FORENSIC AND BEHAVIOR ANALYSIS OF FREE ANDROID VPNS

Abstract

Millions of users worldwide use VPN clients to either circumvent censorship or to access geo-blocked content, and specifically for privacy and security purposes. In the pretext of secured communication and privacy, numerous free android-based VPNs are being pushed up in the Google Play store. However, the users aren’t sure or aware of whether the VPN is truly secure or just leaking their data. So, the forensic and behavior analysis of selected free android VPNs was carried out to study the usability of free android-based VPNs in terms of providing security and privacy; specifically, the presence of dangerous permissions, malware presence, traffic encryption, the DNS leaks, and the possibility of leaving forensic artifacts on the device after the VPN use. The study revealed considerable portion of the sample free VPNs were flagged malicious and had dangerous levels of permissions in use. While some failed the DNS leak test and some VPNs even did not encrypt the traffic. Given the availability of a huge number of Free VPNs in the Google Play store, it was found important that the users must be aware of the inherent risks put by the use of these Free VPNs.