Revealing Encrypted WebRTC Traffic via Machine Learning Tools
Mario Di Mauro, Maurizio Longo
2015
Abstract
The detection of encrypted real-time traffic, both streaming and conversational, is an increasingly important issue for agencies in charge of lawful interception. Aside from well established technologies used in real-time communication (e.g. Skype, Facetime, Lync etc.) a new one is recently spreading: Web Real-Time Communication (WebRTC), which, with the support of a robust encryption method such as DTLS, offers capabilities for encrypted voice and video without the need of installing a specific application but using a common browser, like Chrome, Firefox or Opera. Encrypted WebRTC traffic cannot be recognized through methods of semantic recognition since it does not exhibit a discernible sequence of information pieces and hence statistical recognition methods are called for. In this paper we propose and evaluate a decision theory based system allowing to recognize encrypted WebRTC traffic by means of an open-source machine learning environment: Weka. Besides, a reasoned comparison among some of the most credited algorithms (J48, Simple Cart, Naïve Bayes, Random Forests) in the field of decision systems has been carried out, indicating the prevalence of Random Forests.
DownloadPaper Citation
in Harvard Style
Di Mauro M. and Longo M. (2015). Revealing Encrypted WebRTC Traffic via Machine Learning Tools . In Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015) ISBN 978-989-758-117-5, pages 259-266. DOI: 10.5220/0005542202590266
in Bibtex Style
@conference{secrypt15,
author={Mario Di Mauro and Maurizio Longo},
title={Revealing Encrypted WebRTC Traffic via Machine Learning Tools},
booktitle={Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015)},
year={2015},
pages={259-266},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005542202590266},
isbn={978-989-758-117-5},
}
in EndNote Style
TY - CONF
JO - Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015)
TI - Revealing Encrypted WebRTC Traffic via Machine Learning Tools
SN - 978-989-758-117-5
AU - Di Mauro M.
AU - Longo M.
PY - 2015
SP - 259
EP - 266
DO - 10.5220/0005542202590266