Encrypted HTTP/2 Traffic Monitoring: Standing the Test of Time and Space - Archive ouverte HAL Accéder directement au contenu
Communication Dans Un Congrès Année : 2020

Encrypted HTTP/2 Traffic Monitoring: Standing the Test of Time and Space

Résumé

Encrypted HTTP/2 (h2) has been worldwide adopted since its official release in 2015. The major services over Internet use it to protect the user privacy against traffic interception. However, under the guise of privacy, one can hide the abnormal or even illegal use of a service. It has been demonstrated that machine learning algorithms combined with a proper set of features are still able to identify the incriminated traffic even when it is encrypted with h2. However, it can also be used to track normal service use and so endanger privacy of Internet users. Independently of the final objective, it is extremely important for a security practitioner to understand the efficiency of such a technique and its limit. No existing research has been achieved to assess how generic is it to be directly applicable to any service or website and how long an acceptable accuracy can be maintained. This paper addresses these challenges by defining an experimental methodology applied on more than 3000 different websites and also over four months continuously. The results highlight that an off-the-shelf machine-learning method to classify h2 traffic is applicable to many websites but a weekly training may be needed to keep the model accurate.
Fichier principal
Vignette du fichier
https-testtimespace.pdf (279.91 Ko) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)

Dates et versions

hal-03032578 , version 1 (30-11-2020)

Identifiants

Citer

Pierre-Olivier Brissaud, Jérôme François, Isabelle Chrisment, Thibault Cholez, Olivier Bettan. Encrypted HTTP/2 Traffic Monitoring: Standing the Test of Time and Space. WIFS2020 - IEEE International Workshop on Information Forensics and Security, Dec 2020, New-York/Virtual, United States. ⟨10.1109/WIFS49906.2020.9360895⟩. ⟨hal-03032578⟩
244 Consultations
302 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More