Chair of Network Architectures and Services Department of Informatics Technical University of Munich TLS Fingerprinting Techniques Zlatina Gancheva advised by Patrick Sattler, Lars Wüstrich Friday 24 th January, 2020 Chair of Network Architectures and Services Department of Informatics Technical University of Munich
Introduction to TLS Fingerprinting Agenda • Introduction • Background • TLS Basics: Deploying TLS • TLS Basics: Establishing a TLS Session, TLS Handshake Protocol • Client and Server Hello Parameters • Creating a TLS Fingerprint • TLS Fingerprinting • Network-based HTTPS Client identification • JA3/JA3S Fingerprinting • Markov Chain Fingerprinting • Discussion • Conclusion Zlatina Gancheva — TLS Fingerprinting Techniques 2
Introduction to TLS Fingerprinting Transport Layer Security Protocol Fingerprinting Why do we need TLS Fingerprinting? • It is passive • It is payload-based • It requires no endpoint agent data • Motivation: It can successfully detect obsolete or malicious software Zlatina Gancheva — TLS Fingerprinting Techniques 3
Introduction to TLS Fingerprinting TLS Fingerprinting Goals TLS Fingerprinting aims to improve traffic analysis by providing [1] • Efficiency - successful identification of clients • Performance - quick to find a match • Flexibility - compatibility with existing technologies Zlatina Gancheva — TLS Fingerprinting Techniques 4
Background: Transport Security Layer Protocol TLS Basics: How does it work What does the Transport Layer Security (TLS) Protocol do? • provides end-to-end security • encrypts information from the Application Layer The TLS Protocol strives to provide the following security capabilities[10, 15]: • Data Integrity • Authentication • Data Confidentiality Zlatina Gancheva — TLS Fingerprinting Techniques 5
Background: Transport Security Layer Protocol TLS Basics: Deploying TLS Placed between the Application and TCP/IP layer • TLS Handshake Protocol [4, 11] is responsible for: • negotiating encryption para- meters • TLS Record Protocol [4, 12] is responsible for: • traffic protection Figure 1: TLS Protocol Structure [16, 10] Zlatina Gancheva — TLS Fingerprinting Techniques 6
Background: Transport Security Layer Protocol TLS Basics: Establishing a TLS Session, TLS Handshake Protocol Figure 2: TLS V 1.3 Handshake Scheme [7] Zlatina Gancheva — TLS Fingerprinting Techniques 7
Background: Transport Security Layer Protocol Client and Server Hello Parameters • Client Hello [7] • Preferred TLS version (TLS 1.0, 1.2, 1.3, etc.) • Client random variable • Session ID • Cipher suites list (e.g. ECDHE, RSA), ordered by preference • Compression methods • List of Extensions • Server Hello [7] • Negotiated TLS version • Server random variable • Session ID • Selected Cipher Suite • Compression Method • Extensions Zlatina Gancheva — TLS Fingerprinting Techniques 8
Background: Transport Security Layer Protocol Creating a Fingerprint Figure 3: Fingerprinting parameters Zlatina Gancheva — TLS Fingerprinting Techniques 9
Fingerprinting Techniques Network-based HTTPS Client identification This is done by creating a dictionary, where Cipher suite list is paired with a User-Agent[3] 1 [15, 14]. • Host-based method • measures connections on the server side • uses the decrypted information from an HTTPS connection • Advantages: • accurate • Disadvantages: • limited to a single server 1 User-Agent - a string used to identify client’s browser and OS version Zlatina Gancheva — TLS Fingerprinting Techniques 10
Fingerprinting Techniques Network-based HTTPS Client identification This is done by creating a dictionary, where Cipher suite list is paired with a User-Agent[3] 2 [15, 14]. • Flow-based method • simultaneously monitors HTTP and HTTPS connections with the same IP source address • pairs a cipher suite list with the User-Agent • Advantages: • not limited to a single server • Disadvantages: • less accurate 2 User-Agent - a string used to identify client’s browser and OS version Zlatina Gancheva — TLS Fingerprinting Techniques 11
