Paper Info
Title
A multi-level framework to identify HTTPS services.
Abstract
The development of TLS-based encrypted traffic comes with new challenges related to the management and security analysis of encrypted traffic. There is an essential need for new methods to investigate, with a proper level of identification, the increasing number of HTTPS traffic that may hold security breaches. In fact, although many approaches detect the type of an application (Web, P2P, SSH, etc.) running in secure tunnels, and others identify a couple of specific encrypted web pages through website fingerprinting, this paper proposes a robust technique to precisely identify the services run within HTTPS connections,i.e. to name the services, without relying on specific header fields that can be easily altered. We have defined dedicated features for HTTPS traffic that are used as input for a multi-level identification framework based on machine learning algorithms. Our evaluation based on real traffic shows that we can identify encrypted web services with a high accuracy.
Year
Venue
Field
2016
IEEE IFIP Network Operations and Management Symposium
Traffic analysis,Web page,Computer security,Computer science,Server,Computer network,Encryption,Hypertext Transfer Protocol over Secure Socket Layer,Security analysis,Web application security,Web service
DocType
ISSN
Citations 
Conference
1542-1201
6
PageRank 
References 
Authors
0.74
21
4
Name
Order
Citations
PageRank
Wazen M. Shbair1123.80
Thibault Cholez210011.89
Jérôme François317021.81
Isabelle Chrisment422525.75