Fast Packet Inspection for End-To-End Encryption

Kim, Soyeon; Yun, Sun-Woo; Lee, Eun-Young; Bae, So-Hyeon; Lee, Il-Gu

doi:10.3390/electronics9111937

Cited by 5 publications

(4 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Such an approach would allow a service to check whether a message contained any particular piece of media (say, a divisive political meme) by hashing the media and comparing the hash of the message. The service provider could essentially monitor user content, well beyond class C. We believe these constructions so completely defeat E2EE guarantees that they cannot defensibly be considered compatible, and we emphatically reject these proposed directions from both researchers and governments (e.g., [5,200,341]).…”

Section: Content Moderation Under E2eementioning

confidence: 99%

See 1 more Smart Citation

SoK: Content Moderation for End-to-End Encryption

Scheffler

Mayer

2023

PoPETs

View full text Add to dashboard Cite

Popular messaging applications now enable end-to-end-encryption (E2EE) by default, and E2EE data storage is becoming common. These important advances for security and privacy create new content moderation challenges for online services, because services can no longer directly access plaintext content. While ongoing public policy debates about E2EE and content moderation in the United States and European Union emphasize child sexual abuse material and misinformation in messaging and storage, we identify and synthesize a wealth of scholarship that goes far beyond those topics. We bridge literature that is diverse in both content moderation subject matter, such as malware, spam, hate speech, terrorist content, and enterprise policy compliance, as well as intended deployments, including not only privacy-preserving content moderation for messaging, email, and cloud storage, but also private introspection of encrypted web traffic by middleboxes. In this work, we systematize the study of content moderation in E2EE settings. We set out a process pipeline for content moderation, drawing on a broad interdisciplinary literature that is not specific to E2EE. We examine cryptography and policy design choices at all stages of this pipeline, and we suggest areas of future research to fill gaps in literature and better understand possible paths forward.

show abstract

Section: Content Moderation Under E2eementioning

confidence: 99%

“…The service provider could essentially monitor user content, well beyond class 𝐶. We believe these constructions so completely defeat E2EE guarantees that they cannot defensibly be considered compatible, and we emphatically reject these proposed directions from both researchers and governments (e.g., [5,200,341]).…”

Section: Content Moderation Under E2eementioning

confidence: 99%

SoK: Content Moderation for End-to-End Encryption

Scheffler

Mayer

2023

PoPETs

View full text Add to dashboard Cite

show abstract

“…Production devices in service provider and user environments employ traffic classification for attack detection that would typically require significant computing resources to decrypt and (re)encrypt data in real-time affecting the network throughput, delay, and overall user experience. e costs of associated techniques such as deep packet inspection (DPI) are also substantial in terms of equipment and resources that these are not considered readily adoptable [27,28]. e encryption and decryption of network traffic is not only resource intensive but also a challenging task for network managers in adequately preserving the privacy of end-users.…”

Section: Cyber Security and Neuralmentioning

confidence: 99%

Anomaly Detection in Encrypted Internet Traffic Using Hybrid Deep Learning

Bakhshi

Ghita

2021

Security and Communication Networks

View full text Add to dashboard Cite

An increasing number of Internet application services are relying on encrypted traffic to offer adequate consumer privacy. Anomaly detection in encrypted traffic to circumvent and mitigate cyber security threats is, however, an open and ongoing research challenge due to the limitation of existing traffic classification techniques. Deep learning is emerging as a promising paradigm, allowing reduction in manual determination of feature set to increase classification accuracy. The present work develops a deep learning-based model for detection of anomalies in encrypted network traffic. Three different publicly available datasets including the NSL-KDD, UNSW-NB15, and CIC-IDS-2017 are used to comprehensively analyze encrypted attacks targeting popular protocols. Instead of relying on a single deep learning model, multiple schemes using convolutional (CNN), long short-term memory (LSTM), and recurrent neural networks (RNNs) are investigated. Our results report a hybrid combination of convolutional (CNN) and gated recurrent unit (GRU) models as outperforming others. The hybrid approach benefits from the low-latency feature derivation of the CNN, and an overall improved training dataset fitting. Additionally, the highly effective generalization offered by GRU results in optimal time-domain-related feature extraction, resulting in the CNN and GRU hybrid scheme presenting the best model.

show abstract

“…Furthermore, IoT devices are used in various industrial fields such as agriculture, medical care, and manufacturing, and real-time management and automation have improved the efficiency of the related processes [2]. In addition, online services have become common because of COVID-19, and there has been rapid growth in areas such as remote working and remote learning [3]. Consequently, the scale of damage caused by the leakage of personal information and industrial secrets is increasing, which has highlighted the importance of endpoint security for personal computers (PCs) and smartphones [4].…”

Section: Introductionmentioning

confidence: 99%

Malicious Traffic Compression and Classification Technique for Secure Internet of Things

Lee,

Park,

Kim

et al. 2023

Computers, Materials &Amp; Continua

View full text Add to dashboard Cite

With the introduction of 5G technology, the application of Internet of Things (IoT) devices is expanding to various industrial fields. However, introducing a robust, lightweight, low-cost, and low-power security solution to the IoT environment is challenging. Therefore, this study proposes two methods using a data compression technique to detect malicious traffic efficiently and accurately for a secure IoT environment. The first method, compressed sensing and learning (CSL), compresses an event log in a bitmap format to quickly detect attacks. Then, the attack log is detected using a machine-learning classification model. The second method, precise re-learning after CSL (Ra-CSL), comprises a two-step training. It uses CSL as the 1st step analyzer, and the 2nd step analyzer is applied using the original dataset for a log that is detected as an attack in the 1st step analyzer. In the experiment, the bitmap rule was set based on the boundary value, which was 99.6% true positive on average for the attack and benign data found by analyzing the training data. Experimental results showed that the CSL was effective in reducing the training and detection time, and Ra-CSL was effective in increasing the detection rate. According to the experimental results, the data compression technique reduced the memory size by up to 20% and the training and detection times by 67% when compared with the conventional technique. In addition, the proposed technique improves the detection accuracy; the Naive Bayes model with the highest performance showed a detection rate of approximately 99%.

show abstract

Fast Packet Inspection for End-To-End Encryption

Cited by 5 publications

References 22 publications

SoK: Content Moderation for End-to-End Encryption

SoK: Content Moderation for End-to-End Encryption

Anomaly Detection in Encrypted Internet Traffic Using Hybrid Deep Learning

Malicious Traffic Compression and Classification Technique for Secure Internet of Things

Contact Info

Product

Resources

About