A survey on encrypted network traffic analysis applications, techniques, and countermeasuresA survey on encrypted network traffic analysis applications, techniques, and countermeasures
Peer-Reviewed Journal Publication
Δημοσίευση σε Περιοδικό με Κριτές
2022-10-312022enThis work was supported by the projects CONCORDIA, CyberSANE, C4IIoT and COLLABS funded by the European Commission under Grant Agreements No. 830927, No. 833683, No. 833828, and No. 871518.The adoption of network traffic encryption is continually growing. Popular applications use encryption protocols to secure communications and protect the privacy of users. In addition, a large portion of malware is spread through the network traffic taking advantage of encryption protocols to hide its presence and activity. Entering into the era of completely encrypted communications over the Internet, we must rapidly start reviewing the state-of-the-art in the wide domain of network traffic analysis and inspection, to conclude if traditional traffic processing systems will be able to seamlessly adapt to the upcoming full adoption of network encryption. In this survey, we examine the literature that deals with network traffic analysis and inspection after the ascent of encryption in communication channels. We notice that the research community has already started proposing solutions on how to perform inspection even when the network traffic is encrypted and we demonstrate and review these works. In addition, we present the techniques and methods that these works use and their limitations. Finally, we examine the countermeasures that have been proposed in the literature in order to circumvent traffic analysis techniques that aim to harm user privacy.http://creativecommons.org/licenses/by/4.0/ACM Computing Surveys546
Papadogiannaki Eva
Ioannidis Sotirios
Ιωαννιδης Σωτηριος
Association for Computing Machinery (ACM)
Encrypted network traffic
Encrypted network traffic analysis
Network traffic inspection
Network traffic processing
Network analytics
Application analytics
Application usage analytics
QoSs analytics
QoE analytics
Network security
Network intrusion detection
Mobile malware
User privacy
Website fingerprinting
Pii leakage
Device fingerprinting
Location estimation
Network middlebox
Network function
Machine learning
Deep learning
Neural networks
Searchable encryption
Network traffic interception
Network packet metadata