Fingerprinting Techniques JA3/JA3S Fingerprinting JA3 Fingerprinting on the Client Side • joins values taken from the Client Hello packet [2, 8, 5] into a string. • MD5 hashes the string into a 32 character fingerprint • Advantages: • easy to share • more effective than IoCs • always creates a 32 character fingerprint Figure 4: Example of JA3 Fingerprint [9] • Disadvantages: • application collisions • up to 5 JA3 for the same application Zlatina Gancheva — TLS Fingerprinting Techniques 12
Fingerprinting Techniques JA3/JA3S Fingerprinting JA3S Fingerprinting on the Server Side • same as JA3 but with values from the Server Hello • useful when client applications use common libraries or OS sockets Advantages: • combined with JA3 efficiently identifies malicious communication Zlatina Gancheva — TLS Fingerprinting Techniques 13
Fingerprinting Techniques Markov Chain Fingerprinting This technique creates stochastic TLS fingerprints, using first-order homogeneous Markov chains [16]. It is conducted on the server side Advantages: Successfully recognizes • incorrect implementations • misuse of TLS (TLS tunneling) Disadvantages: • Fingerprint database must be updated periodically Zlatina Gancheva — TLS Fingerprinting Techniques 14
Discussion Defenses against TLS Fingerprinting • Defenses: • Using Proxy to redirect the Cipher suite list [15] • Manual changes in the Cipher suite list [15] • Mimicking TLS implementations [13] Zlatina Gancheva — TLS Fingerprinting Techniques 15
Discussion Defenses against TLS Fingerprinting • Defenses: • Using Proxy to redirect the Cipher suite list [15] • Manual changes in the Cipher suite list [15] • Mimicking TLS implementations [13] • Problems: • Problem: A Fingerprint collisions [6] may also possibly occur Zlatina Gancheva — TLS Fingerprinting Techniques 15
Discussion Defenses against TLS Fingerprinting • Defenses: • Using Proxy to redirect the Cipher suite list [15] • Manual changes in the Cipher suite list [15] • Mimicking TLS implementations [13] • Problems: • Problem: A Fingerprint collisions [6] may also possibly occur • Solution: Take as many parameters of the Client Hello as possible [6] Zlatina Gancheva — TLS Fingerprinting Techniques 15
Conclusion TLS Fingerprinting Techniques TLS Fingerprinting is: • effectively recognizing malicious and outdated software • quick to keep up with network traffic • a passive approach, sustaining user’s privacy We discussed 3 main different Fingerprinting techniques • Network-based HTTPS Client identification • JA3/JA3S Fingerprinting • Markov Chain Fingerprinting Zlatina Gancheva — TLS Fingerprinting Techniques 16
Bibliography [1] The generation and use of TLS fingerprints. [2] Open sourcing JA3 - salesforce engineering. [3] An overview of the SSL or TLS handshake. [4] RFC 8446 - the transport layer security (TLS) protocol version 1.3. [5] salesforce/ja3. original-date: 2017-06-13T22:54:10Z. [6] SquareLemon. [7] TLS fingerprinting in the real world. [8] TLS fingerprinting with JA3 and JA3s - salesforce engineering. [9] B. Anderson, S. Paul, and D. McGrew. Deciphering malware’s use of TLS (without decryption). [10] L. Brotherston. Lee brotherston’s work. original-date: 2016-02-18T14:40:19Z. [11] M. D. Center. TLS handshake protocol - win32 apps. [12] M. D. Center. TLS record protocol - win32 apps. [13] S. Frolov and E. Wustrow. The use of TLS in censorship circumvention. In Proceedings 2019 Network and Distributed System Security Symposium . Internet Society. Zlatina Gancheva — TLS Fingerprinting Techniques 17
Bibliography [14] M. Husak, M. Cermak, T. Jirsik, and P . Celeda. Network-based HTTPS client identification using SSL/TLS fingerprinting. In 2015 10th International Conference on Availability, Reliability and Security , pages 389–396. IEEE. M. Husák, M. ˇ . ˇ [15] Cermák, T. Jirsík, and P Celeda. HTTPS traffic analysis and client identification using passive SSL/TLS fingerprinting. 2016(1):6. [16] M. Korczynski and A. Duda. Markov chain fingerprinting to classify encrypted traffic. In IEEE INFOCOM 2014 - IEEE Conference on Computer Communications , pages 781–789. IEEE. Zlatina Gancheva — TLS Fingerprinting Techniques 18
Recommend
More recommend
