Loading...

Analysis of Network Traffic Encrypted at the IP Level

Ghavamnia, Hamed | 2011

559 Viewed
  1. Type of Document: M.Sc. Thesis
  2. Language: Farsi
  3. Document No: 42457 (19)
  4. University: Sharif University of Technology
  5. Department: Computer Engineering
  6. Advisor(s): Kharrazi, Mehdi
  7. Abstract:
  8. The increasing use of the Internet as the main communications method, has increased the importance of user privacy and the security of their information. Different protocols and different methods have been proposed to provide security, but sometimes they are used to violate the network’s obligations. Increasing the users’ privacy and security, leads to the reduction of the network administrators power to control and manage the network, and this can create vulnerabilities which could be exploited by attackers to violate usage policies. Traffic analysis can be used by administrators to collect information from their network, without having to prohibit the use of security protocols. Different security protocols, encrypt the packets at different layers, and leave some parts of them unencrypted. Methods for analyzing traffic encrypted at different levels have been proposed in recent years, but as the encryption operates on lower layers of the network, anaylzing the traffic becomes harder. In this thesis, a method for finding the number of tcp handshakes at the beginning and end of the connections, in traffic encrypted at the IP-level, has been proposed. Using the proposed method, a new approach to identifying application-layer tunnels has been proposed. Also, using our prediction of the number of tcp handshakes starting a connection, we’ve increased the detection rate of single application identification in tunneled network traffic
  9. Keywords:
  10. Traffic Analysis ; Application Layer Tunnel ; Hand Shaking Operation

 Digital Object List

 Bookmark

...see more