REAL
MagyarClear Cookie - decide language by browser settings

VPN Traffic Analysis: A Survey on Detection and Application Identification

Razooqi, Yasameen Sajid and Pekár, Adrián (2025) VPN Traffic Analysis: A Survey on Detection and Application Identification. IEEE Access, 13. pp. 132830-132848. ISSN 2169-3536

[img]
Preview
 Text
VPN_Traffic_Analysis_A_Survey_on_Detection_and_Application_Identification-2.pdf - Published Version
Available under License Creative Commons Attribution.
Download (1MB) | Preview

Abstract

Network traffic analysis is fundamental for cybersecurity, network management, and policy enforcement. The widespread adoption of encryption, particularly through Virtual Private Networks (VPNs), presents a significant challenge by obscuring traditional visibility methods. While VPNs enhance user privacy and security, they also create blind spots for network operators, potentially concealing malicious activities or hindering performance management. Analyzing the characteristics of traffic flowing through encrypted VPN tunnels, without decryption, has become a critical yet difficult task. This survey provides a comprehensive review of the state-of-the-art in VPN traffic analysis research published over the past decade (2016-2025). We specifically focus on three key tasks: detecting the presence of VPN traffic, identifying the specific VPN protocol or service used, and classifying the application traffic encapsulated within VPN tunnels. Based on a systematic review of the literature, we provide an in-depth analysis of the features, methodologies (including traditional and learning-based approaches), and datasets employed in recent studies. We synthesize reported performance results, analyze trends in feature and methodology evolution, and highlight the prevalent use and limitations of benchmark datasets. The survey identifies key technical challenges, discusses the implications of VPN traffic analysis for network security and Quality of Service (QoS), and proposes promising future research directions. This work serves as a vital resource for researchers and practitioners navigating the complexities of analyzing encrypted VPN traffic in modern networks.

Item Type: Article
Uncontrolled Keywords: Application identification, deep learning, encrypted traffic classification, machine learning, network security, survey, VPN detection, VPN traffic analysis
Subjects: Q Science / természettudomány > QA Mathematics / matematika > QA75 Electronic computers. Computer science / számítástechnika, számítógéptudomány
Depositing User: Dr Adrián Pekár
Date Deposited: 22 Sep 2025 07:47
Last Modified: 22 Sep 2025 07:47
URI: https://real.mtak.hu/id/eprint/224767

Actions (login required)

Edit Item Edit Item
EPrints Logo
Repository of the Academy's Library is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.