Efficiently bypassing SNI-based HTTPS filtering

@article{Shbair2015EfficientlyBS,
  title={Efficiently bypassing SNI-based HTTPS filtering},
  author={Wazen M. Shbair and Thibault Cholez and Antoine Goichot and Isabelle Chrisment},
  journal={2015 IFIP/IEEE International Symposium on Integrated Network Management (IM)},
  year={2015},
  pages={990-995}
}
Encrypted Internet traffic is an essential element to enable security and privacy in the Internet. [...] Key Result The results show positive evaluation (firewall's rules successfully bypassed) for all tested websites.Expand
Improving SNI-Based HTTPS Security Monitoring
TLDR
This paper proposes to improve a recent technique for HTTPS traffic monitoring that is based on the Server Name Indication (SNI) field of TLS and which has been implemented in many firewall solutions, and shows the ability to overcome the shortage of SNI-based monitoring. Expand
A Survey of HTTPS Traffic and Services Identification Approaches
TLDR
This survey details the techniques used to monitor HTTPS traffic, from the most basic level of protocol identification (TLS, HTTPS), to the finest identification of precise services, showing that protocol identification is well mastered while more precise levels keep being challenging despite recent advances. Expand
A multi-level framework to identify HTTPS services
TLDR
This paper proposes a robust technique to precisely identify the services run within HTTPS connections, i.e. to name the services, without relying on specific header fields that can be easily altered. Expand
A network monitor for HTTPS protocol based on proxy
With the explosive growth of harmful Internet information such as pornography, violence, and hate messages, network monitoring is essential. Traditional network monitors is based mainly on bypassExpand
Network Security Monitoring (NSM): Can it be Effective in a World with Encrypted Traffic?
HTTPS is gaining widespread popularity for secure transactions. Most popular sites have made default choice as HTTPS. This development of encrypted traffic has brought in new challenges in the areasExpand
Key factors in building a Secure Web Gateway
TLDR
This research provides a categorisation of the key factors in building a Secure Web Gateway, proposes a reference design and architecture, a practical implementation for a home vDSL connection and a testing framework that can be used to evaluate the effectiveness of a secure Web Gateway deployment. Expand
A Survey on Omnipresent HTTPS and Its Impact on Network Security Monitoring
HTTPS is gaining widespread popularity for performing secure transactions. Most popular sites have made default choice as HTTPS. Therefore, this paper makes a survey through various study done in theExpand
DTA-HOC: Online HTTPS traffic service identification using DNS in large-scale networks
TLDR
DTA-HOC is a novel DNS-based two-level association HTTPS traffic online service identification method for large-scale networks, which correlates HTTPS flows with DNS flows using big data stream processing and association technologies to label the service in an HTTPS flow with a specific associated domain name. Expand
Using TLS Fingerprints for OS Identification in Encrypted Traffic
TLDR
This paper trains a machine learning model on TLS handshake parameters to identify the operating system of the client device and compares its results to well-known identification methods and shows that precise operating system identification can be achieved in encrypted traffic of mobile devices and notebooks connected to the wireless network. Expand
Early Identification of Services in HTTPS Traffic
TLDR
A new machine learning-based method to identify HTTPS services without decryption is proposed, which can be identified very early in the session by extracting statistical features on TLS handshake packets and on a small number of application data packets. Expand
...
1
2
...

References

SHOWING 1-10 OF 17 REFERENCES
SoK: SSL and HTTPS: Revisiting Past Challenges and Evaluating Certificate Trust Model Enhancements
TLDR
This work survey and categorize prominent security issues with HTTPS and provides a systematic treatment of the history and on-going challenges, intending to provide context for future directions. Expand
Analysis of the HTTPS certificate ecosystem
TLDR
A large-scale measurement study of the HTTPS certificate ecosystem---the public-key infrastructure that underlies nearly all secure web communications---is reported, uncovering practices that may put the security of the ecosystem at risk and identifying frequent configuration problems that lead to user-facing errors and potential vulnerabilities. Expand
Safe configuration of TLS connections
TLDR
A summary of the current TLS threat surface is provided together with a validated approach for minimizing the risk of TLS-compromise and specification of expected flows and automated comparison with observed flows to flag inconsistencies are provided. Expand
Can internet users protect themselves? Challenges and techniques of automated protection of HTTP communication
TLDR
If and how web users can protect themselves by using HTTPS instead of HTTP is discussed, and whether using HTTPS yields the same content as using HTTP, even in the presence of dynamic websites incorporating advertisements and news is shown. Expand
Tools and Technology of Internet Filtering
TLDR
This chapter focuses on access to the Web, as this is the current focus of Internet filtering efforts, and describes how a number of the most relevant filtering mechanisms operate. Expand
Reviewing Traffic Classification
TLDR
The main trend in the field of traffic classification is discussed, some of the main proposals of the research community are described and two examples of behavioral classifiers are developed: both use supervised machine learning algorithms for classifications, but each is based on different features to describe the traffic. Expand
Traffic classification: Issues and challenges
  • Y. Xue, Dawei Wang, Luoshi Zhang
  • Engineering, Computer Science
  • 2013 International Conference on Computing, Networking and Communications (ICNC)
  • 2013
TLDR
This paper first attempt to present an analysis of the existing traffic classification techniques, and dwell on their issues and challenges, then outline some recommendations that can improve the performance of traffic classification systems. Expand
Access Denied: The Practice and Policy of Global Internet Filtering
Internet Filtering: The Politics and Mechanisms of Control
It seems hard to believe that a free, online encyclopedia that anyone can edit at any time could matter much to anyone. But just as a bee can fly despite its awkward physiognomy, Wikipedia has becomeExpand
Reviewing traffic classification, " in Data Traffic Monitoring and Analysis, ser
  • Lecture Notes in Computer Science
  • 2013
...
1
2
...