A Survey of HTTPS Traffic and Services Identification Approaches
HTTPS is quickly rising alongside the need of Internet users to benefit from security and privacy when accessing the Web, and it becomes the predominant application protocol on the Internet. This migration towards a secure Web using HTTPS comes with important challenges related to the management of HTTPS traffic to guarantee basic network properties such as security, QoS, reliability, etc. But encryption undermines the effectiveness of standard monitoring techniques and makes it difficult for ISPs and network administrators to properly identify and manage the services behind HTTPS traffic. This survey details the techniques used to monitor HTTPS traffic, from the most basic level of protocol identification (TLS, HTTPS), to the finest identification of precise services. We show that protocol identification is well mastered while more precise levels keep being challenging despite recent advances. We also describe practical solutions that lead us to discuss the trade-off between security and privacy and the research directions to guarantee both of them.
READ FULL TEXT