Spelling suggestions: "subject:"secure socket layer""
1 |
An Investigation on Detecting Applications Hidden in SSL Streams using Machine Learning TechniquesMcCarthy, Curtis 13 August 2010 (has links)
The importance of knowing what type of traffic is flowing through a network is
paramount to its success. Traffic shaping, Quality of Service, identifying critical
business applications, Intrusion Detection Systems, as well as network administra-
tion activities all require the base knowledge of what traffic is flowing over a network
before any further steps can be taken. With SSL traffic on the rise due to applica-
tions securing or concealing their traffic, the ability to determine what applications
are running within a network is getting more and more difficult. Traditional methods
of traffic classification through port numbers or deep packet inspection have been
deemed inadequate by researchers thus making way for new methods. The purpose
of this thesis is to investigate if a machine learning approach can be used with flow
features to identify SSL in a given network trace. To this end, different machine
learning methods are investigated without the use of port numbers, Internet Protocol
addresses, or payload information. Various machine learning models are investigated
including AdaBoost, Naive Bayes, RIPPER, and C4.5. The robustness of the results
are tested against unseen datasets during training. Moreover, the proposed approach
is compared to the Wireshark traffic analysis tool. Results show that the proposed ap-
proach is very promising in identifying SSL traffic from a given network trace without
using port numbers, Internet protocol addresses, or payload information.
|
2 |
Evaluation and Implementation for Pushing Automatic Updates to IoT DevicesMin, Menglei January 2017 (has links)
In recent years, Internet of Things has developed rapidly, and now has penetrated into human life and industrial production. It is speculated that the internet of things will become ubiquitous in the future, which will bring a series of problems. First, the large number of things will lead to operated system and software updates consuming a lot of manpower and resources. Another problem is the Internet of things facing security issues, in recent years for the means of Internet of things and tools have been increasing largely. Therefore, to achieve a secure automatic update on the Internet of Things is essential. This report will follow such an automatic update system based on Internet of things to expand. First it elaborated on the main motive of this problem, found three existing related works and three security methods for communication to analyze. Then combined results of analysis, put forward own a secure automatic update solution: manager and devices connect and mutual authentication in real time, at the same time, the manager will regularly check the database to see if there is new version application. When the administrator uploads a new version, the manager will download the version and then sends to all devices, then device installs and finally restart itself. Next, the report described how to implement this system in detail and evaluated it. In the end, this report summarized and introduces the future work.
|
3 |
The Security LayerO'Neill, Mark Thomas 01 January 2019 (has links)
Transport Layer Security (TLS) is a vital component to the security ecosystem and the most popular security protocol used on the Internet today. Despite the strengths of the protocol, numerous vulnerabilities result from its improper use in practice. Some of these vulnerabilities arise from weaknesses in authentication, from the rigidity of the trusted authority system to the complexities of client certificates. Others result from the misuse of TLS by developers, who misuse complicated TLS libraries, improperly validate server certificates, employ outdated cipher suites, or deploy other features insecurely. To make matters worse, system administrators and users are powerless to fix these issues, and lack the ability to properly control how their own machines communicate securely online.
In this dissertation we argue that the problems described are the result of an improper placement of security responsibilities. We show that by placing TLS services in the operating system, both new and existing applications can be automatically secured, developers can easily use TLS without intimate knowledge of security, and security settings can be controlled by administrators. This is demonstrated through three explorations that provide TLS features through the operating system. First, we describe and assess TrustBase, a service that repairs and strengthens certificate-based authentication for TLS connections. TrustBase uses traffic interception and a policy engine to provide administrators fine-tuned control over the trust decisions made by all applications on their systems. Second, we introduce and evaluate the Secure Socket API (SSA), which provides TLS as an operating system service through the native POSIX socket API. The SSA enables developers to use modern TLS securely, with as little as one line of code, and also allows custom tailoring of security settings by administrators. Finally, we further explore a modern approach to TLS client authentication, leveraging the operating system to provide a generic platform for strong authentication that supports easy deployment of client authentication features and protects user privacy. We conclude with a discussion of the reasons for the success of our efforts, and note avenues for future work that leverage the principles exhibited in this work, both in and beyond TLS.
|
Page generated in 0.0391 seconds