{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,19]],"date-time":"2025-12-19T09:38:05Z","timestamp":1766137085041,"version":"3.37.3"},"publisher-location":"Cham","reference-count":43,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030004699"},{"type":"electronic","value":"9783030004705"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-030-00470-5_15","type":"book-chapter","created":{"date-parts":[[2018,9,6]],"date-time":"2018-09-06T06:43:19Z","timestamp":1536216199000},"page":"315-334","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":22,"title":["OTTer: A Scalable High-Resolution Encrypted Traffic Identification Engine"],"prefix":"10.1007","author":[{"given":"Eva","family":"Papadogiannaki","sequence":"first","affiliation":[]},{"given":"Constantinos","family":"Halevidis","sequence":"additional","affiliation":[]},{"given":"Periklis","family":"Akritidis","sequence":"additional","affiliation":[]},{"given":"Lazaros","family":"Koromilas","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2018,9,7]]},"reference":[{"key":"15_CR1","unstructured":"Android tcpdump. https:\/\/www.androidtcpdump.com . Accessed 09 Mar 2018-"},{"key":"15_CR2","unstructured":"Busybox (android application). https:\/\/play.google.com\/store\/apps\/details?id=stericson.busybox&hl=en . Accessed 09 Mar 2018"},{"key":"15_CR3","unstructured":"netstat(8) - Linux man page. https:\/\/linux.die.net\/man\/8\/netstat . Accessed 09 Mar 2018"},{"key":"15_CR4","doi-asserted-by":"publisher","first-page":"131","DOI":"10.1016\/j.jnca.2017.11.007","volume":"103","author":"G Aceto","year":"2018","unstructured":"Aceto, G., Ciuonzo, D., Montieri, A., Pescap\u00e9, A.: Multi-classification approaches for classifying mobile app traffic. J. Netw. Comput. Appl. 103, 131\u2013145 (2018)","journal-title":"J. Netw. Comput. Appl."},{"issue":"6","key":"15_CR5","doi-asserted-by":"publisher","first-page":"333","DOI":"10.1145\/360825.360855","volume":"18","author":"AV Aho","year":"1975","unstructured":"Aho, A.V., Corasick, M.J.: Efficient string matching: an aid to bibliographic search. Commun. ACM 18(6), 333\u2013340 (1975)","journal-title":"Commun. ACM"},{"key":"15_CR6","doi-asserted-by":"crossref","unstructured":"Alan, H.F., Kaur, J.: Can android applications be identified using only TCP\/IP headers of their launch time traffic? In: Proceedings of the 9th ACM Conference on Security and Privacy in Wireless and Mobile Networks, pp. 61\u201366. ACM (2016)","DOI":"10.1145\/2939918.2939929"},{"key":"15_CR7","unstructured":"Anonymized for submission: DPI engine anonymized for submission"},{"key":"15_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"46","DOI":"10.1007\/978-3-319-25645-0_4","volume-title":"Network and System Security","author":"G Ateniese","year":"2015","unstructured":"Ateniese, G., Hitaj, B., Mancini, L.V., Verde, N.V., Villani, A.: No place to hide that bytes won\u2019t reveal: sniffing location-based encrypted traffic to track a user\u2019s position. Network and System Security. LNCS, vol. 9408, pp. 46\u201359. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-25645-0_4"},{"key":"15_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"165","DOI":"10.1007\/978-3-540-71617-4_17","volume-title":"Passive and Active Network Measurement","author":"L Bernaille","year":"2007","unstructured":"Bernaille, L., Teixeira, R.: Early recognition of encrypted applications. In: Uhlig, S., Papagiannaki, K., Bonaventure, O. (eds.) PAM 2007. LNCS, vol. 4427, pp. 165\u2013175. Springer, Heidelberg (2007). https:\/\/doi.org\/10.1007\/978-3-540-71617-4_17"},{"key":"15_CR10","doi-asserted-by":"crossref","unstructured":"Chen, C., Asoni, D.E., Perrig, A., Barrera, D., Danezis, G., Troncoso, C.: Taranet: traffic-analysis resistant anonymity at the network layer. arXiv preprint arXiv:1802.08415 (2018)","DOI":"10.1109\/EuroSP.2018.00018"},{"key":"15_CR11","doi-asserted-by":"crossref","unstructured":"Conti, M., Mancini, L.V., Spolaor, R., Verde, N.V.: Can\u2019t you hear me knocking: identification of user actions on android apps via traffic analysis. In: Proceedings of the 5th ACM Conference on Data and Application Security and Privacy, pp. 297\u2013304. ACM (2015)","DOI":"10.1145\/2699026.2699119"},{"issue":"1","key":"15_CR12","doi-asserted-by":"publisher","first-page":"114","DOI":"10.1109\/TIFS.2015.2478741","volume":"11","author":"M Conti","year":"2016","unstructured":"Conti, M., Mancini, L.V., Spolaor, R., Verde, N.V.: Analyzing android encrypted network traffic to identify user actions. IEEE Trans. Inf. Forensics Secur. 11(1), 114\u2013125 (2016)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"15_CR13","doi-asserted-by":"crossref","unstructured":"Corrigan-Gibbs, H., Boneh, D., Mazi\u00e8res, D.: Riposte: an anonymous messaging system handling millions of users. In: 2015 IEEE Symposium on Security and Privacy (SP), pp. 321\u2013338. IEEE (2015)","DOI":"10.1109\/SP.2015.27"},{"issue":"5","key":"15_CR14","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1145\/2677046.2677048","volume":"44","author":"SE Coull","year":"2014","unstructured":"Coull, S.E., Dyer, K.P.: Traffic analysis of encrypted messaging services: apple imessage and beyond. ACM SIGCOMM Comput. Commun. Rev. 44(5), 5\u201311 (2014)","journal-title":"ACM SIGCOMM Comput. Commun. Rev."},{"key":"15_CR15","doi-asserted-by":"crossref","unstructured":"Dingledine, R., Mathewson, N., Syverson, P.: Tor: the second-generation onion router. Technical report, Naval Research Lab Washington DC (2004)","DOI":"10.21236\/ADA465464"},{"issue":"2","key":"15_CR16","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1145\/2619091","volume":"32","author":"W Enck","year":"2014","unstructured":"Enck, W., et al.: Taintdroid: an information-flow tracking system for realtime privacy monitoring on smartphones. ACM Trans. Comput. Syst. (TOCS) 32(2), 5 (2014)","journal-title":"ACM Trans. Comput. Syst. (TOCS)"},{"issue":"11","key":"15_CR17","doi-asserted-by":"publisher","first-page":"2851","DOI":"10.1109\/TMC.2016.2516020","volume":"15","author":"Y Fu","year":"2016","unstructured":"Fu, Y., Xiong, H., Lu, X., Yang, J., Chen, C.: Service usage classification with encrypted internet traffic in mobile messaging apps. IEEE Trans. Mobile Comput. 15(11), 2851\u20132864 (2016)","journal-title":"IEEE Trans. Mobile Comput."},{"key":"15_CR18","series-title":"Lecture Notes in Computer Science (Lecture Notes in Artificial Intelligence)","doi-asserted-by":"publisher","first-page":"50","DOI":"10.1007\/978-3-642-37453-1_5","volume-title":"Advances in Knowledge Discovery and Data Mining","author":"A Gomariz","year":"2013","unstructured":"Gomariz, A., Campos, M., Marin, R., Goethals, B.: ClaSP: an efficient algorithm for mining frequent closed sequences. In: Pei, J., Tseng, V.S., Cao, L., Motoda, H., Xu, G. (eds.) PAKDD 2013. LNCS (LNAI), vol. 7818, pp. 50\u201361. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-37453-1_5"},{"key":"15_CR19","doi-asserted-by":"crossref","unstructured":"Herrmann, D., Wendolsky, R., Federrath, H.: Website fingerprinting: attacking popular privacy enhancing technologies with the multinomial Na\u00efve-Bayes classifier. In: Proceedings of the 2009 ACM Workshop on Cloud Computing Security, CCSW 2009, pp. 31\u201342. ACM, New York (2009)","DOI":"10.1145\/1655008.1655013"},{"key":"15_CR20","doi-asserted-by":"publisher","first-page":"229","DOI":"10.1145\/1090191.1080119","volume":"35","author":"T Karagiannis","year":"2005","unstructured":"Karagiannis, T., Papagiannaki, K., Faloutsos, M.: BLINC: multilevel traffic classification in the dark. ACM SIGCOMM Comput. Commun. Rev. 35, 229\u2013240 (2005)","journal-title":"ACM SIGCOMM Comput. Commun. Rev."