GGrantIndex
← Search

NeTS: Small: Collaborative Research:Practical HTTPS Traffic Manipulation At Middleboxes

$208,978FY2016CSENSF

Indiana University, Bloomington IN

Investigators

Abstract

Use of encrypted Web traffic is growing at an unprecedented rate. While enhancing user privacy, the Secure Hypertext Transfer Protocol (HTTPS) makes it difficult for middleboxes that are commonly used by Internet service providers and mobile carriers to operate, because numerous beneficial middlebox functions (e.g., caching, web page optimization) rely on accessing the unencrypted traffic content. To overcome this challenge, this project develops a system aiming for a practical, ready-to-deploy solution that allows middleboxes to selectively inspect and manipulate HTTPS traffic while still respect the privacy requirements of users. This research will lead to new and continuous innovations in network services that are hard or impossible to achieve today. The system has two prominent features. First, it is only deployed at client hosts as an operating system (OS) service, as well as on middleboxes. In addition to being transparent to applications, it does not change the encryption protocol or anything on the server side. Therefore, the system can be easily deployed by, for example, regular OS update pushed by mobile carriers. Second, the system allows clients to control what information the middlebox can access. Doing so provides least privileges to middleboxes for performing their functions. In addition, the proposed system is easy to use, secure, and incurs low overhead. Developing these technologies will facilitate our understanding of the possible design space to allow coordinated, secure, and efficient manipulation of HTTPS traffic, ultimately leading to improved Internet user experience and privacy. The PIs will incorporate knowledge and results developed in this project into both undergraduate and graduate courses in networking, mobile computing and network security.

View original record on NSF Award Search →