Some hints about Chinese GFW providers, related to the October 2022 large scale blocking.

[katayaburi]

I saw the following thing in Telegram. It does seem that deep learning has been used to identify mainstream proxy protocol features as stated by those associated within GFW. #129

跨境VPN监控系统_代理业务流量分析监管合规_信安设备_傲盾

Internet Archive

[wkrp]

What is the source of the top part of the screenshot? I don't see it at https://web.archive.org/web/20230331092744/https://www.aodun.com.cn/security_info/vpn.

Here is the lower part of the screenshot as text, for the benefit of future searching. The company is called 北京傲盾软件有限责任公司 "Beijing Aodun Software Ltd."

跨境VPN监控系统

Cross-border VPN monitoring system

对抗VPN加密流量的新一代智能识别引擎，基于旁路流量的全方位检测与响应，广泛覆盖SS、SSR、Vmess、 Trojan、Vless等隐蔽协议通道，精准识别国内数据中心内违规“翻墙”代理业务，多场景赋能企业安全合规运营。

立即咨询

功能特性

精准发现各类跨境VPN

傲盾跨境VPN监控系统经过海量VPN数据样本训练和自身跨境VPN情报库评价体系，可通过监控互联网出口双向流量， 精准识别Vmess、Vless、Trojan、SS等主流“翻墙”协议，也可以发现GRE、PPTP、L2TP、IPSec等传统VPN协议。

跨境VPN回溯分析

还原和存储加密VPN流量的元数据，能为用户呈现一次VPN代理的完整过程，帮助用户对跨境VPN进行回溯和深度分析。

黑白名单机制

跨境VPN监控系统提供IP黑白名单机制，针对异常IP可以实现旁路实时拦截，白名单IP可实现放行不监控的功能。

多维度VPN画像

跨境VPN监控系统通过多维度数据形成VPN画像，利用时间、端口、地区等数据形成异常IP评分体系，方便用户直观了解跨境行为链情况。

Cross-border VPN monitoring system

The new generation of intelligent identification engine against VPN encrypted traffic, based on the all-round detection and response of bypass traffic, widely covers SS, SSR, Vmess, Trojan, Vless and other hidden protocol channels, accurately identifies the illegal "wall" proxy business in domestic data centers, and empowers enterprises with security compliance in multiple scenarios. operation.

Inquire Now

Features

Accurate detection of all types of cross-border VPNs

With the training of massive VPN data samples and its own cross-border VPN intelligence database evaluation system, Aodun's cross-border VPN monitoring system can accurately identify mainstream "wall-flipping" protocols such as Vmess, Vless, Trojan, SS, etc. by monitoring two-way traffic on the Internet exit, as well as traditional VPNs such as GRE, PPTP, L2TP, IPSec, etc, L2TP, IPSec and other traditional VPN protocols.

Cross-border VPN Traceback Analysis

It can restore and store the metadata of encrypted VPN traffic, present the complete process of a VPN proxy for users, and help users to conduct backtracking and in-depth analysis of cross-border VPNs.

Black and white list mechanism

Cross-border VPN monitoring system provides IP black and white list mechanism, which can realize bypass real-time interception for abnormal IPs, and white-listed IPs can realize the function of letting go without monitoring.

Multi-dimensional VPN portrait

Cross-border VPN monitoring system forms VPN portrait through multi-dimensional data, using time, port, region and other data to form abnormal IP scoring system, which is convenient for users to intuitively understand the situation of cross-border behavior chain.

[diwenx]

@katayaburi Thanks for sharing.

It does seem that deep learning has been used to identify mainstream proxy protocol features as stated by those associated within GFW.

Do you mind sharing the source of this claim (that deep learning is used within GFW)? I wasn't able to find it on the page you linked.

[TXIuTnVsbA]

谢谢，已经被精准识别封了两个服务器的443端口。

Thank you, it has been accurately identified to block port 443 of both servers.