},{"key":"15_CR21","doi-asserted-by":"crossref","unstructured":"Kwon, A., Corrigan-Gibbs, H., Devadas, S., Ford, B.: Atom: horizontally scaling strong anonymity. In: Proceedings of the 26th Symposium on Operating Systems Principles, pp. 406\u2013422. ACM (2017)","DOI":"10.1145\/3132747.3132755"},{"key":"15_CR22","doi-asserted-by":"publisher","first-page":"639","DOI":"10.1145\/2829988.2787491","volume":"45","author":"S Blond Le","year":"2015","unstructured":"Le Blond, S., Choffnes, D., Caldwell, W., Druschel, P., Merritt, N.: Herd: a scalable, traffic analysis resistant anonymity network for VoIP systems. ACM SIGCOMM Comput. Commun. Rev. 45, 639\u2013652 (2015)","journal-title":"ACM SIGCOMM Comput. Commun. Rev."},{"key":"15_CR23","doi-asserted-by":"crossref","unstructured":"Li, W., Moore, A.W.: A machine learning approach for efficient traffic classification. In: 15th International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunication Systems, MASCOTS 2007, pp. 310\u2013317. IEEE (2007)","DOI":"10.1109\/MASCOTS.2007.2"},{"key":"15_CR24","doi-asserted-by":"crossref","unstructured":"Liu, J., Fu, Y., Ming, J., Ren, Y., Sun, L., Xiong, H.: Effective and real-time in-app activity analysis in encrypted internet traffic streams. In: Proceedings of the 23rd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 335\u2013344. ACM (2017)","DOI":"10.1145\/3097983.3098049"},{"key":"15_CR25","doi-asserted-by":"crossref","unstructured":"Papadopoulos, E.P., Diamantaris, M., Papadopoulos, P., Petsas, T., Ioannidis, S., Markatos, E.P.: The long-standing privacy debate: mobile websites vs mobile apps. In: Proceedings of the 26th International Conference on World Wide Web, pp. 153\u2013162. International World Wide Web Conferences Steering Committee (2017)","DOI":"10.1145\/3038912.3052691"},{"issue":"10","key":"15_CR26","doi-asserted-by":"publisher","first-page":"58","DOI":"10.1145\/2896816","volume":"59","author":"C Partridge","year":"2016","unstructured":"Partridge, C., Allman, M.: Ethical considerations in network measurement papers. Commun. ACM 59(10), 58\u201364 (2016)","journal-title":"Commun. ACM"},{"key":"15_CR27","doi-asserted-by":"crossref","unstructured":"Rapoport, M., Suter, P., Wittern, E., Lh\u00f3tak, O., Dolby, J.: Who you gonna call? Analyzing web requests in android applications. In: 2017 IEEE\/ACM 14th International Conference on Mining Software Repositories (MSR), pp. 80\u201390. IEEE (2017)","DOI":"10.1109\/MSR.2017.11"},{"key":"15_CR28","unstructured":"Razaghpanah, A., et al.: Haystack: In situ mobile traffic analysis in user space. ArXiv e-prints (2015)"},{"key":"15_CR29","unstructured":"Saltaformaggio, B., et al.: Eavesdropping on fine-grained user activities within smartphone apps over encrypted network traffic. In: WOOT (2016)"},{"key":"15_CR30","doi-asserted-by":"crossref","unstructured":"Taylor, V.F., Spolaor, R., Conti, M., Martinovic, I.: AppScanner: automatic fingerprinting of smartphone apps from encrypted network traffic. In: 2016 IEEE European Symposium on Security and Privacy (EuroS&P), pp. 439\u2013454. IEEE (2016)","DOI":"10.1109\/EuroSP.2016.40"},{"issue":"1","key":"15_CR31","doi-asserted-by":"publisher","first-page":"63","DOI":"10.1109\/TIFS.2017.2737970","volume":"13","author":"VF Taylor","year":"2018","unstructured":"Taylor, V.F., Spolaor, R., Conti, M., Martinovic, I.: Robust smartphone app identification via encrypted network traffic analysis. IEEE Trans. Inf. Forensics Secur. 