Early recognition of encrypted applications
作者: Laurent Bernaille , Renata Teixeira
DOI: 10.1007/978-3-540-71617-4_17
关键词:
摘要: Most tools to recognize the application associated with network connections use well-known signatures as basis for their classification. This approach is very effective in enterprise and campus networks pinpoint forbidden applications (peer peer, instance) or security threats. However, it easy encryption evade these mechanisms. In particular, Secure Sockets Layer (SSL) libraries such OpenSSL are widely available can easily be used encrypt any type of traffic. this paper, we propose a method detect SSL encrypted connections. Our uses only size first few packets an connection application, which enables early We test our on packet traces collected two manually-encrypted traces. results show that able more than 85% accuracy.
springer.com
archives-ouvertes.fr
sci-hub.st 参考文章(16)
Anthony McGregor, Mark Hall, Perry Lorier, James Brunskill, Flow Clustering Using Machine Learning Techniques passive and active network measurement. ,vol. 3015, pp. 205- 214 ,(2004) , 10.1007/978-3-540-24668-8_21
Denis Zuev, Andrew W. Moore, Traffic Classification Using a Statistical Approach Lecture Notes in Computer Science. pp. 321- 324 ,(2005) , 10.1007/978-3-540-31966-5_25
Vern Paxson, Bro: a system for detecting network intruders in real-time Computer Networks. ,vol. 31, pp. 2435- 2463 ,(1999) , 10.1016/S1389-1286(99)00112-7
T. Karagiannis, A. Broido, N. Brownlee, K.C. Claffy, M. Faloutsos, Is P2P dying or just hiding? [P2P traffic measurement] global communications conference. ,vol. 3, pp. 1532- 1538 ,(2004) , 10.1109/GLOCOM.2004.1378239
Andrew Hintz, Fingerprinting websites using traffic analysis privacy enhancing technologies. pp. 171- 178 ,(2002) , 10.1007/3-540-36467-6_13
David Wagner, Dawn Xiaodong Song, Xuqing Tian, Timing analysis of keystrokes and timing attacks on SSH usenix security symposium. pp. 25- 25 ,(2001)
Charles V. Wright, Fabian Monrose, Gerald M. Masson, Using visual motifs to classify encrypted traffic Proceedings of the 3rd international workshop on Visualization for computer security - VizSEC '06. pp. 41- 50 ,(2006) , 10.1145/1179576.1179584
Andrew W. Moore, Denis Zuev, Internet traffic classification using bayesian analysis techniques measurement and modeling of computer systems. ,vol. 33, pp. 50- 60 ,(2005) , 10.1145/1064212.1064220
Laurent Bernaille, Renata Teixeira, Kave Salamatian, Early application identification conference on emerging network experiment and technology. pp. 6- ,(2006) , 10.1145/1368436.1368445
Laurent Bernaille, Renata Teixeira, Ismael Akodkenou, Augustin Soule, Kave Salamatian, Traffic classification on the fly ACM SIGCOMM Computer Communication Review. ,vol. 36, pp. 23- 26 ,(2006) , 10.1145/1129582.1129589