{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,30]],"date-time":"2026-01-30T05:32:12Z","timestamp":1769751132561,"version":"3.49.0"},"publisher-location":"Cham","reference-count":65,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031514753","type":"print"},{"value":"9783031514760","type":"electronic"}],"license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024]]},"DOI":"10.1007\/978-3-031-51476-0_9","type":"book-chapter","created":{"date-parts":[[2024,1,10]],"date-time":"2024-01-10T07:02:29Z","timestamp":1704870149000},"page":"166-192","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["Towards Efficient Privacy-Preserving Deep Packet Inspection"],"prefix":"10.1007","author":[{"given":"Weicheng","family":"Wang","sequence":"first","affiliation":[]},{"given":"Hyunwoo","family":"Lee","sequence":"additional","affiliation":[]},{"given":"Yan","family":"Huang","sequence":"additional","affiliation":[]},{"given":"Elisa","family":"Bertino","sequence":"additional","affiliation":[]},{"given":"Ninghui","family":"Li","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,1,11]]},"reference":[{"key":"9_CR1","unstructured":"Anati, I., Gueron, S., Johnson, S., Scarlata, V.: Innovative technology for CPU based attestation and sealing. In: International Workshop on Hardware and Architectural Support for Security and Privacy (2013)"},{"key":"9_CR2","doi-asserted-by":"crossref","unstructured":"Anderson, B., McGrew, D.: Identifying encrypted malware traffic with contextual flow data. In: ACM Workshop on Artificial Intelligence and Security (2016)","DOI":"10.1145\/2996758.2996768"},{"key":"9_CR3","doi-asserted-by":"crossref","unstructured":"Anderson, B., Paul, S., McGrew, D.: Deciphering malware\u2019s use of TLS (without decryption). J. Comput. Virol. Hacking Tech. (2018)","DOI":"10.1007\/s11416-017-0306-6"},{"key":"9_CR4","doi-asserted-by":"crossref","unstructured":"Asghar, H.J., Melis, L., Soldani, C., De Cristofaro, E., Kaafar, M.A., Mathy, L.: SplitBox: toward efficient private network function virtualization. In: Workshop on Hot Topics in Middleboxes and Network Function Virtualization (2016)","DOI":"10.1145\/2940147.2940150"},{"key":"9_CR5","unstructured":"Beaver, D.: Efficient multiparty protocols using circuit randomization. In: Annual International Cryptology Conference (1992)"},{"key":"9_CR6","unstructured":"Blake, A., David, M.: Machine learning for encrypted malware traffic classification: accounting for noisy labels and non-stationarity. In: ACM International Conference on Knowledge Discovery and Data Mining (2017)"},{"key":"9_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"325","DOI":"10.1007\/978-3-540-30576-7_18","volume-title":"Theory of Cryptography","author":"D Boneh","year":"2005","unstructured":"Boneh, D., Goh, E.-J., Nissim, K.: Evaluating 2-DNF formulas on ciphertexts. In: Kilian, J. (ed.) TCC 2005. LNCS, vol. 3378, pp. 325\u2013341. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/978-3-540-30576-7_18"},{"key":"9_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"342","DOI":"10.1007\/978-3-030-92068-5_12","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2021","author":"\u00c9 Bouscati\u00e9","year":"2021","unstructured":"Bouscati\u00e9, \u00c9., Castagnos, G., Sanders, O.: Public key encryption with\u00a0flexible pattern matching. In: Tibouchi, M., Wang, H. (eds.) ASIACRYPT 2021. LNCS, vol. 13093, pp. 342\u2013370. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-92068-5_12"},{"key":"9_CR9","doi-asserted-by":"crossref","unstructured":"Bujlow, T., Carela-Espa\u00f1ol, V., Barlet-Ros, P.: Independent comparison of popular DPI tools for traffic classification. Comput. Netw. (2015)","DOI":"10.1016\/j.comnet.2014.11.001"},{"key":"9_CR10","doi-asserted-by":"crossref","unstructured":"Canard, S., Diop, A., Kheir, N., Paindavoine, M., Sabt, M.: BlindiDS: market-compliant and privacy-friendly intrusion detection system over encrypted traffic. In: AsiaCCS (2017)","DOI":"10.1145\/3052973.3053013"},{"key":"9_CR11","doi-asserted-by":"crossref","unstructured":"de Carn\u00e9 de Carnavalet, X., Mannan, M.: Killed by proxy: analyzing client-end TLS interception software. In: Network and Distributed System Security Symposium (2016)","DOI":"10.14722\/ndss.2016.23374"},{"key":"9_CR12","unstructured":"de Carn\u00e9 de Carnavalet, X., van Oorschot, P.C.: A survey and analysis of TLS interception mechanisms and motivations. arXiv e-prints (2020)"},{"key":"9_CR13","unstructured":"cURL: cURL: command line tool and library for transferring data with URLs (1998). https:\/\/curl.se\/"},{"key":"9_CR14","doi-asserted-by":"crossref","unstructured":"Deri, L., Martinelli, M., Bujlow, T., Cardigliano, A.: NDPI: open-source high-speed deep packet inspection. In: International Wireless Communications and Mobile Computing Conference (2014)","DOI":"10.1109\/IWCMC.2014.6906427"},{"key":"9_CR15","doi-asserted-by":"crossref","unstructured":"Desmoulins, N., Fouque, P.A., Onete, C., Sanders, O.: Pattern matching on encrypted streams. In: International Conference on the Theory and Application of Cryptology and Information Security (2018)","DOI":"10.1007\/978-3-030-03326-2_5"},{"key":"9_CR16","unstructured":"Dierks, T.: The TLS protocol version 1.2 (2008)"},{"key":"9_CR17","doi-asserted-by":"crossref","unstructured":"Durumeric, Z., et al.: The security impact of HTTPS interception. In: Network and Distributed Systems Symposium (2017)","DOI":"10.14722\/ndss.2017.23456"},{"key":"9_CR18","doi-asserted-by":"crossref","unstructured":"Evans, D., Kolesnikov, V., Rosulek, M., et al.: A Pragmatic Introduction to Secure Multi-Party Computation. Now Publishers Inc. (2018)","DOI":"10.1561\/9781680835090"},{"key":"9_CR19","doi-asserted-by":"crossref","unstructured":"Fan, J., Guan, C., Ren, K., Cui, Y., Qiao, C.: SPABox: safeguarding privacy during deep packet inspection at a middlebox. IEEE\/ACM Trans. Network. (2017)","DOI":"10.1109\/TNET.2017.2753044"},{"key":"9_CR20","unstructured":"Felt, A., Barnes, R., King, A., Palmer, C., Bentzel, C., Tabriz, P.: Measuring HTTPS adoption on the web. In: USENIX Security (2017)"},{"key":"9_CR21","doi-asserted-by":"crossref","unstructured":"Goltzsche, D., et al.: EndBox: scalable middlebox functions using client-side trusted execution. In: IEEE\/IFIP International Conference on Dependable Systems and Networks (2018)","DOI":"10.1109\/DSN.2018.00048"},{"key":"9_CR22","unstructured":"Google: HTTPS encryption on the web. https:\/\/transparencyreport.google.com\/https\/overview. Accessed 27 June 2021"},{"key":"9_CR23","unstructured":"Grubbs, P., Arun, A., Zhang, Y., Bonneau, J., Walfish, M.: Zero-Knowledge middleboxes. In: USENIX Security (2022)"},{"key":"9_CR24","doi-asserted-by":"crossref","unstructured":"Han, J., Kim, S., Cho, D., Choi, B., Ha, J., Han, D.: A secure middlebox framework for enabling visibility over multiple encryption protocols. IEEE\/ACM Trans. Network. (2020)","DOI":"10.1109\/TNET.2020.3016785"},{"key":"9_CR25","doi-asserted-by":"crossref","unstructured":"Han, J., Kim, S., Ha, J., Han, D.: SGX-Box: enabling visibility on encrypted traffic using a secure middlebox module. In: Asia-Pacific Workshop on Networking (2017)","DOI":"10.1145\/3106989.3106994"},{"key":"9_CR26","unstructured":"Hedenskog, P.: Simulate slow network connections on Linux and MAC OS X (2021). https:\/\/github.com\/sitespeedio\/throttle"},{"key":"9_CR27","unstructured":"Hofemeier, G., Chesebrough, R.: Introduction to intel AES-NI and intel secure key instructions. Intel, White Paper (2012)"},{"key":"9_CR28","unstructured":"Jarmoc, J.: SSL\/TLS interception proxies and transitive trust. In: Black Hat Europe (2012)"},{"key":"9_CR29","doi-asserted-by":"crossref","unstructured":"Khalife, J., Hajjar, A., D\u00edaz-Verdejo, J.: Performance of openDPI in identifying sampled network