Revealing Encrypted WebRTC Traffic via Machine Learning Tools

Mario Di Mauro; Maurizio Longo

doi:10.5220/0005542202590266

Revealing Encrypted WebRTC Traffic via Machine Learning Tools

Mario Di Mauro, Maurizio Longo

2015

Abstract

The detection of encrypted real-time traffic, both streaming and conversational, is an increasingly important issue for agencies in charge of lawful interception. Aside from well established technologies used in real-time communication (e.g. Skype, Facetime, Lync etc.) a new one is recently spreading: Web Real-Time Communication (WebRTC), which, with the support of a robust encryption method such as DTLS, offers capabilities for encrypted voice and video without the need of installing a specific application but using a common browser, like Chrome, Firefox or Opera. Encrypted WebRTC traffic cannot be recognized through methods of semantic recognition since it does not exhibit a discernible sequence of information pieces and hence statistical recognition methods are called for. In this paper we propose and evaluate a decision theory based system allowing to recognize encrypted WebRTC traffic by means of an open-source machine learning environment: Weka. Besides, a reasoned comparison among some of the most credited algorithms (J48, Simple Cart, Naïve Bayes, Random Forests) in the field of decision systems has been carried out, indicating the prevalence of Random Forests.

Download

Paper Citation

in Harvard Style

Di Mauro M. and Longo M. (2015). Revealing Encrypted WebRTC Traffic via Machine Learning Tools . In Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015) ISBN 978-989-758-117-5, pages 259-266. DOI: 10.5220/0005542202590266

in Bibtex Style

@conference{secrypt15,
author={Mario Di Mauro and Maurizio Longo},
title={Revealing Encrypted WebRTC Traffic via Machine Learning Tools},
booktitle={Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015)},
year={2015},
pages={259-266},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005542202590266},
isbn={978-989-758-117-5},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015)
TI - Revealing Encrypted WebRTC Traffic via Machine Learning Tools
SN - 978-989-758-117-5
AU - Di Mauro M.
AU - Longo M.
PY - 2015
SP - 259
EP - 266
DO - 10.5220/0005542202590266