Passive Monitoring of HTTPS Service Use

Abstract : HTTPS is used today to secure the majority of web communications and so enhance user privacy. Therefore, traffic monitoring techniques must evolve to remain useful, especially to support security considerations, as for example detecting and filtering the forbidden uses of a web service. However, privacy should be kept as intact as most as possible. This paper describes a new passive and transparent method to infer the use of a HTTPS service by extracting and interpreting only meaningful metadata derived from the encrypted traffic without deeply profile individual users. We propose a model using the sizes of objects loaded in the HTTPS service as a signature, by leveraging kernel density estimation, supporting then a classification function. We assess this approach extensively on the Google Images Service but we show that our approach remains valid for other services. We succeed to achieve an accuracy of 99.18% when detecting particular keywords to be searched over a large dataset of 115,500 distinct keywords.
Document type :
Conference papers
Complete list of metadatas

https://hal.inria.fr/hal-01943936
Contributor : Thibault Cholez <>
Submitted on : Tuesday, December 4, 2018 - 5:19:54 PM
Last modification on : Thursday, February 7, 2019 - 4:55:58 PM

File

CNSM18_passive_HTTPS_service_m...
Files produced by the author(s)

Identifiers

  • HAL Id : hal-01943936, version 2

Collections

Citation

Pierre-Olivier Brissaud, Jerome Francois, Isabelle Chrisment, Thibault Cholez, Olivier Bettan. Passive Monitoring of HTTPS Service Use. CNSM'18 - 14th International Conference on Network and Service Management, Nov 2018, Rome, Italy. pp.7. ⟨hal-01943936v2⟩

Share

Metrics

Record views

130

Files downloads

201