Comment by push0ret
Could you protect against NetFlow analysis by pushing a bunch of noise over the VPN tunnel at all times? I'd assume it would at least make the analysis significantly more challenging.
Could you protect against NetFlow analysis by pushing a bunch of noise over the VPN tunnel at all times? I'd assume it would at least make the analysis significantly more challenging.
Some of the prior works in this paper[0] address noise in anonymity networks, but in general: you either add noise at the link level which malicious nodes can identify & ignore, or you add noise by injecting fake chaff packets that are dropped somewhere inside the network which are statistically identified when you look at packet density across the network.
This might or might not extend to VPN nodes depending on your threat model - I'd personally assume every single node offered to me by a company in exchange for money is malicious if I was concerned about privacy.
[0] https://www.cs.utexas.edu/~shmat/shmat_esorics06.pdf