AI VPN v0.2 beta releases: provides an security assessment of VPN clients’ network traffic

by do son · Published September 17, 2021 · Updated May 1, 2024

Civilsphere AI VPN

The goal of this project is to better protect the privacy of civil society by researching and developing a locally and easy-to-implement VPN that checks the traffic of devices with AI-based detection to automatically block threats and stop dangerous privacy leaks. The detection of malicious threats, attacks, infections, and private leaked data is implemented using novel free software AI technology.

The AI VPN is a modular service that automates the generation and revocation of VPN accounts, featuring the automatic capture of network traffic for each account, and the automatic network traffic analysis and reporting of incidents. The AI VPN follows a microservices design and runs using Docker Compose.

The AI VPN is under active development. The functionality of the AI VPN is provided by multiple modules:

Module	Version	Status	Description
mod_manager	0.1	active	Coordinates the operation of the AI VPN
mod_redis	0.1	active	Data storage and messaging system for modules
mod_comm_recv	0.1	active	Responsible of receiving new VPN requests
mod_comm_send	0.1	active	Responsible of sending messages back to users
mod_openvpn	0.1	active	Provides the VPN service using OpenVPN
mod_report	0.1	active	Responsible for traffic analysis and reporting
mod_slips	0.1	planned	Threat detection and blocking

Motivation

The Civilsphere Project was born in 2018 at the Stratosphere Laboratory of the Czech Technical University in Prague. In Civilsphere we believe that NGOs’ work, as well the work of journalists, activists, and human rights defenders is a critical asset for our society and we need to protect them. It is their critical work that makes them a highly valuable political target for a wide variety of powerful actors. They receive a continuous flow of attacks and technical abuse the jeopardizes liberty and free expression in many countries. At Civilsphere we took a step forward to help them by providing free, advanced digital protection against state actors and others.

The AI VPN was designed to help people at risk obtain a quick and real-time security assessment of their devices’ network traffic to identify if they are compromised or at risk. The integration with the Stratosphere Linux IPS provides state-of-the-art machine learning algorithms to detect malware infections.

This project was created in the Artificial Intelligence Centre of the Czech Technical University in Prague in 2021. This project was initially funded by the NL NET foundation.

Features

The main features of AI VPN are:

You can install it in your organization and give VPN accounts to your employees
All the traffic going through the AI VPN is encrypted
The traffic is automatically analyzed using Slips, a behavioral-based IDS using machine learning and rules
You can use mails and Telegram channels to request a AI VPN profile. You can configure your own emails and Telegram channels
A report is automatically created and sent to you using email or Telegram
The backend VPN can be OpenSSL or Wireguard
You can use unencrypted VPN in countries where encryption is forbidden, but still provide analysis
It uses Pi-hole for automatic blocking of DNS requests and protection inside the VPN