Announcement for Downloading full text filePlease respect the Copyright Act.
All digital full text dissertation and theses from this website are authorized the copyright owners. These copyrighted full-text dissertation and theses can be only used for academic, research and non-commercial purposes. Users of this website can search, read, and print for personal usage. In respect of the Copyright Act of the Republic of China, please do not reproduce, distribute, change, or edit the content of these dissertations and theses without any permission. Please do not create any work based upon a pre-existing work by reproduction, Adaptation, Distribution or other means.
URN etd-0827118-220519 Statistics This thesis had been viewed 63 times. Download 0 times. Author Ching-hsiang Chen Author's Email Address No Public. Department Information Management Year 2017 Semester 2 Degree Master Type of Document Master's Thesis Language zh-TW.Big5 Chinese Page Count 33 Title A Study on Security Assessment of Network Connection through SSL / TLS and CA Flow Analysis Keyword SSL/TLS Traffic Analysis Packet Filtering Packet Filtering Traffic Analysis SSL/TLS Abstract In recent years, with the trend of Internet services, personal information is often disclosed and compromised on the Internet. In order to enhance information security with consideration of communication convenience, most websites and communication software support HTTPS connection. Nowadays more than 50% of Internet traffic has taken HTTPS encrypted communication protocol. Previous studies focused on encrypted network communication trying to identify software connection signature. Their disadvantage is that if the version of signature varies with the time, the original signature is no more valid. In addition, they did not consider the connection security.
This study started from establishing a system to monitor network traffic by collecting various kinds of communication protocols （such as SSL or TLS）. It also checked the validity of certificates by their issuers and valid dates of the certificates. To analyze the access to websites through secure channel, we use HTTPS （SSL/TLS） and credential information to determine the security of the connection. We use the version of SSL or TLS and the site digital certificate such as CA voucher issuing unit and expiration date as conditions for judging the security of HTTPS connection. The experimental results summarized from 20 experiments reveal that the security of the internal HTTPS connection within the enterprise can be identified. Advantage of this approach includes that version updates of software do not affect the effectiveness of our method. It is suggested that research in the future could include identifications of other software to increase connection security.
Advisor Committee Patrick-shicheng Chen - advisor
none - co-chair
Yung-hsin Wang - co-chair
Files Date of Defense 2018-06-29 Date of Submission 2018-08-27