{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,23]],"date-time":"2024-09-23T03:56:48Z","timestamp":1727063808534},"reference-count":39,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2016,2,26]],"date-time":"2016-02-26T00:00:00Z","timestamp":1456444800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["EURASIP J. on Info. Security"],"published-print":{"date-parts":[[2016,12]]},"DOI":"10.1186\/s13635-016-0030-7","type":"journal-article","created":{"date-parts":[[2016,2,26]],"date-time":"2016-02-26T05:24:01Z","timestamp":1456464241000},"update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":61,"title":["HTTPS traffic analysis and client identification using passive SSL\/TLS fingerprinting"],"prefix":"10.1186","volume":"2016","author":[{"given":"Martin","family":"Hus\u00e1k","sequence":"first","affiliation":[]},{"given":"Milan","family":"\u010cerm\u00e1k","sequence":"additional","affiliation":[]},{"given":"Tom\u00e1\u0161","family":"Jirs\u00edk","sequence":"additional","affiliation":[]},{"given":"Pavel","family":"\u010celeda","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2016,2,26]]},"reference":[{"key":"30_CR1","unstructured":"B M\u00f6ller, T Duong, K Kotowicz, This POODLE bites: exploiting the SSL 3.0 fallback. PDF online. (2014). https:\/\/poodlebleed.com\/ssl-poodle.pdf . Accessed 12 Jan 2015."},{"issue":"5","key":"30_CR2","doi-asserted-by":"publisher","first-page":"355","DOI":"10.1002\/nem.1901","volume":"25","author":"P Velan","year":"2015","unstructured":"P Velan, M \u010cerm\u00e1k, P \u010celeda, M Dra\u0161ar, A survey of methods for encrypted traffic classification and analysis. Int J Netw Manag. 25(5), 355\u2013374 (2015).","journal-title":"Int J Netw Manag"},{"key":"30_CR3","unstructured":"T Bujlow, V Carela-Espa\u00f1ol, J Sol\u00e9-Pareta, P Barlet-Ros, Web tracking: mechanisms, implications, and defenses. CoRR. abs\/1507.07872: (2015). http:\/\/arxiv.org\/abs\/1507.07872 ."},{"key":"30_CR4","unstructured":"I Zeifman, Was that really a Google bot crawling my site? (2012). https:\/\/www.incapsula.com\/blog\/was-that-really-a-google-bot-crawling-my-site.html . Accessed 15 October 2015."},{"key":"30_CR5","doi-asserted-by":"publisher","first-page":"111","DOI":"10.1109\/SPW.2013.12","volume-title":"Security and Privacy Workshops (SPW), 2013 IEEE","author":"E Raftopoulos","year":"2013","unstructured":"E Raftopoulos, X Dimitropoulos, in Security and Privacy Workshops (SPW), 2013 IEEE. Understanding network forensics analysis in an operational environment (IEEENew York, 2013), pp. 111\u2013118."},{"issue":"2","key":"30_CR6","doi-asserted-by":"publisher","first-page":"113","DOI":"10.1109\/TDSC.2008.35","volume":"7","author":"P Wang","year":"2010","unstructured":"P Wang, S Sparks, CC Zou, An advanced hybrid peer-to-peer botnet. IEEE Trans Dependable Secure Comput. 7(2), 113\u2013127 (2010).","journal-title":"IEEE Trans Dependable Secure Comput"},{"key":"30_CR7","unstructured":"T Dierks, E Rescorla, The Transport Layer Security (TLS) Protocol Version 1.2. IETF. Updated by RFCs 5746, 5878, 6176 (2008). http:\/\/www.ietf.org\/rfc\/rfc5246.txt ."},{"key":"30_CR8","unstructured":"A Freier, P Karlton, P Kocher, The Secure Sockets Layer (SSL) Protocol Version 3.0. IETF (2011). http:\/\/www.ietf.org\/rfc\/rfc6101.txt ."},{"key":"30_CR9","unstructured":"E Rescorla, HTTP Over TLS. IETF. Updated by RFCs 5785, 7230 (2000). http:\/\/www.ietf.org\/rfc\/rfc2818.txt ."