Zhiyun QianProfessorComputer Science & Engineering zhiyunq@ucr.edu(951) 827-6438
NeTS: Small: Collaborative Research: Practical HTTPS Traffic Manipulation At Middleboxes
AWARD NUMBER
008513-002
FUND NUMBER
33302
STATUS
Closed
AWARD TYPE
3-Grant
|
AWARD EXECUTION DATE
9/12/2016
BEGIN DATE
10/1/2016
END DATE
9/30/2019
AWARD AMOUNT
$140,000
|
Sponsor Information
SPONSOR AWARD NUMBER
SPONSOR
SPONSOR TYPE
FUNCTION
Organized Research
PROGRAM NAME
Proposal Information
PROPOSAL NUMBER
16050502
PROPOSAL TYPE
New
ACTIVITY TYPE
Basic Research
PI Information
PI
Qian, Zhiyun
PI TITLE
Other
PI DEPTARTMENT
Computer Science & Engineering
PI COLLEGE/SCHOOL
Bourns College of Engineering
CO PIs
Project Information
ABSTRACT
Use of encrypted Web traffic is growing at an unprecedented rate. While enhancing user privacy, Secure Hypertext Transfer Protocol (HTTPS) makes it difficult for middleboxes that are commonly used by Internet service providers and mobile carriers to operate, because numerous beneficial middlebox functions (e.g., caching, web page optimization) rely on accessing the unencrypted traffic content. To overcome this challenge, this project develops a system aiming for a practical, ready-to-deploy solution that allows middleboxes to selectively inspect and manipulate HTTPS traffic while still respect the privacy requirements of users. This research will lead to new and continuous innovations in network services that are hard or impossible to achieve today.
The system has two prominent features. First, it is only deployed at client hosts as an operating system (OS) service, as well as on middleboxes. In addition to being transparent to applications, it does not change the encryption protocol or anything on the server side. Therefore, the system can be easily deployed by, for example, regular OS update pushed by mobile carriers. Second, the system allows clients to control what information the middlebox can access. Doing so provides least privileges to middleboxes for performing their functions. In addition, the proposed system is easy to use, secure, and incurs low overhead.
Developing these technologies will facilitate our understanding of the possible design space to allow coordinated, secure, and efficient manipulation of HTTPS traffic, ultimately leading to improved Internet user experience and privacy. The PIs will incorporate knowledge and results developed in this project into both undergraduate and graduate courses in networking, mobile computing and network security.(Abstract from NSF)
|