| Presentation | 2006-07-20 Intrusion Detection for Encrypted Web Traffic Akira YAMADA, Yutaka MIYAKE, Keisuke TAKEMORI, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | The threat of attacks on web applications, such as SQL injection and cross site scripting, remains a serious problem. Though a Web Application Firewall (WAF) and an Intrusion Detection System (IDS) are part of the solution, they are ineffective for encrypted traffic. These approaches need to check the contents of traffic to detect malicious activities. So we propose a new intrusion detection system for SSL encrypted web accesses. The proposed system distinguishes encrypted pages by temporal ID, extracts certain features related to attacks, and estimates the probability of attacks. Employing sequential analysis, the proposed system can identify web access pages without preparations in advance, and extracts the features with less memory and calculation. We evaluate the accuracy of the distinction and false positive/negative rate using actual traffic of a web site and DARPA IDS evaluation data. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | Intrusion Detection System / Web Aplication Firewall / Anomaly Detection / Encrypted Traffic / SSL/TLS |
| Paper # | ISEC2006-32,SITE2006-29 |
| Date of Issue |
| Conference Information | |
| Committee | SITE |
|---|---|
| Conference Date | 2006/7/13(1days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | |
| Chair | |
| Vice Chair | |
| Secretary | |
| Assistant | |
| Paper Information | |
| Registration To | Social Implications of Technology and Information Ethics (SITE) |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | Intrusion Detection for Encrypted Web Traffic |
| Sub Title (in English) | |
| Keyword(1) | Intrusion Detection System |
| Keyword(2) | Web Aplication Firewall |
| Keyword(3) | Anomaly Detection |
| Keyword(4) | Encrypted Traffic |
| Keyword(5) | SSL/TLS |
| 1st Author's Name | Akira YAMADA |
| 1st Author's Affiliation | KDDI R&D Laboratories Inc.() |
| 2nd Author's Name | Yutaka MIYAKE |
| 2nd Author's Affiliation | KDDI R&D Laboratories Inc. |
| 3rd Author's Name | Keisuke TAKEMORI |
| 3rd Author's Affiliation | KDDI R&D Laboratories Inc. |
| Date | 2006-07-20 |
| Paper # | ISEC2006-32,SITE2006-29 |
| Volume (vol) | vol.106 |
| Number (no) | 174 |
| Page | pp.pp.- |
| #Pages | 7 |
| Date of Issue | |