PERSEUS Technology

Description of PERSEUS Technology

PERSEUS is an open source technology whose aim is to secure any kind of communication streams against illegitimate or abusive eavesdropping except for Nation State Security offices, provided that a suitable, huge computing power is used (from tens of hours with a supercomputer). PERSEUS enables to provide at the same time users' needs for privacy and confidentiality while preserving the ability of security agencies (police, defense, national security...) to eavesdrop communications of really bad actors (terrorists, child pornographs...). The PERSEUS technology can be very useful in different cases:

  • To protect against illegal or abusive eavesdropping activity by malware on a large scale (e.g. botnets which are listening on non standard TCP ports rather than hooking keyboards for example; hooking techniques are indeed supposed to be detected by antivirus software).
  • To protect against private stream eavesdropping by private intelligence companies (consuming behaviour analysis, economic intelligence, non legal eavesdropping...).
  • To protect communications from "non democratic" states towards democratic states (e.g; journalists).
  • To protect professionnal of business communications in countries where cryptography use is limited or forbidden.
  • The interest of the PERSEUS technology lies also in the fact that TRANSEC aspect is also provided (protecting the communication channel). In other words, any data stream protected with PERSEUS looks like a lot of legitimate, unencrypted data streams. Moreover, its statistical profile is constantly changing (statistical mutation).

    PERSEUS technology has been developped by Eric Filiol and Eddy Deligne has implemented the first application dedicated to the HTTP stream. through a Linux/Windows Firefox module. PERSEUS technology is an open source technology under the triple GPL/LGPL/MPL licence.


    Available PERSEUS Resources

    A number of resources are currently and already available. Others resources are coming soon:

  • Paper presented at the Hack.lu 2009 security conference: ``Perseus - A Firefox Plug-in to Fight Botnets... and many Other Things''. You will find here slides as well as the video.
  • The Firefox module developped by Eddy Deligne for Linux 32 bits and Linux 64 bits, Mac Version as well as for Windows (from version 3.0.3 to 3.6). These are the stable version for XP and Win 7. Those resources (XPI files, source code...) can be also found on the dedicated website. A new development website on Google is now available as well. The client source code is also here. Let us mention the fact that this module enables the protection of HTTP streams in direct download mode only (a server must be present and active on one of themachine; please refer to the paper).
  • As for Firefox 4, only the Linux version is available at the present time (xpi file for 32-bit and 64-bit Linux; source code). As for Windows, due to some problems and bugs (we have reported them to Mozilla; those bugs concern other plugins than Perseus to our knowledge) iwe cannot presently issue the Firefox 4 plusgin. Firefox 5 should soon solve and fix all those problems. Then to be continued....
  • To test both the GET and POST method with Perseus, a testpage is available!
  • Technical documentation (user and developper) available here.
  • The PERSEUS open source library (in C language) will be available at the beginning of January. It will be very useful to anybody whishing to integrate this technology to protect any kind of data stream (FTP, Torrent, Mail...).
  • A version with Apache server is now available here 5Linux only). Source code can be found also here and the binaries 32 bits and 64 bits.
  • The changelog.0.5b.
  • The slides of the iAWACS 2010 conference to present the Perseus library.