The researcher who puts his finger on anonymity and traffic analysis

In his research, Tobias Pulls looks at analysing encrypted traffic patterns. ‘The patterns in traffic leak information that can be compared to fingerprints.

”A lot of what we do on the internet we don't even realise is leaking information that can actually be used in different contexts. By analysing traffic, you can see which pages are visited, what activities take place and, over time, you can learn routines and see who you are communicating with. Encryption does not protect against this, but it is the metadata that is sensitive. For us in the West, an open society is a given, but if you look at Russia, China or other countries in the Middle East, for example, it is not as obvious, and there it can also be downright dangerous to communicate or read about certain things,” he says.

An important aspect of the research that is coming up more and more is how AI can not only improve traffic analysis but also be used to protect communications.

”AI is an incredible tool when it comes to pattern recognition, in the same way as for image recognition, it is possible to draw conclusions about what you are doing online by recognising patterns in encrypted traffic. It's like Christmas Eve for those who want to attack using AI because so much progress is being made so quickly.”

Calls for a greater debate

That's why Tobias Pulls is currently working on a research project with the company Mullvad VPN to develop a protection called DAITA (Defence against AI-guided Traffic Analysis). 

”We have developed a concrete tool that is available in Mullvad's app and which is an on/off button that cleverly creates noise in the traffic that makes it more difficult to find patterns even with the help of AI,” he says.

Tobias Pulls also calls for a greater public debate on unfortunate proposals such as ChatControll and believes that there is great social benefit in encryption.

”We must learn to deal with the problems that come with encryption in other ways than sabotaging the technology that makes us all safer. ‘The benefits of it giving us all so much better protection and providing better cybersecurity for all of us weigh heavily,” he says.

One example is the Tor project, which has made the free internet available to people living in countries where free speech does not carry the same weight as in the West, a chance to communicate freely.

”It is an important tool for spreading our values of democracy and human rights based on advanced cryptographic technologies. It also shows that we can learn to deal with the problematic aspects of these technologies, for example by law enforcement authorities working on infiltration,” he says. 

”It costs time and resources, but in a democracy this is a positive thing. Cost-effective solutions that can systematically break encryption belong in dictatorships and make us all insecure. The same weaknesses that are used to circumvent encryption here in Sweden impair cybersecurity for the whole of society when other parties who wish us harm exploit the same weaknesses for their own purposes.”

As a researcher, he sees a lot of challenges ahead when it comes to encryption and protection against traffic analysis.

”As a user, you don't want the user experience to be worse. It can be with protection against traffic analysis that removes patterns in traffic through a lot of bridge traffic. My vision is a bit like encryption, which many years ago was considered too costly but today is on as standard without me as a user noticing anything. It should be as user-friendly as possible and still resist AI-based attacks. Fortunately, the internet is only getting faster, which means that there are margins for us who do traffic analysis protection,” he says.

Emelie Smedslund