Title :
Taking a Peek at Bandwidth Usage on Encrypted Links
Author :
Dusi, Maurizio ; Este, Alice ; Gringoli, Francesco ; Salgarelli, Luca
Author_Institution :
Univ. degli Studi di Brescia, Brescia, Italy
Abstract :
In this paper we describe a practical yet effective technique to monitor the amount of bytes that several classes of protocols, such as peer-to-peer, e-mail, etc., transmit over encrypted virtual links, such as IPSec tunnels. The experiments described in this paper demonstrate that our regression-tree-based bandwidth estimator is effective enough to create usage models inherently robust to changes in path, number of users and type of protocols multiplexed over the encrypted link. In other words, our experimental results indicate that training data obtained from a test IPSec tunnel can be successfully used to monitor bandwidth usage on other encrypted tunnels where only the ciphertext is available.
Keywords :
IP networks; bandwidth allocation; computer network security; cryptographic protocols; regression analysis; trees (mathematics); IPSec tunnels; bandwidth usage; ciphertext; e-mail; encrypted links; encrypted tunnels; encrypted virtual links; peer-to-peer; protocols; regression-tree-based bandwidth estimator; training data; usage models; Accuracy; Bandwidth; Cryptography; Monitoring; Regression tree analysis; Robustness; Training;
Conference_Titel :
Communications (ICC), 2011 IEEE International Conference on
Conference_Location :
Kyoto
Print_ISBN :
978-1-61284-232-5
Electronic_ISBN :
1550-3607
DOI :
10.1109/icc.2011.5963290
