Abstract
As the amount of encrypted network traffic on enterprise networks increases steadily, the problem of malicious acts encrypted to bypass security devices has emerged. Previous studies analyzed the encrypted network traffic by changing the network traffic or communication flow between the encrypted communications to analyze such encrypted malicious behavior. However, there are limitations to the existing methods because they require additional prior-data or additional network configurations in order to analyze the encrypted network traffic. In this paper, we propose a system to decrypt secure socket layer network traffic to analyze the encrypted network traffic in the enterprise network environment. The proposed system can be used to analyze encrypted network traffic in order to detect malicious activity and corporate information leaks.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
ESG: Network Encryption and its Impact on Enterprise Security (2015)
Gartner: Security Leaders Must Address Threats from Rising SSL Network traffic (2013)
Husák, M., ÄŒermák, M., JirsÃk, T., ÄŒeleda, P.: HTTPS network traffic analysis and client identification using passive SSL/TLS fingerprinting, EURASIP J. Inf. Secur. 2016(6), 1–14 (2016)
Goh, V.T., Zimmermann, J., Looi, M.: Detecting attacks in encrypted networks using secret-sharing schemes. Int. J. Cryptol. Res. 2(1), 89–99 (2010)
Shamir, A.: How to share a secret. Commun. ACM 22, 612–613 (1979)
Whalen, S.: An introduction to arp spoofing, Node99 [Online Document] (2001)
Chomsiri, T.: HTTPS hacking protection. In: 21st International Conference on AINAW 2007, vol. 1. IEEE (2007)
Acknowledgments
This research was supported by the MSIP (Ministry of Science, ICT and Future Planning), Korea, under the University Information Technology Research Center support program (IITP-2016-R2718-16-0003) supervised by the IITP (Institute for Information & communications Technology Promotion).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Yoon, J., Shin, K., Won, Y. (2017). Encrypted Network Traffic Analysis Method via Secure Socket Layer Handshake Control. In: Park, J., Chen, SC., Raymond Choo, KK. (eds) Advanced Multimedia and Ubiquitous Engineering. FutureTech MUE 2017 2017. Lecture Notes in Electrical Engineering, vol 448. Springer, Singapore. https://doi.org/10.1007/978-981-10-5041-1_11
Download citation
DOI: https://doi.org/10.1007/978-981-10-5041-1_11
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-5040-4
Online ISBN: 978-981-10-5041-1
eBook Packages: EngineeringEngineering (R0)