Proxy and VPN Detection

Proxy and VPN detection aims to identify whether the application's network traffic is being intercepted, redirected, or monitored through proxies, VPNs, or communication intermediary tools. This type of technique is frequently used in Man-in-the-Middle (MITM) attacks, in which a malicious actor seeks to capture, analyze, or modify communications between the application and its backend servers.

In mobile environments, the misuse of proxies or VPNs can allow inspection of requests and responses, alteration of data in transit, and attempts to bypass security mechanisms, compromising the confidentiality, integrity, and authenticity of the information transmitted by the application.

Technical Mechanism: MAD performs continuous checks on the device's connectivity environment to identify indications that the application's traffic is being routed through manually configured proxies or VPNs. From this analysis, the solution detects attempts to intercept or monitor network traffic and sends the detected event to the Command Center.

<key>anti-proxy</key>
    <true>