hide VPN traffic so that it is not blocked? Do VPNs meet users' privacy and security expectations? How often do VPN providers follow security and privacy best practices? What are the other security and privacy best practices that should be put in place? This project is answering these questions through technical assessments, carefully designed measurements, and detailed quantitative and qualitative research. Virtual Private Networks, or VPNs, effectively form an encrypted tunnel to protect user traffic. This project aims to develop both intellectual understanding and technical and practical solutions for VPN security and privacy through four concurrent efforts: (1) building methods to ethically measure what is contained in users’ metadata and unencrypted data that needs protection; (2) analyzing how the layers of a tunnel technology interact in vulnerable ways, akin to the much better-studied theoretical limitations of network intrusion detection systems; (3) mapping out the evolving tunneling ecosystem by automating methodical exploration of different tunneling tools; (4) using quantitative and qualitative research to understand the stakeholders’ (users, providers, recommenders) needs to find the best ways to facilitate desired outcomes. These efforts combined will improve the security and privacy of tunnel technologies in all layers of the OSI network stack, from physical, link, and routing all the way through application into the human layer. This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

View original record on NSF Award Search →