PRI: Privacy Preserving Inspection of Encrypted Network Traffic
Liron Schiff, Stefan Schmid
TL;DR
This paper introduces PRI, a novel method for inspecting encrypted network traffic that preserves user privacy and confidentiality of inspection rules, addressing a critical gap in current security systems.
Contribution
The paper presents a new privacy-preserving approach for network traffic inspection that maintains confidentiality of traffic and inspection rules, unlike existing systems.
Findings
Supports confidential inspection of encrypted traffic
Preserves confidentiality of inspection rules and configurations
Enables flexible installation of company-specific DLP rules
Abstract
Traffic inspection is a fundamental building block of many security solutions today. For example, to prevent the leakage or exfiltration of confidential insider information, as well as to block malicious traffic from entering the network, most enterprises today operate intrusion detection and prevention systems that inspect traffic. However, the state-of-the-art inspection systems do not reflect well the interests of the different involved autonomous roles. For example, employees in an enterprise, or a company outsourcing its network management to a specialized third party, may require that their traffic remains confidential, even from the system administrator. Moreover, the rules used by the intrusion detection system, or more generally the configuration of an online or offline anomaly detection engine, may be provided by a third party, e.g., a security research firm, and can hence…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsInternet Traffic Analysis and Secure E-voting · Network Security and Intrusion Detection · Cryptography and Data Security