13(1), 63\u201378 (2018)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"15_CR32","doi-asserted-by":"crossref","unstructured":"Van Den Hooff, J., Lazar, D., Zaharia, M., Zeldovich, N.: Vuvuzela: scalable private messaging resistant to traffic analysis. In: Proceedings of the 25th Symposium on Operating Systems Principles, pp. 137\u2013152. ACM (2015)","DOI":"10.1145\/2815400.2815417"},{"key":"15_CR33","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"79","DOI":"10.1007\/978-3-642-15512-3_5","volume-title":"Recent Advances in Intrusion Detection","author":"G Vasiliadis","year":"2010","unstructured":"Vasiliadis, G., Ioannidis, S.: GrAVity: a massively parallel antivirus engine. In: Jha, S., Sommer, R., Kreibich, C. (eds.) RAID 2010. LNCS, vol. 6307, pp. 79\u201396. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-15512-3_5"},{"key":"15_CR34","unstructured":"Vasiliadis, G., Koromilas, L., Polychronakis, M., Ioannidis, S.: GASPP: a GPU-accelerated stateful packet processing framework. In: USENIX Annual Technical Conference, pp. 321\u2013332 (2014)"},{"key":"15_CR35","doi-asserted-by":"crossref","unstructured":"Vasiliadis, G., Polychronakis, M., Ioannidis, S.: MiDeA: a multi-parallel intrusion detection architecture. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 297\u2013308. ACM (2011)","DOI":"10.1145\/2046707.2046741"},{"key":"15_CR36","doi-asserted-by":"crossref","unstructured":"Wang, Q., Yahyavi, A., Kemme, B., He, W.: I know what you did on your smartphone: inferring app usage over encrypted data traffic. In: 2015 IEEE Conference on Communications and Network Security (CNS), pp. 433\u2013441. IEEE (2015)","DOI":"10.1109\/CNS.2015.7346855"},{"key":"15_CR37","doi-asserted-by":"crossref","unstructured":"Wei, X., Gomez, L., Neamtiu, I., Faloutsos, M.: ProfileDroid: multi-layer profiling of android applications. In: Proceedings of the 18th Annual International Conference on Mobile Computing and Networking, pp. 137\u2013148. ACM (2012)","DOI":"10.1145\/2348543.2348563"},{"key":"15_CR38","unstructured":"Wolinsky, D.I., Corrigan-Gibbs, H., Ford, B., Johnson, A.: Dissent in numbers: making strong anonymity scale. In: OSDI, pp. 179\u2013182 (2012)"},{"key":"15_CR39","doi-asserted-by":"crossref","unstructured":"Wright, C.V., Ballard, L., Coull, S.E., Monrose, F., Masson, G.M.: Spot me if you can: uncovering spoken phrases in encrypted VoIP conversations. In: IEEE Symposium on Security and Privacy, SP 2008, pp. 35\u201349. IEEE (2008)","DOI":"10.1109\/SP.2008.21"},{"key":"15_CR40","doi-asserted-by":"crossref","unstructured":"Xu, Q., et al.: Automatic generation of mobile app signatures from traffic observations. In: IEEE Conference on Computer Communications (INFOCOM), pp. 1481\u20131489. IEEE (2015)","DOI":"10.1109\/INFOCOM.2015.7218526"},{"key":"15_CR41","doi-asserted-by":"crossref","unstructured":"Yao, H., Ranjan, G., Tongaonkar, A., Liao, Y., Mao, Z.M.: SAMPLES: self adaptive mining of persistent lexical snippets for classifying mobile application traffic. In: Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, pp. 439\u2013451. ACM (2015)","DOI":"10.1145\/2789168.2790097"},{"key":"15_CR42","doi-asserted-by":"crossref","unstructured":"Yu, L., Wang, Q., Barrineau, G., Oakley, J., Brooks, R.R., Wang, K.C.: TARN: a SDN-based traffic analysis resistant network architecture. arXiv preprint arXiv:1709.00782 (2017)","DOI":"10.1109\/MALWARE.2017.8323961"},{"key":"15_CR43","unstructured":"Zhai, E., Wolinsky, D.I., Chen, R., Syta, E., Teng, C., Ford, B.: AnonRep: towards tracking-resistant anonymous reputation. In: NSDI, pp. 583\u2013596 (2016)"}],"container-title":["Lecture Notes in Computer Science","Research in Attacks, Intrusions, and Defenses"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-00470-5_15","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,10,23]],"date-time":"2019-10-23T16:38:34Z","timestamp":1571848714000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-00470-5_15"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783030004699","9783030004705"],"references-count":43,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-00470-5_15","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2018]]}}}