# Decrypting SSL/TLS traffic for hidden threats detection

**Authors:** Tamara Radivilova, Lyudmyla Kirichenko, Dmytro Ageyev, Maxim, Tawalbeh, Vitalii Bulakh

arXiv: 1904.08383 · 2019-04-18

## TL;DR

This paper analyzes SSL/TLS decryption methods for detecting hidden threats, develops an automated approach for intercepting encrypted traffic, and demonstrates its near real-time decryption capabilities for network security.

## Contribution

It introduces a novel automated approach for intercepting and decrypting SSL/TLS traffic, enabling near real-time detection of malicious activities.

## Key findings

- Developed an automated SSL/TLS decryption method
- Enabled near real-time encrypted traffic analysis
- Applicable for remote network monitoring

## Abstract

The paper presents an analysis of the main mechanisms of decryption of SSL/TLS traffic. Methods and technologies for detecting malicious activity in encrypted traffic that are used by leading companies are also considered. Also, the approach for intercepting and decrypting traffic transmitted over SSL/TLS is developed, tested and proposed. The developed approach has been automated and can be used for remote listening of the network, which will allow to decrypt transmitted data in a mode close to real time.

---
Source: https://tomesphere.com/paper/1904.08383