Fingerprinting Encrypted Tunnel Endpoints
| dc.contributor.advisor | Kourie, Derrick G. | en |
| dc.contributor.advisor | Eloff, Jan H.P. | en |
| dc.contributor.email | vafa@cs.up.ac.za | en |
| dc.contributor.postgraduate | Izadinia, Vafa Dario | en |
| dc.date.accessioned | 2013-09-06T20:54:21Z | |
| dc.date.available | 2005-06-09 | en |
| dc.date.available | 2013-09-06T20:54:21Z | |
| dc.date.created | 2005-02-21 | en |
| dc.date.issued | 2005 | en |
| dc.date.submitted | 2005-06-09 | en |
| dc.description | Dissertation (MSc (Computer Science))--University of Pretoria, 2005. | en |
| dc.description.abstract | Operating System fingerprinting is a reconnaissance method used by Whitehats and Blackhats alike. Current techniques for fingerprinting do not take into account tunneling protocols, such as IPSec, SSL/TLS, and SSH, which effectively `wrap` network traffic in a ciphertext mantle, thus potentially rendering passive monitoring ineffectual. Whether encryption makes VPN tunnel endpoints immune to fingerprinting, or yields the encrypted contents of the VPN tunnel entirely indistinguishable, is a topic that has received modest coverage in academic literature. This study addresses these question by targeting two tunnelling protocols: IPSec and SSL/TLS. A new fingerprinting methodology is presented, several fingerprinting discriminants are identified, and test results are set forth, showing that endpoint identities can be uncovered, and that some of the contents of encrypted VPN tunnels can in fact be discerned. | en |
| dc.description.availability | unrestricted | en |
| dc.description.department | Computer Science | en |
| dc.identifier.citation | Izadinia, V 2005, Fingerprinting Encrypted Tunnel Endpoints, MSc dissertation, University of Pretoria, Pretoria, viewed yymmdd < http://hdl.handle.net/2263/25351 > | en |
| dc.identifier.upetdurl | http://upetd.up.ac.za/thesis/available/etd-06092005-093203/ | en |
| dc.identifier.uri | http://hdl.handle.net/2263/25351 | |
| dc.language.iso | en | |
| dc.publisher | University of Pretoria | en_ZA |
| dc.rights | © 2005, University of Pretoria. All rights reserved. The copyright in this work vests in the University of Pretoria. No part of this work may be reproduced or transmitted in any form or by any means, without the prior written permission of the University of Pretoria. | en |
| dc.subject | Fingerprinting | en |
| dc.subject | Network forensics | en |
| dc.subject | Protocol analysis | en |
| dc.subject | Ipsec | en |
| dc.subject | Ike | en |
| dc.subject | UCTD | en_US |
| dc.title | Fingerprinting Encrypted Tunnel Endpoints | en |
| dc.type | Dissertation | en |
Files
Original bundle
1 - 1 of 1