SECURITY SENSOR PROVIDING ANALYSIS OF ENCRYPTED NETWORK DATA
Daniel Hamburg, York Tüchelmann
2006
Abstract
Common Intrusion Detection Systems are susceptible to encrypted attacks, i.e. attacks that employ security protocols to conceal malign data. In this work, we introduce a software sensor, called Transport Layer Security Sensor (TLSS), providing detection engines access to network data encrypted at Transport Layer. Transport Layer Encryption, such as SSL, is typically implemented by a local application and not the OS. TLSS resides on the monitored host and executes cryptographic functions on behalf of local applications. TLSS decrypts incoming encrypted network packets and passes the data to the application, e.g., a Web server software. In addition, cleartext data is also passed to a detection engine for analysis. We present an implementation of TLSS designed for Web servers providing SSL-secured HTTP access and evaluate sensor’s performance.
DownloadPaper Citation
in Harvard Style
Hamburg D. and Tüchelmann Y. (2006). SECURITY SENSOR PROVIDING ANALYSIS OF ENCRYPTED NETWORK DATA . In Proceedings of WEBIST 2006 - Second International Conference on Web Information Systems and Technologies - Volume 1: WEBIST, ISBN 978-972-8865-46-7, pages 172-177. DOI: 10.5220/0001254401720177
in Bibtex Style
@conference{webist06,
author={Daniel Hamburg and York Tüchelmann},
title={SECURITY SENSOR PROVIDING ANALYSIS OF ENCRYPTED NETWORK DATA},
booktitle={Proceedings of WEBIST 2006 - Second International Conference on Web Information Systems and Technologies - Volume 1: WEBIST,},
year={2006},
pages={172-177},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001254401720177},
isbn={978-972-8865-46-7},
}
in EndNote Style
TY - CONF
JO - Proceedings of WEBIST 2006 - Second International Conference on Web Information Systems and Technologies - Volume 1: WEBIST,
TI - SECURITY SENSOR PROVIDING ANALYSIS OF ENCRYPTED NETWORK DATA
SN - 978-972-8865-46-7
AU - Hamburg D.
AU - Tüchelmann Y.
PY - 2006
SP - 172
EP - 177
DO - 10.5220/0001254401720177