| Title | Encrypted Traffic Detection: Beyond the Port Number Era |
| Publication Type | Conference Paper |
| Year of Publication | 2022 |
| Authors | Doroud, Hossein, Alaswad, Ahmad, Dressler, Falko |
| Conference Name | 2022 IEEE 47th Conference on Local Computer Networks (LCN) |
| Date Published | sep |
| Keywords | deep packet inspection, Encryption, feature extraction, ground truth, Inspection, Measurement, Mobile Internet Ecosystem, Network traffic classification, privacy, pubcrawl, resilience, Resiliency, Scalability, telecommunication traffic, Traffic Control, Web and internet services |
| Abstract | Internet service providers (ISP) rely on network traffic classifiers to provide secure and reliable connectivity for their users. Encrypted traffic introduces a challenge as attacks are no longer viable using classic Deep Packet Inspection (DPI) techniques. Distinguishing encrypted from non-encrypted traffic is the first step in addressing this challenge. Several attempts have been conducted to identify encrypted traffic. In this work, we compare the detection performance of DPI, traffic pattern, and randomness tests to identify encrypted traffic in different levels of granularity. In an experimental study, we evaluate these candidates and show that a traffic pattern-based classifier outperforms others for encryption detection. |
| Notes | ISSN: 0742-1303 |
| DOI | 10.1109/LCN53696.2022.9843432 |
| Citation Key | doroud_encrypted_2022 |
Encrypted Traffic Detection: Beyond the Port Number Era