Loading...

Machine learning interpretability meets TLS fingerprinting

Jafari Siavoshani, M ; Sharif University of Technology | 2023

0 Viewed
  1. Type of Document: Article
  2. DOI: 10.1007/s00500-023-07949-9
  3. Publisher: Springer Science and Business Media Deutschland GmbH , 2023
  4. Abstract:
  5. Protecting users’ privacy over the Internet is of great importance; however, it becomes harder and harder to maintain due to the increasing complexity of network protocols and components. Therefore, investigating and understanding how data are leaked from the information transmission platforms and protocols can lead us to a more secure environment. In this paper, we propose a framework to systematically find the most vulnerable information fields in a network protocol. To this end, focusing on the transport layer security (TLS) protocol, we perform different machine-learning-based fingerprinting attacks on the collected data from more than 70 domains (websites) to understand how and where this information leakage occurs in the TLS protocol. Then, by employing the interpretation techniques developed in the machine learning community and applying our framework, we find the most vulnerable information fields in the TLS protocol. Our findings demonstrate that the TLS handshake (which is mainly unencrypted), the TLS record length appearing in the TLS application data header, and the IV field are among the most critical leaker parts in this protocol, respectively. © 2023, The Author(s), under exclusive licence to Springer-Verlag GmbH Germany, part of Springer Nature
  6. Keywords:
  7. Deep learning ; Information leakage ; Model interpretation ; Transport layer security (TLS) ; Web fingerprinting
  8. Source: Soft Computing ; Volume 27, Issue 11 , 2023 , Pages 7191-7208 ; 14327643 (ISSN)
  9. URL: https://link.springer.com/article/10.1007/s00500-023-07949-9