Research

I am interested in cybersecurity research, currently working on security/privacy issues in LLMs/LLM-based Agentic Systems. I’m also keen on exploring applications of LLMs in cybersecurity as well as cyber forensics.

We present two novel attacks that cause VPN clients to leak traffic outside the protected VPN tunnel. The root cause of both attacks is a widespread design flaw in how clients configure the Operating System (OS) to route all traffic through the VPN tunnel. We show that by setting up a Wi-Fi access point or by spoofing DNS responses, an adversary can manipulate the victim into sending arbitrary traffic in plaintext outside the VPN tunnel. Our results reveal that 64.6% (126/195) and 73.6% (39/53) of tested VPN clients are vulnerable to our two attacks respectively.

Website referenced from Jon Barron's source code.