The security gap between our expectations and the harsh digital reality is widening as AI-powered tools allow internet service providers (ISPs), authorities and even data brokers to track our online activities, despite being encrypted. That’s why one of the best VPN services on the market, Mullvad VPN, just dropped a new feature to prevent AI-powered snooping.
The provider says its Defense against AI-guided Traffic Analysis (DAITA) is “the first step” in the fight against advanced traffic analysis. Built entirely on an open source framework, DAITA beta is now available on Mullvad’s Windows VPN apps on Windows 10 and 11.
Online surveillance meets AI
Whether you use a secure VPN, the Tor network, or another privacy-oriented web browser, encryption alone cannot protect you from increasingly invasive surveillance practices. That’s because every time you visit a website, there’s an invisible exchange of data packets happening in the background between your device and the site you’re visiting.
When you use a VPN, this traffic is encrypted, meaning a third party cannot capture the information shared between you and your destination. However, your ISP can still see that some packets are being sent, how large they are, and how often this exchange takes place.
“Even if data is encrypted using a VPN and all the information packets leaving your computers are impossible to read, you are at least leaking the fact that your computer is on and communicating,” Jan Jonsson, CEO of Mullvad VPN, told me . “An analysis of (so-called) metadata can reveal a lot, especially if it is collected on a large scale across the planet.”
Vice has already been revealed in 2023 how the FBI used a tool to access users’ power data to fight crime. According to Jonsson, this type of surveillance is now on the rise thanks to AI tools that can allow your ISP or another snooper, such as a data broker or law enforcement officer, to trace these traffic patterns back to specific websites and users. Pattern recognition is indeed the core strength of AI. All this ultimately makes VPN users vulnerable to online surveillance.
“We don’t need to speculate about the extent to which traffic analysis is used today. We are only observing the development of AI and the development of authoritarian societies. There is also no need to speculate about what role traffic analysis will play in the future. mass surveillance,” said Jonsson. “What we need to do is recognize the threats and opportunities – and work on resistance.”
How Mullvad DAITA counters AI tracking
Mullvad collaborated with Karlstad University’s Department of Computer Science to develop a proactive solution against AI-powered traffic analysis. Then DAITA was born.
At a simple level, Mullvad’s goal is to confuse observers by changing the appearance of these data packets. As Jonsson put it, “to make analyzing the encrypted traffic and correlating it with website traffic damn difficult.”
For example, DAITA does this by making all packets sent over the VPN the same constant size. It also adds some random traffic to make it harder for third parties to distinguish between meaningful activity and background noise. It then changes the traffic pattern by unpredictably sending coverage traffic in both directions between the client and the VPN server.
Mullvad introduces Defense against AI-guided Traffic Analysis (DAITA) https://t.co/bfOVYCT0ziMay 7, 2024
DAITA was built entirely using an open-source defense network called Maybe not, an academic work that Mullvad partially funded. According to Tobias Pulls, a researcher at Karlstad University who took part in the project, Putting traffic analysis defenses into practice is long overdue, given how “the field is changing due to the rapid development of AI.”
While Mullvad’s DAITA is a unique security feature in the VPN market, another provider has recently developed an innovative solution to protect its users from these advanced surveillance practices.
NymVPN uses a tool called Mixnet to route data packets through five different VPN servers, shuffling them like a deck of cards along the way. This process, the provider says, ensures that the traffic data comes out completely randomly, making it impossible for authorities, hackers and other snoopers to identify who is sending which packet.
What we need to do is recognize the threats and opportunities – and work on resistance
Jan Jonsson, CEO of Mullvad VPN
“I assume there are many ways to route traffic between different relays to vary latency and make tracking more difficult. However, DAITA targets an attacker who can see ALL traffic on the net and use AI to track it all Mixnet usually doesn’t protect against this,” Jonsson told me, adding that while other security software offers similar solutions, DAITA is the only open-source tool developed by university researchers specializing in the subject.
To use DAITA, go to your app’s settings and click on VPN settings. You must enable the DAITA option in the WireGuard settings tab.
The first version of DAITA is currently only available on Windows 10 and 11, with the plan to expand its functionality to all operating systems. But not in the Mullvad browser, because “it only protects browser traffic and would not provide sufficient protection,” Jonsson explains, adding that the team wants to continue refining and developing the feature based on feedback to ensure privacy is the priority stays.
He said: “We’ve been funding this research for years, and there will be more studies and more versions as we learn more. And also adapt to new threats.”
We test and assess VPN services in the context of legal recreational use. For example:
1. Accessing a service from another country (subject to the terms and conditions of that service).
2. Protect your online security and strengthen your online privacy abroad.
We do not support or tolerate the illegal or malicious use of VPN services. Consuming pirated, paid for content is not endorsed or condoned by Future Publishing.