Fast Packet Inspection for End-To-End Encryption
With the recent development and popularization of various network technologies, communicating with people at any time, and from any location, using high-speed internet, has become easily accessible. At the same time, eavesdropping, data interception, personal data leakage, and distribution of malwar...
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2020-11-01
|
| Series: | Electronics |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2079-9292/9/11/1937 |
| _version_ | 1797547660596477952 |
|---|---|
| author | So-Yeon Kim Sun-Woo Yun Eun-Young Lee So-Hyeon Bae Il-Gu Lee |
| author_facet | So-Yeon Kim Sun-Woo Yun Eun-Young Lee So-Hyeon Bae Il-Gu Lee |
| author_sort | So-Yeon Kim |
| collection | DOAJ |
| description | With the recent development and popularization of various network technologies, communicating with people at any time, and from any location, using high-speed internet, has become easily accessible. At the same time, eavesdropping, data interception, personal data leakage, and distribution of malware during the information transfer process have become easier than ever. Recently, to respond to such threats, end-to-end encryption (E2EE) technology has been widely implemented in commercial network services as a popular information security system. However, with the use of E2EE technology, it is difficult to check whether an encrypted packet is malicious in an information security system. A number of studies have been previously conducted on deep packet inspection (DPI) through trustable information security systems. However, the E2EE is not maintained when conducting a DPI, which requires a long inspection time. Thus, in this study, a fast packet inspection (FPI) and its frame structure for quickly detecting known malware patterns while maintaining E2EE are proposed. Based on the simulation results, the proposed FPI allows for inspecting packets approximately 14.4 and 5.3 times faster, respectively, when the inspection coverage is 20% and 100%, as compared with a DPI method under a simulation environment in which the payload length is set to 640 bytes. |
| first_indexed | 2024-03-10T14:47:16Z |
| format | Article |
| id | doaj.art-ea1edd3be73543a9989382deaa30e66d |
| institution | Directory Open Access Journal |
| issn | 2079-9292 |
| language | English |
| last_indexed | 2024-03-10T14:47:16Z |
| publishDate | 2020-11-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Electronics |
| spelling | doaj.art-ea1edd3be73543a9989382deaa30e66d2023-11-20T21:18:44ZengMDPI AGElectronics2079-92922020-11-01911193710.3390/electronics9111937Fast Packet Inspection for End-To-End EncryptionSo-Yeon Kim0Sun-Woo Yun1Eun-Young Lee2So-Hyeon Bae3Il-Gu Lee4Department of Convergence Security Engineering, Sungshin University, Seoul 02844, KoreaDepartment of Future Convergence Technology Engineering, Sungshin University, Seoul 02844, KoreaDepartment of Convergence Security Engineering, Sungshin University, Seoul 02844, KoreaDepartment of Convergence Security Engineering, Sungshin University, Seoul 02844, KoreaDepartment of Future Convergence Technology Engineering, Sungshin University, Seoul 02844, KoreaWith the recent development and popularization of various network technologies, communicating with people at any time, and from any location, using high-speed internet, has become easily accessible. At the same time, eavesdropping, data interception, personal data leakage, and distribution of malware during the information transfer process have become easier than ever. Recently, to respond to such threats, end-to-end encryption (E2EE) technology has been widely implemented in commercial network services as a popular information security system. However, with the use of E2EE technology, it is difficult to check whether an encrypted packet is malicious in an information security system. A number of studies have been previously conducted on deep packet inspection (DPI) through trustable information security systems. However, the E2EE is not maintained when conducting a DPI, which requires a long inspection time. Thus, in this study, a fast packet inspection (FPI) and its frame structure for quickly detecting known malware patterns while maintaining E2EE are proposed. Based on the simulation results, the proposed FPI allows for inspecting packets approximately 14.4 and 5.3 times faster, respectively, when the inspection coverage is 20% and 100%, as compared with a DPI method under a simulation environment in which the payload length is set to 640 bytes.https://www.mdpi.com/2079-9292/9/11/1937end-to-end encryption (E2EE)packet inspectionintegritymalware detectionsecurityconfidentiality |
| spellingShingle | So-Yeon Kim Sun-Woo Yun Eun-Young Lee So-Hyeon Bae Il-Gu Lee Fast Packet Inspection for End-To-End Encryption Electronics end-to-end encryption (E2EE) packet inspection integrity malware detection security confidentiality |
| title | Fast Packet Inspection for End-To-End Encryption |
| title_full | Fast Packet Inspection for End-To-End Encryption |
| title_fullStr | Fast Packet Inspection for End-To-End Encryption |
| title_full_unstemmed | Fast Packet Inspection for End-To-End Encryption |
| title_short | Fast Packet Inspection for End-To-End Encryption |
| title_sort | fast packet inspection for end to end encryption |
| topic | end-to-end encryption (E2EE) packet inspection integrity malware detection security confidentiality |
| url | https://www.mdpi.com/2079-9292/9/11/1937 |
| work_keys_str_mv | AT soyeonkim fastpacketinspectionforendtoendencryption AT sunwooyun fastpacketinspectionforendtoendencryption AT eunyounglee fastpacketinspectionforendtoendencryption AT sohyeonbae fastpacketinspectionforendtoendencryption AT ilgulee fastpacketinspectionforendtoendencryption |