A Survey of HTTPS Traffic and Services Identification Approaches

by   Wazen M. Shbair, et al.

HTTPS is quickly rising alongside the need of Internet users to benefit from security and privacy when accessing the Web, and it becomes the predominant application protocol on the Internet. This migration towards a secure Web using HTTPS comes with important challenges related to the management of HTTPS traffic to guarantee basic network properties such as security, QoS, reliability, etc. But encryption undermines the effectiveness of standard monitoring techniques and makes it difficult for ISPs and network administrators to properly identify and manage the services behind HTTPS traffic. This survey details the techniques used to monitor HTTPS traffic, from the most basic level of protocol identification (TLS, HTTPS), to the finest identification of precise services. We show that protocol identification is well mastered while more precise levels keep being challenging despite recent advances. We also describe practical solutions that lead us to discuss the trade-off between security and privacy and the research directions to guarantee both of them.



page 1

page 2

page 3

page 4


Early Identification of Services in HTTPS Traffic

Traffic monitoring is essential for network management tasks that ensure...

HTTPA: HTTPS Attestable Protocol

Hypertext Transfer Protocol Secure (HTTPS) protocol has become integral ...

Measurement and characterization of DNS over HTTPS traffic

Domain name system communication may provide sensitive information on us...

A Survey of Privacy-Preserving Techniques for Encrypted Traffic Inspection over Network Middleboxes

Middleboxes in a computer network system inspect and analyse network tra...

A Survey on DNS Encryption: Current Development, Malware Misuse, and Inference Techniques

The domain name system (DNS) that maps alphabetic names to numeric Inter...

HTTPS Event-Flow Correlation: Improving Situational Awareness in Encrypted Web Traffic

Achieving situational awareness is a challenging process in current HTTP...

Who ya gonna call? (Alerting Authorities): Measuring Namespaces, Web Certificates, and DNSSEC

During disasters, crisis, and emergencies the public relies on online se...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.