},{"key":"30_CR10","unstructured":"IANA \u2013 Internet Assigned Numbers Authority, protocol registries (2014). Web page. http:\/\/www.iana.org\/protocols . Accessed 28 Jan 2015."},{"key":"30_CR11","unstructured":"P Yee, Updates to the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. IETF (2013). http:\/\/www.ietf.org\/rfc\/rfc6818.txt ."},{"key":"30_CR12","unstructured":"C Meyer, 20 Years of SSL\/TLS Research: An analysis of the Internet\u2019s security foundation. PhD thesis (2014). http:\/\/www-brs.ub.ruhr-uni-bochum.de\/netahtml\/HSS\/Diss\/MeyerChristopher\/diss.pdf . Accessed 15 Jan 2015."},{"key":"30_CR13","doi-asserted-by":"publisher","first-page":"11","DOI":"10.1145\/2420950.2420953","volume-title":"Proceedings of the 28th Annual Computer Security Applications Conference. ACSAC \u201912","author":"O Levillain","year":"2012","unstructured":"O Levillain, A \u00c9balard, B Morin, H Debar, in Proceedings of the 28th Annual Computer Security Applications Conference. ACSAC \u201912. One year of SSL Internet measurement (ACMNew York, NY, USA, 2012), pp. 11\u201320."},{"key":"30_CR14","doi-asserted-by":"publisher","first-page":"427","DOI":"10.1145\/2068816.2068856","volume-title":"Proceedings of the 2011 ACM SIGCOMM Conference on Internet Measurement Conference. IMC \u201911","author":"R Holz","year":"2011","unstructured":"R Holz, L Braun, N Kammenhuber, G Carle, in Proceedings of the 2011 ACM SIGCOMM Conference on Internet Measurement Conference. IMC \u201911. The SSL landscape: a thorough analysis of the x.509 PKI using active and passive measurements (ACMNew York, NY, USA, 2011), pp. 427\u2013444."},{"key":"30_CR15","doi-asserted-by":"publisher","first-page":"291","DOI":"10.1145\/2504730.2504755","volume-title":"Proceedings of the 2013 Conference on Internet Measurement Conference. IMC \u201913","author":"Z Durumeric","year":"2013","unstructured":"Z Durumeric, J Kasten, M Bailey, JA Halderman, in Proceedings of the 2013 Conference on Internet Measurement Conference. IMC \u201913. Analysis of the HTTPS Certificate Ecosystem (ACMNew York, NY, USA, 2013), pp. 291\u2013304."},{"key":"30_CR16","unstructured":"Qualys SSL Lab, HTTP client fingerprinting using SSL handshake analysis (2014). Web page: https:\/\/www.ssllabs.com\/projects\/client-fingerprinting\/ . Accessed 23 Jan 2015."},{"key":"30_CR17","unstructured":"Ristic, I\u0301, Passive SSL client fingerprinting using handshake analysis (2014). https:\/\/github.com\/ssllabs\/sslhaf . Accessed 30 Jan 2015."},{"key":"30_CR18","unstructured":"JB Ullrich, Browser fingerprinting via SSL Client Hello messages (2014). https:\/\/isc.sans.edu\/forums\/diary\/Browser+Fingerprinting+via+SSL+Client+Hello+Messages\/17210 . Accessed 15 Sept 2015."},{"key":"30_CR19","unstructured":"M Majkowski, SSL fingerprinting for p0f (2012). Web page: https:\/\/idea.popcount.org\/2012-06-17-ssl-fingerprinting-for-p0f . Accessed 28 Jan 2015."},{"key":"30_CR20","doi-asserted-by":"publisher","first-page":"165","DOI":"10.1007\/978-3-540-71617-4_17","volume-title":"Passive and Active Network Measurement","author":"L Bernaille","year":"2007","unstructured":"L Bernaille, R Teixeira, in Passive and Active Network Measurement, ed. by S Uhlig, K Papagiannaki, and O Bonaventure. Early recognition of encrypted applications. Lecture notes in computer science, vol. 4427 (SpringerHeidelberg, 2007), pp. 165\u2013175."