Early Identification of Services in HTTPS Traffic

08/19/2020
by   Wazen M. Shbair, et al.
0

Traffic monitoring is essential for network management tasks that ensure security and QoS. However, the continuous increase of HTTPS traffic undermines the effectiveness of current service-level monitoring that can only rely on unreliable parameters from the TLS handshake (X.509 certificate, SNI) or must decrypt the traffic. We propose a new machine learning-based method to identify HTTPS services without decryption. By extracting statistical features on TLS handshake packets and on a small number of application data packets, we can identify HTTPS services very early in the session. Extensive experiments performed over a significant and open dataset show that our method offers a good accuracy and a prototype implementation confirms that the early identification of HTTPS services is satisfied.

READ FULL TEXT
08/19/2020

A Survey of HTTPS Traffic and Services Identification Approaches

HTTPS is quickly rising alongside the need of Internet users to benefit ...
07/23/2020

Evaluating Snowflake as an Indistinguishable Censorship Circumvention Tool

Tor is the most well-known tool for circumventing censorship. Unfortunat...
10/08/2018

Distributed Function Chaining with Anycast Routing

Current networks more and more rely on virtualized middleboxes to flexib...
06/06/2019

Judicious QoS using Cloud Overlays

We revisit the long-standing problem of providing network QoS to applica...
10/20/2021

FairNet: A Measurement Framework for Traffic Discrimination Detection on the Internet

Network neutrality is related to the non-discriminatory treatment of pac...
08/08/2021

Deep Transfer Learning for Identifications of Slope Surface Cracks

Geohazards such as landslides have caused great losses to the safety of ...
04/20/2020

Tracemax: A Novel Single Packet IP Traceback Strategy for Data-Flow Analysis

The identification of the exact path that packets are routed on in the n...