Clear and Present Data: Opaque Traffic and its Security Implications for the Future

Author(s): Andrew M. White, Srinivas Krishnan, Michael Bailey, Fabian Monrose, Phillip Porras

Download: Paper (PDF)

Date: 24 Apr 2013

Document Type: Presentations

Additional Documents: Slides

Associated Event: NDSS Symposium 2013

Abstract:

Opaque, i.e., compressed or encrypted, traffic incurs high overhead for DPI engines yet often yields little useful information. Our experiments indicate that 89% of payload-carrying TCP packets are opaque. We provide a first step toward addressing the challenges presented by the abundance of opaque traffic by introducing new techniques for accurate real-time filtering of opaque packets in 16 bytes or less.