Related papers: Machine Learning Interpretability Meets TLS Fingerprinting

Machine Learning Interpretability Meets TLS Fingerprinting

URL: http://arxiv.org/abs/2011.06304v2
Date: Sun, 12 Sep 2021 18:56:20 GMT
Title: Machine Learning Interpretability Meets TLS Fingerprinting
Authors: Mahdi Jafari Siavoshani, Amir Hossein Khajepour, Amirmohammad Ziaei, Amir Ali Gatmiri, Ali Taheri
Abstract summary: We propose a framework to systematically find the most vulnerable information fields in a network protocol. focusing on the transport layer security (TLS) protocol, we perform different machine-learning-based fingerprinting attacks on the collected data. By employing the interpretation techniques developed in the machine learning community and applying our framework, we find the most vulnerable information fields in the TLS protocol.
Score: 5.179808182296037
License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
Abstract: Protecting users' privacy over the Internet is of great importance; however, it becomes harder and harder to maintain due to the increasing complexity of network protocols and components. Therefore, investigating and understanding how data is leaked from the information transmission platforms and protocols can lead us to a more secure environment. In this paper, we propose a framework to systematically find the most vulnerable information fields in a network protocol. To this end, focusing on the transport layer security (TLS) protocol, we perform different machine-learning-based fingerprinting attacks on the collected data from more than 70 domains (websites) to understand how and where this information leakage occurs in the TLS protocol. Then, by employing the interpretation techniques developed in the machine learning community and applying our framework, we find the most vulnerable information fields in the TLS protocol. Our findings demonstrate that the TLS handshake (which is mainly unencrypted), the TLS record length appearing in the TLS application data header, and the initialization vector (IV) field are among the most critical leaker parts in this protocol, respectively.

Related papers

A Comprehensive Review of TLSNotary Protocol [0.0]
We investigate the TLSNotary protocol, which aim to enable the Client to obtain proof of provenance for data from TLS session. To achieve such proofs without any Server-side adjustments or permissions, the power of secure multi-party computation (MPC) together with zero knowledge proofs is used.
arXiv Detail & Related papers (2024-09-26T09:28:51Z)
Physical Layer Deception with Non-Orthogonal Multiplexing [52.11755709248891]
We propose a novel framework of physical layer deception (PLD) to actively counteract wiretapping attempts. PLD combines PLS with deception technologies to actively counteract wiretapping attempts. We prove the validity of the PLD framework with in-depth analyses and demonstrate its superiority over conventional PLS approaches.
arXiv Detail & Related papers (2024-06-30T16:17:39Z)
Oblivious Monitoring for Discrete-Time STL via Fully Homomorphic Encryption [3.4764840969876722]
We propose a protocol for online monitoring that keeps arithmetic data concealed from the server. We build on this protocol to allow operations over encrypted values, e.g., to compute a safety measurement combining distance, velocity, and so forth. Overall, our protocol enables oblivious online monitoring of discrete-time real-valued signals against signal temporal logic (STL) formulas.
arXiv Detail & Related papers (2024-05-27T02:32:16Z)
PLLM-CS: Pre-trained Large Language Model (LLM) for Cyber Threat Detection in Satellite Networks [0.20971479389679332]
Satellite networks are vital in facilitating communication services for various critical infrastructures. Some of these systems are vulnerable due to the absence of effective intrusion detection systems. We propose a pretrained Large Language Model for Cyber Security.
arXiv Detail & Related papers (2024-05-09T00:00:27Z)
A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols [92.81385447582882]
The Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure. This paper reviews and compares the 15 most prominent authentication protocols for the CAN bus. We evaluate protocols based on essential operational criteria that contribute to ease of implementation.
arXiv Detail & Related papers (2024-01-19T14:52:04Z)
Memorization in Self-Supervised Learning Improves Downstream Generalization [49.42010047574022]
Self-supervised learning (SSL) has recently received significant attention due to its ability to train high-performance encoders purely on unlabeled data. We propose SSLMem, a framework for defining memorization within SSL.
arXiv Detail & Related papers (2024-01-19T11:32:47Z)
HasTEE+ : Confidential Cloud Computing and Analytics with Haskell [50.994023665559496]
Confidential computing enables the protection of confidential code and data in a co-tenanted cloud deployment using specialized hardware isolation units called Trusted Execution Environments (TEEs) TEEs offer low-level C/C++-based toolchains that are susceptible to inherent memory safety vulnerabilities and lack language constructs to monitor explicit and implicit information-flow leaks. We address the above with HasTEE+, a domain-specific language (cla) embedded in Haskell that enables programming TEEs in a high-level language with strong type-safety.
arXiv Detail & Related papers (2024-01-17T00:56:23Z)
A Survey of Data Security: Practices from Cybersecurity and Challenges of Machine Learning [6.086388464254366]
Machine learning (ML) is increasingly being deployed in critical systems. The data dependence of ML makes securing data used to train and test ML-enabled systems of utmost importance. Data science and cybersecurity domains adhere to their own set of skills and terminologies.
arXiv Detail & Related papers (2023-10-06T18:15:35Z)
Reinforcement Learning on Encrypted Data [58.39270571778521]
We present a preliminary, experimental study of how a DQN agent trained on encrypted states performs in environments with discrete and continuous state spaces. Our results highlight that the agent is still capable of learning in small state spaces even in presence of non-deterministic encryption, but performance collapses in more complex environments.
arXiv Detail & Related papers (2021-09-16T21:59:37Z)
Adaptive Webpage Fingerprinting from TLS Traces [13.009834690757614]
In webpage fingerprinting, an adversary infers the specific webpage loaded by a victim user by analysing the patterns in the encrypted TLS traffic exchanged between the user's browser and the website's servers. This work studies modern webpage fingerprinting adversaries against the TLS protocol. We introduce a TLS-specific model that: 1) scales to an unprecedented number of target webpages, 2) can accurately classify thousands of classes it never encountered during training, and 3) has low operational costs even in scenarios of frequent page updates.
arXiv Detail & Related papers (2020-10-19T15:13:07Z)
Deep Learning for Ultra-Reliable and Low-Latency Communications in 6G Networks [84.2155885234293]
We first summarize how to apply data-driven supervised deep learning and deep reinforcement learning in URLLC. To address these open problems, we develop a multi-level architecture that enables device intelligence, edge intelligence, and cloud intelligence for URLLC.
arXiv Detail & Related papers (2020-02-22T14:38:11Z)

This list is automatically generated from the titles and abstracts of the papers in this site.