Hugo Santos Pereira

Hugo Santos Pereira

PhD Student in Computer Science
@ NOVA FCT

Traffic Shaping for Network Protocols: A Modular and Developer-Friendly Framework

Published in Free and Open Communications on the Internet, 2025

System Design

The framework is designed as a modular, developer-oriented traffic-shaping system that strengthens censorship circumvention and privacy-preserving communication tools against early-traffic fingerprinting and traffic analysis attacks. Its focus is on the initial seconds of a connection, which are highly distinctive and information-dense.

Architecture Overview

The system operates as a transparent shim between the application and the network stack. At its core is the Traffic Shaper, which enforces configurable schedules for packet size, timing, and burst patterns. The shaping logic is transport-agnostic and can be applied across protocols including TCP, UDP, QUIC, and TLS.

Traffic is first intercepted and buffered, then segmented, and finally released according to the shaping schedule. This can be applied independently to either side of the connection (proxy or client).

Shaping Policies

Two main approaches are used to generate shaping strategies:

  1. Predefined/User-defined Schedules: Hand-crafted shaping strategies to mimic common traffic patterns, such as constant-rate transmissions, server-driven variable pacing, and periodic background activity.
  2. GAN-Generated Schedules: Generative adversarial networks trained on real traffic traces (e.g., web browsing) produce realistic, timestamped sequences of packet sizes and inter-arrival times for the early session.

By applying shaping only to the initial seconds of the connection, we aim to minimize bandwidth and latency overhead while providing resistance to early-traffic fingerprinting attacks.

Research Questions

  1. Effectiveness: Does early-session traffic shaping mitigate existing fingerprints or introduce new identifiable patterns?
  2. Performance: Will early-traffic shaping impact the systems performance?

Bibtex

@inproceedings{Pereira2025b,
    author = {Hugo Santos Pereira and Afonso Vilalonga and Kevin Gallagher and Henrique Domingos},
    title = {Extended Abstract: Traffic Shaping for Network Protocols: A Modular and Developer-Friendly Framework},
    booktitle = {Free and Open Communications on the Internet},
    publisher = {},
    year = {2025},
    url = {https://petsymposium.org/foci/2025/foci-2025-0011.pdf},
}

Acknowledgments

This work was supported by the FCT Ph.D. scholarship grant (PRT/BD/154787/2023), awarded by the CMU Portugal Affiliated Ph.D. program. The authors thank the anonymous reviewers for their feedback.