Hyper Text Transfer Protocol for Securing Packet Inspection in Intrusion Prevention System Device

Abstract

Abstract Analysis of inspection method packet HTTPS or Hypertext Transfer Protocol Secure in Intrusion Prevention System (IPS) device is to explore the methods that IPS do in analyzing HTTPS Paket. Hypertext Transfer Protocol Secure or HTTPS is data communication between client and web server in essentially is end to end secure connection. In network security, IPS device function is inspection every packet that enters and exits to internal network including packet secure connection. HTTPS packet and others secure connection packet are running packet in the network with did not plain text, but all packet was encrypted from source. Packet encryption make IPS difficult to inspection the packet and knows what the content inside the packet. One of the methods IPS to inspection the HTTPS packet is to decrypt and re-encrypt. This method makes two sections end to end secure connection. The first is secure connection between IPS and client using self-sign digital certificate. And the second is secure connection between IPS and web server using digital certificate from trust certificate authority (CA). So the method makes HTTPS not end to end secure connection directly between client and web server in essentially HTTPS. However, the method succeeded in making IPS able to carry out inspections and find out the contents of the packet.