A Survey of Privacy-Preserving Techniques for Encrypted Traffic Inspection over Network Middleboxes

by   Geong Sen Poh, et al.

Middleboxes in a computer network system inspect and analyse network traffic to detect malicious communications, monitor system performance and provide operational services. However, encrypted traffic hinders the ability of middleboxes to perform such services. A common practice in addressing this issue is by employing a "Man-in-the-Middle" (MitM) approach, wherein an encrypted traffic flow between two endpoints is interrupted, decrypted and analysed by the middleboxes. The MitM approach is straightforward and is used by many organisations, but there are both practical and privacy concerns. Due to the cost of the MitM appliances and the latency incurred in the encrypt-decrypt processes, enterprises continue to seek solutions that are less costly. There were discussion on the many efforts required to configure MitM. Besides, MitM violates end-to-end privacy guarantee, raising privacy concerns and issues on compliance especially with the rising awareness on user privacy. Furthermore, some of the MitM implementations were found to be flawed. Consequently, new practical and privacy-preserving techniques for inspection over encrypted traffic were proposed. We examine them to compare their advantages, limitations and challenges. We categorise them into four main categories by defining a framework that consist of system architectures, use cases, trust and threat models. These are searchable encryption, access control, machine learning and trusted hardware. We first discuss the man-in-the-middle approach as a baseline, then discuss in details each of them, and provide an in-depth comparisons of their advantages and limitations. By doing so we describe practical constraints, advantages and pitfalls towards adopting the techniques. We also give insights on the gaps between research work and industrial deployment, which leads us to the discussion on the challenges and research directions.


page 1

page 2

page 3

page 4


Machine Learning for Encrypted Malicious Traffic Detection: Approaches, Datasets and Comparative Study

As people's demand for personal privacy and data security becomes a prio...

Practical Privacy-Preserving Data Science With Homomorphic Encryption: An Overview

Privacy has gained a growing interest nowadays due to the increasing and...

Privacy-Preserving Machine Learning in Untrusted Clouds Made Simple

We present a practical framework to deploy privacy-preserving machine le...

Encrypted statistical machine learning: new privacy preserving methods

We present two new statistical machine learning methods designed to lear...

A Survey of HTTPS Traffic and Services Identification Approaches

HTTPS is quickly rising alongside the need of Internet users to benefit ...

Challenges in Network Management of Encrypted Traffic

This paper summarizes the challenges identified at the MAMI Management a...

A survey and analysis of TLS interception mechanisms and motivations

TLS is an end-to-end protocol designed to provide confidentiality and in...