Detecting fingerprinted data in TLS traffic

Konstantin Böttinger; Dieter Schuster; Claudia Eckert

doi:10.1145/2714576.2714595

Detecting fingerprinted data in TLS traffic

Konstantin Böttinger, Dieter Schuster, Claudia Eckert

Fraunhofer AISEC

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

5 Scopus citations

Abstract

We present a new method for detecting known data in certain TLS encrypted communication channels. Our approach enables us to detect single files in eavesdropped TLS secured network traffic. We generate fingerprints by a fine-grained measurement of the entropy of fragments of known data and introduce the application of methods from the field of machine learning to the problem of file detection. We implement all proposed methods on a real data base and show the practical efficiency of our approach.

Original language	English
Title of host publication	ASIACCS 2015 - Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security
Publisher	Association for Computing Machinery
Pages	633-638
Number of pages	6
ISBN (Electronic)	9781450332453
DOIs	https://doi.org/10.1145/2714576.2714595
State	Published - 14 Apr 2015
Externally published	Yes
Event	10th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2015 - Singapore, Singapore Duration: 14 Apr 2015 → 17 Apr 2015

Publication series

Name	ASIACCS 2015 - Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security

Conference

Conference	10th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2015
Country/Territory	Singapore
City	Singapore
Period	14/04/15 → 17/04/15

Keywords

Machine Learning
TLS
Traffic Analysis

Access to Document

10.1145/2714576.2714595

Cite this

Böttinger, K., Schuster, D., & Eckert, C. (2015). Detecting fingerprinted data in TLS traffic. In ASIACCS 2015 - Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security (pp. 633-638). (ASIACCS 2015 - Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security). Association for Computing Machinery. https://doi.org/10.1145/2714576.2714595

Böttinger, Konstantin ; Schuster, Dieter ; Eckert, Claudia. / Detecting fingerprinted data in TLS traffic. ASIACCS 2015 - Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security. Association for Computing Machinery, 2015. pp. 633-638 (ASIACCS 2015 - Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security).

@inproceedings{053a944e346d4674b1cc710a4be21537,

title = "Detecting fingerprinted data in TLS traffic",

abstract = "We present a new method for detecting known data in certain TLS encrypted communication channels. Our approach enables us to detect single files in eavesdropped TLS secured network traffic. We generate fingerprints by a fine-grained measurement of the entropy of fragments of known data and introduce the application of methods from the field of machine learning to the problem of file detection. We implement all proposed methods on a real data base and show the practical efficiency of our approach.",

keywords = "Machine Learning, TLS, Traffic Analysis",

author = "Konstantin B{\"o}ttinger and Dieter Schuster and Claudia Eckert",

note = "Publisher Copyright: Copyright {\textcopyright} 2015 ACM.; 10th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2015 ; Conference date: 14-04-2015 Through 17-04-2015",

year = "2015",

month = apr,

day = "14",

doi = "10.1145/2714576.2714595",

language = "English",

series = "ASIACCS 2015 - Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security",

publisher = "Association for Computing Machinery",

pages = "633--638",

booktitle = "ASIACCS 2015 - Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security",

}

Böttinger, K, Schuster, D & Eckert, C 2015, Detecting fingerprinted data in TLS traffic. in ASIACCS 2015 - Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security. ASIACCS 2015 - Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security, Association for Computing Machinery, pp. 633-638, 10th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2015, Singapore, Singapore, 14/04/15. https://doi.org/10.1145/2714576.2714595

Detecting fingerprinted data in TLS traffic. / Böttinger, Konstantin; Schuster, Dieter; Eckert, Claudia.
ASIACCS 2015 - Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security. Association for Computing Machinery, 2015. p. 633-638 (ASIACCS 2015 - Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Detecting fingerprinted data in TLS traffic

AU - Böttinger, Konstantin

AU - Schuster, Dieter

AU - Eckert, Claudia

PY - 2015/4/14

Y1 - 2015/4/14

N2 - We present a new method for detecting known data in certain TLS encrypted communication channels. Our approach enables us to detect single files in eavesdropped TLS secured network traffic. We generate fingerprints by a fine-grained measurement of the entropy of fragments of known data and introduce the application of methods from the field of machine learning to the problem of file detection. We implement all proposed methods on a real data base and show the practical efficiency of our approach.

AB - We present a new method for detecting known data in certain TLS encrypted communication channels. Our approach enables us to detect single files in eavesdropped TLS secured network traffic. We generate fingerprints by a fine-grained measurement of the entropy of fragments of known data and introduce the application of methods from the field of machine learning to the problem of file detection. We implement all proposed methods on a real data base and show the practical efficiency of our approach.

KW - Machine Learning

KW - TLS

KW - Traffic Analysis

UR - http://www.scopus.com/inward/record.url?scp=84942519397&partnerID=8YFLogxK

U2 - 10.1145/2714576.2714595

DO - 10.1145/2714576.2714595

M3 - Conference contribution

AN - SCOPUS:84942519397

T3 - ASIACCS 2015 - Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security

SP - 633

EP - 638

BT - ASIACCS 2015 - Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security

PB - Association for Computing Machinery

T2 - 10th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2015

Y2 - 14 April 2015 through 17 April 2015

ER -

Böttinger K, Schuster D, Eckert C. Detecting fingerprinted data in TLS traffic. In ASIACCS 2015 - Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security. Association for Computing Machinery. 2015. p. 633-638. (ASIACCS 2015 - Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security). doi: 10.1145/2714576.2714595

Detecting fingerprinted data in TLS traffic

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this