Abstract:
|
In nowadays Internet, there is a strong trend to encrypt the traffic in order to protect users' privacy. This results in a hard challenge for traffic classification, as the payload in the packets cannot be accessed anymore. In this context, some techniques were proposed for traditional networks in order to classify this traffic. However, we could not find previous works addressing encrypted traffic classification considering the particularities of the Software-Defined Networking (SDN) paradigm. In this paper we present an OpenFlow-based classification system which combines techniques leveraging information in SSL/TLS certificates and DNS traffic to perform accurate flow-level classification for encrypted traffic. We make experiments with real-world traffic to evaluate the overall classification accuracy of our system as well as the accuracy detecting specific popular applications (e.g., Netflix). Furthermore, we assess the processing overhead when deploying our system in SDN environments. As a result, we observe that the support provided by OpenFlow enables to achieve a high accuracy with a more reduced processing overhead than in traditional networks, where typically the whole traffic is mirrored to an external collector that classifies the traffic. |