},{"key":"30_CR21","doi-asserted-by":"crossref","first-page":"70","DOI":"10.1007\/978-3-319-13488-8_7","volume-title":"Advances in Communication Networking","author":"T Jirs\u00edk","year":"2014","unstructured":"T Jirs\u00edk, P \u010celeda, in Advances in Communication Networking, ed. by Y Kermarrec. Identifying operating system using flow-based traffic fingerprinting. Lecture notes in computer science, vol. 8846 (SpringerCham, 2014), pp. 70\u201373."},{"key":"30_CR22","doi-asserted-by":"publisher","first-page":"243","DOI":"10.1109\/AINA.2013.119","volume-title":"Advanced Information Networking and Applications (AINA), 2013 IEEE 27th International Conference On","author":"T Matsunaka","year":"2013","unstructured":"T Matsunaka, A Yamada, A Kubota, in Advanced Information Networking and Applications (AINA), 2013 IEEE 27th International Conference On. Passive OS fingerprinting by DNS traffic analysis (IEEENew York, 2013), pp. 243\u2013250."},{"key":"30_CR23","unstructured":"M Zalewski, p0f v3 (2014). http:\/\/lcamtuf.coredump.cx\/p0f3\/ . Accessed 25 Jan 2015."},{"key":"30_CR24","doi-asserted-by":"publisher","first-page":"211","DOI":"10.1109\/SP.2005.18","volume-title":"2005 IEEE Symposium On Security and Privacy","author":"T Kohno","year":"2005","unstructured":"T Kohno, A Broido, K Claffy, in 2005 IEEE Symposium On Security and Privacy. Remote physical device fingerprinting (IEEENew York, 2005), pp. 211\u2013225."},{"key":"30_CR25","doi-asserted-by":"publisher","first-page":"186","DOI":"10.1007\/978-3-540-71617-4_19","volume-title":"Passive and Active Network Measurement","author":"T Karagiannis","year":"2007","unstructured":"T Karagiannis, K Papagiannaki, N Taft, M Faloutsos, in Passive and Active Network Measurement, ed. by S Uhlig, K Papagiannaki, and O Bonaventure. Profiling the end host. Lecture notes in computer Science, vol. 4427 (SpringerBerlin, Heidelberg, 2007), pp. 186\u2013196."},{"key":"30_CR26","doi-asserted-by":"publisher","first-page":"372","DOI":"10.1007\/978-3-540-87403-4_20","volume-title":"Recent Advances in Intrusion Detection","author":"HJ Abdelnur","year":"2008","unstructured":"HJ Abdelnur, R State, O Festor, in Recent Advances in Intrusion Detection, ed. by R Lippmann, E Kirda, and A Trachtenberg. Advanced network fingerprinting. Lecture notes in computer Science, vol. 5230 (SpringerBerlin, Heidelberg, 2008), pp. 372\u2013389."},{"key":"30_CR27","doi-asserted-by":"publisher","first-page":"255","DOI":"10.1109\/ARES.2013.33","volume-title":"Availability, Reliability and Security (ARES), 2013 Eighth International Conference On","author":"T Unger","year":"2013","unstructured":"T Unger, M Mulazzani, D Fruhwirt, M Huber, S Schrittwieser, E Weippl, in Availability, Reliability and Security (ARES), 2013 Eighth International Conference On. SHPF: Enhancing HTTP(S) session security with browser fingerprinting (IEEENew York, 2013), pp. 255\u2013261."},{"key":"30_CR28","unstructured":"M Mulazzani, P Reschl, M Huber, M Leithner, S Schrittwieser, E Weippl, in Web 2.0 Workshop on Security and Privacy (W2SP). Fast and reliable browser identification with JavaScript engine fingerprinting, (2013). http:\/\/w2spconf.com\/2013\/papers\/s2p1.pdf . Accessed 19 October 2015."