Authors:
Mario Di Mauro
and
Maurizio Longo
Affiliation:
University of Salerno, Italy
Keyword(s):
Encrypted Real-Time Traffic, WebRTC, DTLS, Decision Trees, Weka, Machine Learning.
Related
Ontology
Subjects/Areas/Topics:
Data and Application Security and Privacy
;
Information and Systems Security
;
Information Assurance
;
Information Hiding
;
Intrusion Detection & Prevention
;
Network Security
;
Privacy
;
Security in Information Systems
;
Security Information Systems Architecture and Design and Security Patterns
;
Security Protocols
;
Wireless Network Security
Abstract:
The detection of encrypted real-time traffic, both streaming and conversational, is an increasingly important
issue for agencies in charge of lawful interception. Aside from well established technologies used in real-time
communication (e.g. Skype, Facetime, Lync etc.) a new one is recently spreading: Web Real-Time
Communication (WebRTC), which, with the support of a robust encryption method such as DTLS, offers
capabilities for encrypted voice and video without the need of installing a specific application but using a
common browser, like Chrome, Firefox or Opera. Encrypted WebRTC traffic cannot be recognized through
methods of semantic recognition since it does not exhibit a discernible sequence of information pieces and
hence statistical recognition methods are called for. In this paper we propose and evaluate a decision theory
based system allowing to recognize encrypted WebRTC traffic by means of an open-source machine
learning environment: Weka. Besides, a reasoned com
parison among some of the most credited algorithms
(J48, Simple Cart, Naïve Bayes, Random Forests) in the field of decision systems has been carried out,
indicating the prevalence of Random Forests.
(More)