EVE : (a) secure middlebox framework for enabling visibility over encrypted traffic암호화된 트래픽에서 안전하게 동작하는 미들박스

Cited 0 time in webofscience Cited 0 time in scopus
  • Hit : 433
  • Download : 0
Network middleboxes provide the first line of defense for enterprise networks by offering many security features. These middleboxes typically inspect packet payload to filter malicious content and attack patterns.However, the widespread use of end-to-end cryptographic protocols, such as SSL and TLS, designed to promote security and privacy, inhibits the functionalities of network middleboxes that perform deep-packet-inspection. This paper addresses the problem by introducing a secure framework for enabling visibility over encrypted traffic that makes use of software and hardware technologies. We introduce EVE, a secure middlebox system that is fully functional in the presence of nested encryption protocols, such TLS and OpenVPN. EVE securely processes encrypted traffic, including decryption and deep packet inspection, in a secure container by leveraging the Intel SGX technology. The security components of EVE ensure that security-sensitive data is not visible adversaries outside the secure container. For middlebox developers, EVE provides secure high-level APIs based on the RUST language to enhance the programmability. The high-level APIs of EVE significantly lowers the barrier to entry for developing a secure middlebox by hiding the details of cryptographic operations, enclave processing, TCP reassembly, and out-of-band key-sharing. To demonstrate its utility and practicality, we implement an intrusion detection system that performs deep packet inspection on SSL/TLS encrypted traffic in a number of different environments.Our evaluation result shows that EVE has reasonable performance overhead for the real network environment.
Advisors
Han, Dongsuresearcher한동수researcher
Description
한국과학기술원 :전기및전자공학부,
Publisher
한국과학기술원
Issue Date
2018
Identifier
325007
Language
eng
Description

학위논문(석사) - 한국과학기술원 : 전기및전자공학부, 2018.2,[iv, 26 p. :]

Keywords

Middlebox▼aSecurity and privacy▼aDeep Packet Inspection; 미들박스▼a보안 및 개인 정보▼a심층 패킷 분석

URI
http://hdl.handle.net/10203/266982
Link
http://library.kaist.ac.kr/search/detail/view.do?bibCtrlNo=734067&flag=dissertation
Appears in Collection
EE-Theses_Master(석사논문)
Files in This Item
There are no files associated with this item.

qr_code

  • mendeley

    citeulike


rss_1.0 rss_2.0 atom_1.0