Service interruption on Monday 11 July from 12:30 to 13:00: all the sites of the CCSD (HAL, Epiciences, SciencesConf, AureHAL) will be inaccessible (network hardware connection).
Skip to Main content Skip to Navigation
Journal articles

Transparent and Service-Agnostic Monitoring of Encrypted Web Traffic

Abstract : Nowadays, most of Web services are accessed through HTTPS. While preserving user privacy is important, it is also mandatory to monitor and detect specific users' actions, for instance, according to a security policy. This paper presents a solution to monitor HTTP/2 traffic over TLS. It highly differs from HTTP/1.1 over TLS traffic what makes existing monitoring techniques obsolete. Our solution, H2Classifier, aims at detecting if a user performs an action that has been previously defined over a monitored Web service, but without using any decryption. It is thus only based on passive traffic analysis and relies on random forest classifier. A challenge is to extract representative values of the loaded content associated to a Web page, which is actually customized based on the user action. Extensive evaluations with five top used Web services demonstrate the viability of our technique with an accuracy between 94% and 99%.
Document type :
Journal articles
Complete list of metadata

Cited literature [45 references]  Display  Hide  Download
Contributor : Thibault Cholez Connect in order to contact the contributor
Submitted on : Thursday, November 7, 2019 - 2:17:34 PM
Last modification on : Tuesday, April 5, 2022 - 3:44:58 AM
Long-term archiving on: : Saturday, February 8, 2020 - 11:39:47 PM


Transparent and Service-Agnost...
Files produced by the author(s)



Pierre-Olivier Brissaud, Jérôme François, Isabelle Chrisment, Thibault Cholez, Olivier Bettan. Transparent and Service-Agnostic Monitoring of Encrypted Web Traffic. IEEE Transactions on Network and Service Management, IEEE, 2019, 16 (3), pp.842-856. ⟨10.1109/TNSM.2019.2933155⟩. ⟨hal-02316644v2⟩



Record views


Files downloads