},{"key":"30_CR29","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-14527-8_1","volume-title":"Proceedings of the 10th International Conference on Privacy Enhancing Technologies","author":"P Eckersley","year":"2010","unstructured":"P Eckersley, in Proceedings of the 10th International Conference on Privacy Enhancing Technologies. How unique is your web browser? PETS\u201910 (SpringerBerlin, Heidelberg, 2010), pp. 1\u201318."},{"key":"30_CR30","unstructured":"Proxy, 4Free.com, Free proxy servers\u2014protect your online privacy with our proxy list (2015). Web page http:\/\/www.proxy4free.com\/ . Accessed 19 October 2015."},{"key":"30_CR31","first-page":"21","volume-title":"Proceedings of the 13th Conference on USENIX Security Symposium - Volume 13","author":"R Dingledine","year":"2004","unstructured":"R Dingledine, N Mathewson, P Syverson, in Proceedings of the 13th Conference on USENIX Security Symposium - Volume 13. TOR: the second-generation onion router. SSYM\u201904 (USENIX AssociationBerkeley, CA, USA, 2004), pp. 21\u201321."},{"key":"30_CR32","doi-asserted-by":"publisher","first-page":"132","DOI":"10.1109\/SPW.2014.28","volume-title":"Security and Privacy Workshops (SPW), 2014 IEEE","author":"Y Gokcen","year":"2014","unstructured":"Y Gokcen, VA Foroushani, A Heywood, in Security and Privacy Workshops (SPW), 2014 IEEE. Can we identify NAT behavior by analyzing Traffic flows? (IEEENew York, 2014), pp. 132\u2013139."},{"key":"30_CR33","doi-asserted-by":"publisher","first-page":"23","DOI":"10.1145\/1658997.1659010","volume-title":"Proceedings of the 5th International Student Workshop on Emerging Networking Experiments and Technologies","author":"V Krm\u00ed\u010dek","year":"2009","unstructured":"V Krm\u00ed\u010dek, J Vykopal, Krej\u010di, R\u0301, in Proceedings of the 5th International Student Workshop on Emerging Networking Experiments and Technologies. Netflow based system for NAT detection. Co-Next Student Workshop \u201909 (ACMNew York, NY, USA, 2009), pp. 23\u201324."},{"issue":"4","key":"30_CR34","doi-asserted-by":"publisher","first-page":"2037","DOI":"10.1109\/COMST.2014.2321898","volume":"16","author":"R Hofstede","year":"2014","unstructured":"R Hofstede, P \u010celeda, B Trammell, I Drago, R Sadre, A Sperotto, A Pras, Flow monitoring explained: from packet capture to data analysis with NetFlow and IPFIX. IEEE Commun Surv Tutorials. 16(4), 2037\u20132064 (2014).","journal-title":"IEEE Commun Surv Tutorials"},{"key":"30_CR35","doi-asserted-by":"publisher","first-page":"136","DOI":"10.1007\/978-3-642-40552-5_13","volume-title":"Advances in Communication Networking","author":"P Velan","year":"2013","unstructured":"P Velan, T Jirs\u00edk, P \u010celeda, in Advances in Communication Networking, ed. by T Bauschert. Design and evaluation of HTTP protocol parsers for IPFIX measurement. vol. 8115 (SpringerHeidelberg, 2013), pp. 136\u2013147."},{"key":"30_CR36","unstructured":"cURL Contributors, cURL - command line tool and library for transferring data with URL syntax (2015). http:\/\/curl.haxx.se\/ . Accessed 25 Jan 2015."},{"key":"30_CR37","unstructured":"O Alders, HTTP::BrowserDetect (2015). https:\/\/github.com\/oalders\/http-browserdetect . Accessed 15 Sept 2015."},{"key":"30_CR38","unstructured":"StatCounter, StatCounter Global Stats (2015). http:\/\/gs.statcounter.com\/%23all-browser-ww-monthly-201506-201506-map . Accessed 01 October 2015."},{"key":"30_CR39","unstructured":"A Cortesi, mitmproxy (2014). https:\/\/mitmproxy.org\/ . Accessed 15 Sept 2015."