Cyber Attack Detection with Encrypted Network Connection Analysis
| dc.authorscopusid | 57201743399 | |
| dc.authorscopusid | 57203142239 | |
| dc.authorscopusid | 6504413319 | |
| dc.authorscopusid | 57447588400 | |
| dc.authorscopusid | 56469924100 | |
| dc.contributor.author | Gonen, Serkan | |
| dc.contributor.author | Karacayilmaz, Gokce | |
| dc.contributor.author | Artuner, Harun | |
| dc.contributor.author | Bariskan, Mehmet Ali | |
| dc.contributor.author | Yilmaz, Ercan Nurcan | |
| dc.date.accessioned | 2024-09-11T19:58:24Z | |
| dc.date.available | 2024-09-11T19:58:24Z | |
| dc.date.issued | 2024 | |
| dc.department | İstanbul Gelişim Üniversitesi | en_US |
| dc.description | 12th International Symposium on Intelligent Manufacturing and Service Systems, IMSS 2023 -- 26 May 2023 through 28 May 2023 -- Istanbul -- 302369 | en_US |
| dc.description.abstract | The evolution of science and technology has led to increasingly complex cyber security threats, with advanced evasion techniques and encrypted communication channels making attacks harder to detect. While encryption has improved privacy and confidentiality for users, it has also provided a new avenue for attackers to exploit. Traditional intrusion detection systems, which transitioned from signature-based to behavior-based approaches, have struggled to keep up with these challenges. To address this issue, researchers have turned to continuous system monitoring and network traffic packet analysis. However, this method can be resource-intensive and time-consuming, particularly when analyzing encrypted packets. In this study, the JA3 fingerprint infrastructure was examined as a potential solution for quickly detecting attacks conducted over encrypted sessions while minimizing system downtime and damage. The results demonstrated that the JA3 infrastructure effectively detected attacks carried out via encrypted channels. Although Windows 10 and Kali 2020.4 operating systems were used as the victim and attacker systems respectively, the methodology can be applied to other operating systems and network hardware by following the outlined steps. This research is expected to make a significant contribution to the field of encryption-based attack prevention. © 2024, The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. | en_US |
| dc.identifier.doi | 10.1007/978-981-99-6062-0_57 | |
| dc.identifier.endpage | 629 | en_US |
| dc.identifier.isbn | 978-981996061-3 | en_US |
| dc.identifier.issn | 2195-4356 | en_US |
| dc.identifier.scopus | 2-s2.0-85174570436 | en_US |
| dc.identifier.scopusquality | Q4 | en_US |
| dc.identifier.startpage | 622 | en_US |
| dc.identifier.uri | https://doi.org/10.1007/978-981-99-6062-0_57 | |
| dc.identifier.uri | https://hdl.handle.net/11363/8463 | |
| dc.indekslendigikaynak | Scopus | en_US |
| dc.language.iso | en | en_US |
| dc.publisher | Springer Science and Business Media Deutschland GmbH | en_US |
| dc.relation.ispartof | Lecture Notes in Mechanical Engineering | en_US |
| dc.relation.publicationcategory | Konferans Öğesi - Uluslararası - Kurum Öğretim Elemanı | en_US |
| dc.rights | info:eu-repo/semantics/closedAccess | en_US |
| dc.snmz | 20240903_G | en_US |
| dc.subject | Continious Monitoring; Cryptography; Cyber Security; Finger Print; JA3; Network; TLS | en_US |
| dc.title | Cyber Attack Detection with Encrypted Network Connection Analysis | en_US |
| dc.type | Conference Object | en_US |
