DISTILLER: Encrypted traffic classification via multimodal multitask deep learning
Traffic classification, ie the inference of applications and/or services from their network traffic,
represents the workhorse for service management and the enabler for valuable profiling …
represents the workhorse for service management and the enabler for valuable profiling …
How the Great Firewall of China detects and blocks fully encrypted traffic
M Wu, J Sippe, D Sivakumar, J Burg… - 32nd USENIX Security …, 2023 - usenix.org
One of the cornerstones in censorship circumvention is fully encrypted protocols, which
encrypt every byte of the payload in an attempt to “look like nothing”. In early November …
encrypt every byte of the payload in an attempt to “look like nothing”. In early November …
Detecting DNS over HTTPS based data exfiltration
DNS is often used by attackers as a covert channel for data exfiltration, also known as DNS
tunneling. Since the plaintext DNS lookup leads to privacy issues, DNS over HTTPS (DoH) …
tunneling. Since the plaintext DNS lookup leads to privacy issues, DNS over HTTPS (DoH) …
How Great is the Great Firewall? Measuring China's {DNS} Censorship
The DNS filtering apparatus of China's Great Firewall (GFW) has evolved considerably over
the past two decades. However, most prior studies of China's DNS filtering were performed …
the past two decades. However, most prior studies of China's DNS filtering were performed …
Investigating large scale https interception in kazakhstan
RS Raman, L Evdokimov, E Wurstrow… - Proceedings of the …, 2020 - dl.acm.org
Increased adoption of HTTPS has created a largely encrypted web, but these security gains
are on a collision course with governments that desire visibility into and control over user …
are on a collision course with governments that desire visibility into and control over user …
Encrypted malware traffic detection via graph-based network analysis
Malicious activities on the Internet continue to grow in volume and damage, posing a serious
risk to society. Malware with remote control capabilities is considered one of the most …
risk to society. Malware with remote control capabilities is considered one of the most …
TSPU: Russia's decentralized censorship system
D Xue, B Mixon-Baca, ValdikSS, A Ablove… - Proceedings of the …, 2022 - dl.acm.org
Russia's Sovereign RuNet was designed to build a Russian national firewall. Previous
anecdotes and isolated events in the past two years reflected centrally coordinated …
anecdotes and isolated events in the past two years reflected centrally coordinated …
Measuring and evading turkmenistan's internet censorship: A case study in large-scale measurements of a low-penetration country
Since 2006, Turkmenistan has been listed as one of the few Internet enemies by Reporters
without Borders due to its extensively censored Internet and strictly regulated information …
without Borders due to its extensively censored Internet and strictly regulated information …
Is encrypted clienthello a challenge for traffic classification?
D Shamsimukhametov, A Kurapov… - IEEE …, 2022 - ieeexplore.ieee.org
Although the widely-used Transport Layer Security (TLS) protocol hides application data, an
unencrypted part of the TLS handshake, specifically the server name indication (SNI), is a …
unencrypted part of the TLS handshake, specifically the server name indication (SNI), is a …
Estimating WebRTC Video QoE Metrics Without Using Application Headers
The increased use of video conferencing applications (VCAs) has made it critical to
understand and support end-user quality of experience (QoE) by all stakeholders in the VCA …
understand and support end-user quality of experience (QoE) by all stakeholders in the VCA …