}],"container-title":["EURASIP Journal on Information Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1186\/s13635-016-0030-7.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1186\/s13635-016-0030-7\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1186\/s13635-016-0030-7","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1186\/s13635-016-0030-7.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,9,4]],"date-time":"2019-09-04T21:14:56Z","timestamp":1567631696000},"score":1,"resource":{"primary":{"URL":"https:\/\/jis-eurasipjournals.springeropen.com\/articles\/10.1186\/s13635-016-0030-7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016,2,26]]},"references-count":39,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2016,12]]}},"alternative-id":["30"],"URL":"https:\/\/doi.org\/10.1186\/s13635-016-0030-7","relation":{},"ISSN":["1687-417X"],"issn-type":[{"value":"1687-417X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2016,2,26]]},"article-number":"6"}}  <script>parent.window.postMessage('ixistenz.url:https://api.crossref.org/works/10.1186%2FS13635-016-0030-7', '*'); </script> <div id='browserdiffcontainer' style='position: fixed; right: 10px; top: 10vh; min-width: 60px;  border: 1px solid white; background: rgb(251, 189, 0);; opacity: 0.9; font-family: helvetica, arial, sans serif;  font-size: 12px; z-index: 20001; padding-bottom: 20px;'><div onclick="toggle('browserdiffcontainerlist'); return false;" style='background: rgb(151, 89, 0);; color: white; '><strong>&nbsp; <span class='glyphicon glyphicon-minus'></span> NODES</strong></div><div id='browserdiffcontainerlist' style='padding-left: 10px; padding-right: 5px; max-height: 50vh; overflow: auto; '><div><a href='#diffid883' style='color: white;' onClick="parent.window.postMessage('ixistenz.opendiff:883', '*');; return false;" style='text-decoration: none; '>Association </a> <a style='color: white;' href='#diffid883'><sup>1</sup></a></div><div><a href='#diffid884' style='color: white;' onClick="parent.window.postMessage('ixistenz.opendiff:884', '*');; return false;" style='text-decoration: none; '>Idea </a> <a style='color: white;' href='#diffid884'><sup>1</sup></a></div><div><a href='#diffid119' style='color: white;' onClick="parent.window.postMessage('ixistenz.opendiff:119', '*');; return false;" style='text-decoration: none; '>idea </a> <a style='color: white;' href='#diffid119'><sup>1</sup></a></div><div><a href='#diffid123' style='color: white;' onClick="parent.window.postMessage('ixistenz.opendiff:123', '*');; return false;" style='text-decoration: none; '>INTERN </a> <a style='color: white;' href='#diffid123'><sup>16</sup></a></div><div><a href='#diffid878' style='color: white;' onClick="parent.window.postMessage('ixistenz.opendiff:878', '*');; return false;" style='text-decoration: none; '>Note </a> <a style='color: white;' href='#diffid878'><sup>4</sup></a></div><div><a href='#diffid115' style='color: white;' onClick="parent.window.postMessage('ixistenz.opendiff:115', '*');; return false;" style='text-decoration: none; '>Project </a> <a style='color: white;' href='#diffid115'><sup>1</sup></a></div></div></div>
<script>
function toggle( divname ) {
  var x = document.getElementById( divname );
  if (x.style.display === 'none') {
    x.style.display = 'block';
  } else {
    x.style.display = 'none';
  }
} </script>