| Title | Network Security Monitoring (NSM): Can it be Effective in a World with Encrypted Traffic? |
| Publication Type | Conference Paper |
| Year of Publication | 2020 |
| Authors | Khurana, Madhu, Malik, Priyanka, Puneet, Shweta |
| Conference Name | 2020 International Conference on Computation, Automation and Knowledge Management (ICCAKM) |
| Keywords | HTTPs, MITM, Network Security Monitoring, pubcrawl, Resiliency, Scalability, Security by Default, SNI, SSL/TLS |
| Abstract | HTTPS is gaining widespread popularity for secure transactions. Most popular sites have made default choice as HTTPS. This development of encrypted traffic has brought in new challenges in the areas of network security monitoring and analysis. This paper makes a survey through various study done in the area on novel approaches for identification and investigating HTTPS traffic and its effect on network security monitoring. This work makes a complete analysis and evaluation of HTTPS protocol-is it ensuring security or are we entering in a vicious cycle of finding weaknesses and tryingto fill the gaps in Network security Monitoring. There are couple of vacuums that exist along with encrypted data, namely firewalls, IDS becoming blind to data being exchanged, enhancing vulnerabilities by making it tough to implement security policy and probability of malicious activities hidingin the ciphered traffic. Most of the current techniques namely DPI to port based to IP address to DNS to SNI filtering is prone to be ineffective in front of HTTPS traffic. The emphasis is upon the new ways to explore the expanding HTTPS volume with security breaches to cover new challenges related to Network Security Monitoring. Data collected from couple of up to date research and their conclusion hasbeen discussed to provide a brief overview so as to provide the reader with an in-depth understanding of the research progress in thisarea. |
| DOI | 10.1109/ICCAKM46823.2020.9051536 |
| Citation Key | khurana_network_2020 |
Network Security Monitoring (NSM): Can it be Effective in a World with Encrypted Traffic?