Selective HTTPS traffic manipulation at middleboxes for BYOD devices

Xing Liu, Feng Qian, Zhiyun Qian

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

HTTPS has become a vital component of the WWW ecosystem. However, today's application-layer middleboxes in the cloud are largely 'blind' to HTTPS traffic. We propose a novel system infrastructural solution, called CloudEye, that allows middleboxes to selectively manipulate HTTPS traffic. A key design philosophy of CloudEye is to hide all the complexity from client and server applications (thus being transparent to them) and to have middlebox-related functions managed by a dedicated OS service. CloudEye provides control of what information the middlebox can access through new techniques such as HTTPS tags and shadow connections, without changing the TLS/SSL or HTTP protocol. CloudEye is secure and easy to use. We implemented its prototype on Linux/Android, and demonstrated its low overhead and rich use cases on off-the-shelf mobile devices and cloud servers.

Original languageEnglish (US)
Title of host publication2017 IEEE 25th International Conference on Network Protocols, ICNP 2017
PublisherIEEE Computer Society
ISBN (Electronic)9781509065011
DOIs
StatePublished - Nov 21 2017
Externally publishedYes
Event25th IEEE International Conference on Network Protocols, ICNP 2017 - Toronto, Canada
Duration: Oct 10 2017Oct 13 2017

Publication series

NameProceedings - International Conference on Network Protocols, ICNP
Volume2017-October
ISSN (Print)1092-1648

Other

Other25th IEEE International Conference on Network Protocols, ICNP 2017
CountryCanada
CityToronto
Period10/10/1710/13/17

Fingerprint Dive into the research topics of 'Selective HTTPS traffic manipulation at middleboxes for BYOD devices'. Together they form a unique fingerprint.

Cite this