Abstract | ||
---|---|---|
Nowadays, most of Web services are accessed through HTTPS. While preserving user privacy is important, it is also mandatory to monitor and detect specific users’ actions, for instance, according to a security policy. This paper presents a solution to monitor HTTP/2 traffic over TLS. It highly differs from HTTP/1.1 over TLS traffic what makes existing monitoring techniques obsolete. Our solution, H2Classifier, aims at detecting if a user performs an action that has been previously defined over a monitored Web service, but without using any decryption. It is thus only based on passive traffic analysis and relies on random forest classifier. A challenge is to extract representative values of the loaded content associated to a Web page, which is actually customized based on the user action. Extensive evaluations with five top used Web services demonstrate the viability of our technique with an accuracy between 94% and 99%. |
Year | DOI | Venue |
---|---|---|
2019 | 10.1109/TNSM.2019.2933155 | IEEE Transactions on Network and Service Management |
Keywords | Field | DocType |
Monitoring,Cryptography,Privacy,Google,Web services,Protocols | Web traffic,Traffic analysis,Web page,Cryptography,Computer science,Computer network,Encryption,Security policy,Web service,Random forest | Journal |
Volume | Issue | ISSN |
16 | 3 | 1932-4537 |
Citations | PageRank | References |
3 | 0.39 | 0 |
Authors | ||
5 |
Name | Order | Citations | PageRank |
---|---|---|---|
Pierre-Olivier Brissaud | 1 | 3 | 0.39 |
Jérôme Francçis | 2 | 3 | 0.39 |
Isabelle Chrisment | 3 | 225 | 25.75 |
Thibault Cholez | 4 | 100 | 11.89 |
Olivier Bettan | 5 | 4 | 1.10 |