Browser Identification Based on Encrypted Traffic

DOI

10.2991/cimns-16.2016.90How to use a DOI?

Keywords

HTTPS; accecss traffic; packet length; browser identificaion

Abstract

Network traffic encryption brings security to network communication, however it also brings challenges to network monitoring. As more and more major websites use encryption protocol to protect imformation of visitors, it is a burning issue to identify client when session is encrypted. In this paper, we present browser identification of HTTPS client based on packet length. The sequence of request packet length is different among browsers and our experiment shows that it is possible to recognize what kind of browser the traffic comes from according to length sequence. We theoretically analyze the possibility of using the request packet length to identify browsers and show the method of using length sequence to establish dictionary. The dictionaries are used to distinguish unknown traffic flow. Our experiment results show that we can get accurate results of browser identification in HTTPS communication through packet length analysis.

Copyright

© 2016, the Authors. Published by Atlantis Press.

Open Access

This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).

Download article (PDF)

TY  - CONF
AU  - Changjiang Liu
AU  - Jiesi Han
AU  - Qiang Wei
PY  - 2016/09
DA  - 2016/09
TI  - Browser Identification Based on Encrypted Traffic
BT  - Proceedings of the 2016 International Conference on Communications, Information Management and Network Security
PB  - Atlantis Press
SP  - 360
EP  - 363
SN  - 2352-538X
UR  - https://doi.org/10.2991/cimns-16.2016.90
DO  - 10.2991/cimns-16.2016.90
ID  - Liu2016/09
ER  -