BlindBox: Deep Packet Inspection over Encrypted Traffic

Many network middleboxes perform Deep Packet Inspection (DPI), a set of useful tasks which examine packet payloads. These tasks include Intrusion Detection System (IDS), exfiltration detection and parental filtering. However, a long-standing issue is that once packets are sent over HTTPS, middleboxes can no longer accomplish their tasks because the payloads are encrypted. Hence, one is faced with the choice of only one of two desirable properties: the functionality of middleboxes and the privacy of encryption. The authors propose BlindBox, the first system that simultaneously provides both of these properties.

Subscribe to the Cybersecurity Insider Newsletter

Strengthen your organization's IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday

Subscribe to the Cybersecurity Insider Newsletter

Strengthen your organization's IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday

Resource Details

Provided by:
Association for Computing Machinery
Topic:
Security
Format:
PDF