Sciweavers

AINA
2007
IEEE

Intrusion Detection for Encrypted Web Accesses

14 years 6 months ago
Intrusion Detection for Encrypted Web Accesses
As various services are provided as web applications, attacks against web applications constitute a serious problem. Intrusion Detection Systems (IDSes) are one solution, however, these systems do not work effectively when the accesses are encrypted by protocols. Because the IDSes inspect the contents of a packet, it is difficult to find attacks by the current IDS. This paper presents a novel approach to anomaly detection for encrypted web accesses. This approach applies encrypted traffic analysis to intrusion detection, which analyzes contents of encrypted traffic using only data size and timing without decryption. First, the system extracts information from encrypted traffic, which is a set comprising data size and timing for each web client. Second, the accesses are distinguished based on similarity of the information and access frequencies are calculated. Finally, malicious activities are detected according to rules generated from the frequency of accesses and characteristics...
Akira Yamada, Yutaka Miyake, Keisuke Takemori, Ahr
Added 02 Jun 2010
Updated 02 Jun 2010
Type Conference
Year 2007
Where AINA
Authors Akira Yamada, Yutaka Miyake, Keisuke Takemori, Ahren Studer, Adrian Perrig
Comments (0)