Transparent and Service-Agnostic Monitoring of Encrypted Web Traffic - Inria - Institut national de recherche en sciences et technologies du numérique Accéder directement au contenu
Article Dans Une Revue IEEE Transactions on Network and Service Management Année : 2019

Transparent and Service-Agnostic Monitoring of Encrypted Web Traffic

Résumé

Nowadays, most of Web services are accessed through HTTPS. While preserving user privacy is important, it is also mandatory to monitor and detect specific users' actions, for instance, according to a security policy. This paper presents a solution to monitor HTTP/2 traffic over TLS. It highly differs from HTTP/1.1 over TLS traffic what makes existing monitoring techniques obsolete. Our solution, H2Classifier, aims at detecting if a user performs an action that has been previously defined over a monitored Web service, but without using any decryption. It is thus only based on passive traffic analysis and relies on random forest classifier. A challenge is to extract representative values of the loaded content associated to a Web page, which is actually customized based on the user action. Extensive evaluations with five top used Web services demonstrate the viability of our technique with an accuracy between 94% and 99%.
Fichier principal
Vignette du fichier
Transparent and Service-Agnostic Monitoring of Encrypted Web Traffic.pdf (540.41 Ko) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)
Loading...

Dates et versions

hal-02316644 , version 1 (15-10-2019)
hal-02316644 , version 2 (07-11-2019)

Identifiants

Citer

Pierre-Olivier Brissaud, Jérôme François, Isabelle Chrisment, Thibault Cholez, Olivier Bettan. Transparent and Service-Agnostic Monitoring of Encrypted Web Traffic. IEEE Transactions on Network and Service Management, 2019, 16 (3), pp.842-856. ⟨10.1109/TNSM.2019.2933155⟩. ⟨hal-02316644v2⟩
355 Consultations
468 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More