Passive Monitoring of HTTPS Service Use - Archive ouverte HAL Access content directly
Conference Papers Year :

Passive Monitoring of HTTPS Service Use

(1, 2) , (1) , (1) , (1) , (2)


HTTPS is used today to secure the majority of web communications and so enhance user privacy. Therefore, traffic monitoring techniques must evolve to remain useful, especially to support security considerations, as for example detecting and filtering the forbidden uses of a web service. However, privacy should be kept as intact as most as possible. This paper describes a new passive and transparent method to infer the use of a HTTPS service by extracting and interpreting only meaningful metadata derived from the encrypted traffic without deeply profile individual users. We propose a model using the sizes of objects loaded in the HTTPS service as a signature, by leveraging kernel density estimation, supporting then a classification function. We assess this approach extensively on the Google Images Service but we show that our approach remains valid for other services. We succeed to achieve an accuracy of 99.18% when detecting particular keywords to be searched over a large dataset of 115,500 distinct keywords.
Fichier principal
Vignette du fichier
CNSM18_passive_HTTPS_service_monitoring.pdf (324.81 Ko) Télécharger le fichier
Origin : Files produced by the author(s)

Dates and versions

hal-01943936 , version 1 (04-12-2018)
hal-01943936 , version 2 (04-12-2018)


  • HAL Id : hal-01943936 , version 2


Pierre-Olivier Brissaud, Jerome Francois, Isabelle Chrisment, Thibault Cholez, Olivier Bettan. Passive Monitoring of HTTPS Service Use. CNSM'18 - 14th International Conference on Network and Service Management, Nov 2018, Rome, Italy. pp.7. ⟨hal-01943936v2⟩
224 View
232 Download


Gmail Facebook Twitter LinkedIn More