Unlocking the armour: enabling intrusion detection and analysis of encrypted traffic streams

Irwin, Barry V W

Title: Unlocking the armour: enabling intrusion detection and analysis of encrypted traffic streams
Creator: Irwin, Barry V W
Date: 2005
Type: text
Type: article
Identifier: http://hdl.handle.net/10962/428845
Identifier: vital:72540
Description: In the interests of maintaining end to end security, increasing volumes of information are being encrypted while in transit. Many organisations and users will make use of secure encrypted protocols for information interchange given an option. The very security that is provided by these transport protocols, such as IPSEC, HTTPS and SSH also acts against the security monitoring of an organisation’s traffic. Intrusion detection systems are no longer easily able to inspect the payload of encrypted protocols. Similarly these protocols can potentially be difficult for securi-ty and network administrators to debug, validate and analyse. This pa-per discusses the need for a means of a trusted third party being able to unpack encrypted data traversing a network and a proposes an ar-chitecture which would enable this to be achieved through the extrac-tion and sharing of the appropriate encipherment tokens, based on the assumption that an organisation has legitimate access to one side of a communication entering or exiting its network. This problem also has particular relevance to honey-net research and for investigators trying to perform real-time monitoring of an intruder which is making use of such a protected protocol. A proof of concept implementation of the proposed architecture is also discussed.
Format: 9 pages, pdf
Language: English
Relation: Information Security for South Africa, Irwin, B., 2005. Unlocking the armour: enabling intrusion detection and analysis of encrypted traffic streams. In ISSA (pp. 1-10), Information Security for South Africa volume 2005 number 1 9 2005 2330-9881
Rights: Publisher
Rights: Use of this resource is governed by the terms and conditions of the IEEE Xplore Terms of Use Statement (https://ieeexplore.ieee.org/Xplorehelp/overview-of-ieee-xplore/terms-of-use)

Hits: 43
Visitors: 50
Downloads: 8

Collections

Irwin, Barry V W (Prof)

RU Department of Computer Science

SDG 09. Industry, Innovation and Infrastructure

		Thumbnail	File	Description	Size	Format
View Details Download			SOURCE1	Unlocking the armour.pdf	144 KB	Adobe Acrobat PDF	View Details Download