Abstract
<abstract>
<p>Privacy protection in computer communication is gaining attention because plaintext transmission without encryption can be eavesdropped on and intercepted. Accordingly, the use of encrypted communication protocols is on the rise, along with the number of cyberattacks exploiting them. Decryption is essential for preventing attacks, but it risks privacy infringement and incurs additional costs. Network fingerprinting techniques are among the best alternatives, but existing techniques are based on information from the TCP/IP stack. They are expected to be less effective because cloud-based and software-defined networks have ambiguous boundaries, and network configurations not dependent on existing IP address schemes increase. Herein, we investigate and analyze the Transport Layer Security (TLS) fingerprinting technique, a technology that can analyze and classify encrypted traffic without decryption while addressing the problems of existing network fingerprinting techniques. Background knowledge and analysis information for each TLS fingerprinting technique is presented herein. We discuss the pros and cons of two groups of techniques, fingerprint collection and artificial intelligence (AI)-based. Regarding fingerprint collection techniques, separate discussions on handshake messages ClientHello/ServerHello, statistics of handshake state transitions, and client responses are provided. For AI-based techniques, discussions on statistical, time series, and graph techniques according to feature engineering are presented. In addition, we discuss hybrid and miscellaneous techniques that combine fingerprint collection with AI techniques. Based on these discussions, we identify the need for a step-by-step analysis and control study of cryptographic traffic to effectively use each technique and present a blueprint.</p>
</abstract>
Publisher
American Institute of Mathematical Sciences (AIMS)
Subject
Applied Mathematics,Computational Mathematics,General Agricultural and Biological Sciences,Modeling and Simulation,General Medicine
Reference57 articles.
1. T. W. Kim, A. E. Azzaoui, B. Koh, J. Kim, J. H. Park, A secret sharing-based distributed cloud system for privacy protection, Hum. Centric Comput. Inf. Sci., 12 (2022). https://doi.org/10.22967/HCIS.2022.12.020
2. C. Blundo, C. De Maio, M. Parente, L. Siniscalchi, Targeted advertising that protects the privacy of social networks users, Hum. Centric Comput. Inf. Sci., 11 (2021), 18. https://doi.org/10.22967/HCIS.2021.11.018
3. C. Jia, C. Jia, L. Kong, W. Lin, L. Qi, Privacy-aware retrieval of electronic medical records by fuzzy keyword search, Hum. Centric Comput. Inf. Sci., 12 (2022). https://doi.org/10.22967/HCIS.2022.12.041
4. L. Orans, A. Hils, J. D'Hoinne, E. Ahlm, Gartner, Predicts 2017: Network and Gateway Security, 2016.
5. Let's encrypt stats. Available from: https://letsencrypt.org/stats/
Cited by
2 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献