CERN Computing Seminar

Identifying Application Usage within Encrypted Tunnels

by Brandon Niemczyk (HP TippingPoint DVLabs)

31/S-023 (CERN)



Show room on map

Encryption is the single most used technology to guarantee privacy because it is effective, secure, and easy to use. But what is really hidden? The answer may surprise you. While the privacy invasion aspects of machine learning and data mining have huge awareness in respect to marketing and social media data, the usage of machine learning and it’s effects on current techniques to hide data such as encryption is relatively unexplored in comparison.

Recently we wrote an open-source tool called Pacumen that is used to analyze encrypted traffic and infer information about it without decryption. The type of information it can extract is “what application’s are being used over this tunnel?” and in some cases “what websites are being accessed?”. Essentially it is a framework for answering yes/no questions about network traffic that doesn't require looking at the content of the traffic.

We will discuss the various security aspects of what you can expect from encryption, and more importantly what you can not expect.

About the speaker

Brandon Niemczyk was born in Chicago. He has been writing code since he was a child with his first 386 modifying the QBASIC game gorillas.bas. He later moved on to write GIS software in Orlando, FL and then wandered into information security after a brief stint writing accounting software. His interests are machine learning, mathematics, motorcycles, games, reverse engineering, and family. Brandon has previously spoken at multiple conferences on machine learning and information security.

Organised by: Miguel Angel Marquina
Computing Seminars /IT Department

more information
Your browser is out of date!

If you are using Internet Explorer, please use Firefox, Chrome or Edge instead.

Otherwise, please update your browser to the latest version to use Indico without problems.