NetInfoMiner: High-level information extraction from network traffic

Ahmad Amro; Sultan Almuhammadi; Sami Zhioua

doi:10.1109/BIGCOMP.2017.7881730

NetInfoMiner: High-level information extraction from network traffic

Ahmad Amro, Sultan Almuhammadi, Sami Zhioua

King Fahd University of Petroleum & Minerals

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

4 Scopus citations

Abstract

Due to the rapid increase of the Internet traffic encryption HTTPS, and the newly adopted protocols HTTP2 and SPDY, the need for a comprehensive high-level information extraction tool that supports the new protocols becomes essential for critical applications such as digital and network forensic and web penetration testing. In spite of the availability of big data from the Internet traffic, current network data mining tools do not support encrypted network traffic and the new protocols. This paper proposes a new tool for extracting high-level information such as visited links, user credentials and session cookies from HTTP and HTTPS protocols. It also allows extraction of user credentials and session cookies from HTTP2 and SPDY.

Original language	English
Title of host publication	2017 IEEE International Conference on Big Data and Smart Computing, BigComp 2017
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	143-150
Number of pages	8
ISBN (Electronic)	9781509030156
DOIs	https://doi.org/10.1109/BIGCOMP.2017.7881730
State	Published - 17 Mar 2017

Publication series

Name	2017 IEEE International Conference on Big Data and Smart Computing, BigComp 2017

Bibliographical note

Publisher Copyright:
© 2017 IEEE.

Keywords

Big data
HTTP
HTTP2
HTTPS
SPDY
data mining
traffic analysis

ASJC Scopus subject areas

Information Systems
Artificial Intelligence
Computer Science Applications
Computer Vision and Pattern Recognition

Access to Document

10.1109/BIGCOMP.2017.7881730

Cite this

Amro, A., Almuhammadi, S., & Zhioua, S. (2017). NetInfoMiner: High-level information extraction from network traffic. In 2017 IEEE International Conference on Big Data and Smart Computing, BigComp 2017 (pp. 143-150). Article 7881730 (2017 IEEE International Conference on Big Data and Smart Computing, BigComp 2017). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/BIGCOMP.2017.7881730

@inproceedings{76f8e3122c94427692a01aa6e7f7577b,

title = "NetInfoMiner: High-level information extraction from network traffic",

abstract = "Due to the rapid increase of the Internet traffic encryption HTTPS, and the newly adopted protocols HTTP2 and SPDY, the need for a comprehensive high-level information extraction tool that supports the new protocols becomes essential for critical applications such as digital and network forensic and web penetration testing. In spite of the availability of big data from the Internet traffic, current network data mining tools do not support encrypted network traffic and the new protocols. This paper proposes a new tool for extracting high-level information such as visited links, user credentials and session cookies from HTTP and HTTPS protocols. It also allows extraction of user credentials and session cookies from HTTP2 and SPDY.",

keywords = "Big data, HTTP, HTTP2, HTTPS, SPDY, data mining, traffic analysis",

author = "Ahmad Amro and Sultan Almuhammadi and Sami Zhioua",

note = "Publisher Copyright: {\textcopyright} 2017 IEEE.",

year = "2017",

month = mar,

day = "17",

doi = "10.1109/BIGCOMP.2017.7881730",

language = "English",

series = "2017 IEEE International Conference on Big Data and Smart Computing, BigComp 2017",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "143--150",

booktitle = "2017 IEEE International Conference on Big Data and Smart Computing, BigComp 2017",

address = "United States",

}

Amro, A, Almuhammadi, S & Zhioua, S 2017, NetInfoMiner: High-level information extraction from network traffic. in 2017 IEEE International Conference on Big Data and Smart Computing, BigComp 2017., 7881730, 2017 IEEE International Conference on Big Data and Smart Computing, BigComp 2017, Institute of Electrical and Electronics Engineers Inc., pp. 143-150. https://doi.org/10.1109/BIGCOMP.2017.7881730

NetInfoMiner: High-level information extraction from network traffic. / Amro, Ahmad; Almuhammadi, Sultan; Zhioua, Sami.
2017 IEEE International Conference on Big Data and Smart Computing, BigComp 2017. Institute of Electrical and Electronics Engineers Inc., 2017. p. 143-150 7881730 (2017 IEEE International Conference on Big Data and Smart Computing, BigComp 2017).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - NetInfoMiner

T2 - High-level information extraction from network traffic

AU - Amro, Ahmad

AU - Almuhammadi, Sultan

AU - Zhioua, Sami

PY - 2017/3/17

Y1 - 2017/3/17

N2 - Due to the rapid increase of the Internet traffic encryption HTTPS, and the newly adopted protocols HTTP2 and SPDY, the need for a comprehensive high-level information extraction tool that supports the new protocols becomes essential for critical applications such as digital and network forensic and web penetration testing. In spite of the availability of big data from the Internet traffic, current network data mining tools do not support encrypted network traffic and the new protocols. This paper proposes a new tool for extracting high-level information such as visited links, user credentials and session cookies from HTTP and HTTPS protocols. It also allows extraction of user credentials and session cookies from HTTP2 and SPDY.

AB - Due to the rapid increase of the Internet traffic encryption HTTPS, and the newly adopted protocols HTTP2 and SPDY, the need for a comprehensive high-level information extraction tool that supports the new protocols becomes essential for critical applications such as digital and network forensic and web penetration testing. In spite of the availability of big data from the Internet traffic, current network data mining tools do not support encrypted network traffic and the new protocols. This paper proposes a new tool for extracting high-level information such as visited links, user credentials and session cookies from HTTP and HTTPS protocols. It also allows extraction of user credentials and session cookies from HTTP2 and SPDY.

KW - Big data

KW - HTTP

KW - HTTP2

KW - HTTPS

KW - SPDY

KW - data mining

KW - traffic analysis

UR - https://www.scopus.com/pages/publications/85017572833

U2 - 10.1109/BIGCOMP.2017.7881730

DO - 10.1109/BIGCOMP.2017.7881730

M3 - Conference contribution

AN - SCOPUS:85017572833

T3 - 2017 IEEE International Conference on Big Data and Smart Computing, BigComp 2017

SP - 143

EP - 150

BT - 2017 IEEE International Conference on Big Data and Smart Computing, BigComp 2017

PB - Institute of Electrical and Electronics Engineers Inc.

ER -

Amro A, Almuhammadi S, Zhioua S. NetInfoMiner: High-level information extraction from network traffic. In 2017 IEEE International Conference on Big Data and Smart Computing, BigComp 2017. Institute of Electrical and Electronics Engineers Inc. 2017. p. 143-150. 7881730. (2017 IEEE International Conference on Big Data and Smart Computing, BigComp 2017). doi: 10.1109/BIGCOMP.2017.7881730

NetInfoMiner: High-level information extraction from network traffic

Abstract

Publication series

Bibliographical note

Keywords

ASJC Scopus subject areas

Access to Document

Fingerprint

Cite this