DeepSec 2025 Talk: From Firewalls to Fragmentation: Identifying Adversarial Traffic in a Politically Divided Internet – Vladimer Svanadze
This talk presents a multidimensional analysis of Internet fragmentation, examining how political, technical, economic and cybersecurity factors are converging to break apart the global Internet. While often viewed through a policy lens, fragmentation has real-world implications at the packet level.
We introduce a lightweight, rule-based detection model capable of identifying fragmented, mis-configured and adversarial IP/UDP traffic. Built upon RFC 791 semantics, the model analyzes packet offset alignment, TTL discrepancies and payload irregularities to classify traffic without reliance on machine learning. Through controlled experiments using synthetic fragmented traffic, we show how fragmentation behaviors map directly to geopolitical and cybersecurity-driven disruptions.
This session will bridge the gap between global governance debates and low-level protocol behaviors, offering tools and insights for analysts, researchers and defenders navigating an increasingly segmented digital landscape.
We asked Vladimer a few more questions about his talk.
Please tell us the top 5 facts about your talk.
- Definition – A Splintering Internet and the main types of Internet fragmentation: Internet fragmentation occurs when the global, open, and interoperable internet is divided into separate, isolated networks due to political, technical, economic, or regulatory barriers.
- Political Fragmentation of the Internet: Let’s once again look at what political fragmentation of the Internet means. It is when a government controls who can access the Internet and what content people can see.
- Economic Fragmentation of the Internet: Economic fragmentation, also known as commercial fragmentation, happens when companies and corporations create closed ecosystems.
- Technical Fragmentation of the Internet: In this type of Internet fragmentation, incompatible technologies and unauthorized changes disrupt the global Internet’s interoperability.
- The main drivers of Internet fragmentation: Economic Sanctions; Data Protection and Privacy Legislation; Cybersecurity Norms and Sovereignty; Technological Sovereignty and Innovation; Political and Ideological Motives
How did you come up with it? Was there something like an initial spark that set your mind on creating this talk?
The inspiration for this research stemmed from observing the unity, security, and stable development of the global Internet space, which is hindered by the Internet policies of some countries. Also, crimes in cyberspace and other important factors, which are the subject of serious research.
Why do you think this is an important topic?
Against the backdrop of ever-growing Internet technologies and the expansion of the global Internet space, there is an even greater threat that the Internet space will become even more controlled, and cybercrimes will increase, which contributes to the violation of both the rights and security of ordinary Internet users. It is also noteworthy that negative processes are affecting the unity, security, and stable development of the global Internet.
Is there something you want everybody to know – some good advice for our readers maybe?
The global Internet is a vehicle for the development and advancement of humanity. It must develop safely and stably, be open and transparent, and most importantly, be unified, and the negative effects of Internet fragmentation should not be reflected on it.
A prediction for the future – what do you think will be the next innovations or future downfalls when it comes to your field of expertise / the topic of your talk in particular?
It is likely that in the future we will see the global Internet and Internet technologies increasingly influenced by technologies such as artificial intelligence, blockchain technologies, the Internet of Things, and post-quantum technologies. Using these technologies has both positive and negative sides, and the main thing here is to minimize the risks and threats that could harm the unity, security, and stable development of the global Internet.
Professor Dr. Vladimer Svanadze is a renowned cybersecurity expert with extensive experience in cyber policy, strategy development, internet governance, and cyber diplomacy. Since 2011, he has been advising the Government of Georgia on cybersecurity policy, strategy, and implementation, focusing on critical infrastructure protection, internet fragmentation, and cybersecurity resilience.
Dr. Svanadze is an Affiliated Professor at Caucasus University. He is also an Invited Lecturer at the Georgian Institute of Public Affairs (GIPA). From this year he the vice-president of Scientific Cyber Security Association, SCSA.
Dr. Svanadze has been actively involved in European and international cybersecurity initiatives, including projects with USAID, IFES, and the EU Commission. His contributions include conducting cybersecurity assessments and capacity-building initiatives in key sectors such as finance, education, and national security. He has played a pivotal role in shaping Georgia’s cybersecurity framework, including preparing the National Cybersecurity Strategy and Action Plan of Georgia for 2021-2024 and providing consultancy for the Ministry of Defense, State Security and Crisis Management Council, and national cybersecurity agencies.
He is the Founder and Chairman of the Board at the Internet Development Initiative (IDI), an NGO dedicated to internet development, cybersecurity policy, ICT innovations, and digital rights advocacy. Under his leadership, IDI has implemented several cybersecurity awareness and training programs, including EU-funded initiatives focused on regional cybersecurity education. He is also a Senior Policy Analyst at the Global Foundation for Cyber Studies and Research (GFCSR), contributing to international cybersecurity policy discussions.
Dr. Svanadze has also led cybersecurity training programs for government agencies, including the State Audit Office of Georgia, NCDC, and the R. Lugar Center, funded by the EU and GIZ. He was the initiator and organizer of Georgia’s first School of Digital Culture and has played a central role in organizing the International Festival of Cybersecurity (IFCS).
His expertise in cybersecurity policy formulation and implementation makes him a key contributor to ensuring the successful execution of the project. He has led and participated in many local and international projects, helping shape strategies for universities and government institutions. He has also served on boards that review doctoral dissertations and has been a speaker at major international conferences, including events on protecting critical infrastructure.