Effective investigation of fingerprintability requires incorporating perspectives of how ISPs and censors operate in practice. It is not enough to simply identify fingerprinting vulnerabilities; we need to demonstrate realistic exploits to illustrate the practicality of exploiting the vulnerability, while taking into consideration the ISP and censors' capabilities and constraints. Previous academic works considered using flow-level features to train ML classifiers for VPN detection, yet the practical implications for ISPs remain unclear.
Our study reveals that many previous works on ML-based VPN detection rely on datasets that do not accurately reflect real-world conditions. The use of the ISCXVPN2016 dataset, while useful, fails to account for various traffic patterns and server behaviors that ISPs encounter in practice. Consequently, there is a stark need for rigorous research focusing on real-world deployment scenarios to assess true effectiveness and limitations of VPN detection methodologies.
Collection
[
|
...
]