September 28, 2021

Malware Protection

Dedicated Forum to help removing adware, malware, spyware, ransomware, trojans, viruses and more!

Machine Learning Interpretability Meets TLS Fingerprinting. (arXiv:2011.06304v2 [cs.NI] UPDATED)

Protecting users’ privacy over the Internet is of great importance; however,
it becomes harder and harder to maintain due to the increasing complexity of
network protocols and components. Therefore, investigating and understanding
how data is leaked from the information transmission platforms and protocols
can lead us to a more secure environment.

In this paper, we propose a framework to systematically find the most
vulnerable information fields in a network protocol. To this end, focusing on
the transport layer security (TLS) protocol, we perform different
machine-learning-based fingerprinting attacks on the collected data from more
than 70 domains (websites) to understand how and where this information leakage
occurs in the TLS protocol. Then, by employing the interpretation techniques
developed in the machine learning community and applying our framework, we find
the most vulnerable information fields in the TLS protocol. Our findings
demonstrate that the TLS handshake (which is mainly unencrypted), the TLS
record length appearing in the TLS application data header, and the
initialization vector (IV) field are among the most critical leaker parts in
this protocol, respectively.