traffic. J. Netw. (2013)","DOI":"10.4304\/jnw.8.1.71-81"},{"key":"9_CR30","doi-asserted-by":"crossref","unstructured":"Kim, J., Camtepe, S., Baek, J., Susilo, W., Pieprzyk, J., Nepal, S.: P2DPI: practical and privacy-preserving deep packet inspection. In: AsiaCCS (2021)","DOI":"10.1145\/3433210.3437525"},{"key":"9_CR31","doi-asserted-by":"crossref","unstructured":"Kim, J., Camtepe, S., Baek, J., Susilo, W., Pieprzyk, J., Nepal, S.: P2DPI: practical and privacy-preserving deep packet inspection. IACR Cryptol. ePrint Arch. (2021)","DOI":"10.1145\/3433210.3437525"},{"key":"9_CR32","doi-asserted-by":"crossref","unstructured":"Lai, S., et al.: Practical encrypted network traffic pattern matching for secure middleboxes. IEEE Trans. Dependable Secure Comput. (2021)","DOI":"10.1109\/TDSC.2021.3065652"},{"key":"9_CR33","unstructured":"Lan, C., Sherry, J., Popa, R.A., Ratnasamy, S., Liu, Z.: Embark: securely outsourcing middleboxes to the cloud. In: NSDI (2016)"},{"key":"9_CR34","doi-asserted-by":"crossref","unstructured":"Lee, H., et al.: maTLS: how to make TLS middlebox-aware? In: NDSS (2019)","DOI":"10.14722\/ndss.2019.23547"},{"key":"9_CR35","doi-asserted-by":"crossref","unstructured":"Lee, J., Lee, H., Jeong, J., Kim, D., Kwon, T.: Analyzing spatial differences in the TLS security of delegated web services. In: AsiaCCS (2021)","DOI":"10.1145\/3433210.3453107"},{"key":"9_CR36","doi-asserted-by":"crossref","unstructured":"Li, H., Ren, H., Liu, D., Shen, X.S.: Privacy-enhanced deep packet inspection at outsourced middlebox. In: International Conference on Wireless Communications and Signal Processing (2018)","DOI":"10.1109\/WCSP.2018.8555646"},{"key":"9_CR37","doi-asserted-by":"crossref","unstructured":"Li, J., Li, N.: OACerts: oblivious attribute certificates. In: The Conference on Applied Cryptography and Network Security (2005)","DOI":"10.1007\/11496137_21"},{"key":"9_CR38","doi-asserted-by":"crossref","unstructured":"Li, J., Chen, R., Su, J., Huang, X., Wang, X.: ME-TLS: middlebox-enhanced TLS for internet-of-things devices. IEEE Internet Things J. (2019)","DOI":"10.1109\/JIOT.2019.2953715"},{"key":"9_CR39","doi-asserted-by":"crossref","unstructured":"Lindell, Y., Pinkas, B.: A proof of security of Yao\u2019s protocol for two-party computation. J. Cryptol. (2009)","DOI":"10.1007\/s00145-008-9036-8"},{"key":"9_CR40","unstructured":"Marquis-Boire, M., et al.: Planet blue coat: mapping global censorship and surveillance tools (2013)"},{"key":"9_CR41","unstructured":"McGrew, D., Wing, D., Nir, Y., Gladstone, P.: TLS proxy server extension. https:\/\/tools.ietf.org\/html\/draft-mcgrew-tls-proxy-server-01"},{"key":"9_CR42","doi-asserted-by":"crossref","unstructured":"Moriarty, K., Morton, A.: Effects of pervasive encryption on operators. Technical report, RFC (2018)","DOI":"10.17487\/RFC8404"},{"key":"9_CR43","doi-asserted-by":"crossref","unstructured":"Naylor, D., et al.: The cost of the \u201cs\u201d in HTTPS. In: ACM International Conference on Emerging Networking Experiments and Technologies (2014)","DOI":"10.1145\/2674005.2674991"},{"key":"9_CR44","doi-asserted-by":"crossref","unstructured":"Naylor, D., Li, R., Gkantsidis, C., Karagiannis, T., Steenkiste, P.: And then there were more: secure communication for more than two parties. In: The International Conference on Emerging Networking EXperiments and Technologies (2017)","DOI":"10.1145\/3143361.3143383"},{"key":"9_CR45","doi-asserted-by":"crossref","unstructured":"Naylor, D., et al.: Multi-context TLS (mcTLS): enabling secure in-network functionality in TLS. In: ACM SIGCOMM Computer Communication Review (2015)","DOI":"10.1145\/2785956.2787482"},{"key":"9_CR46","unstructured":"Nginx: Nginx (2022). https:\/\/www.nginx.com\/"},{"key":"9_CR47","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-3-030-58951-6_1","volume-title":"Computer Security \u2013 ESORICS 2020","author":"J Ning","year":"2020","unstructured":"Ning, J., et al.: Pine: enabling privacy-preserving deep packet inspection on TLS with rule-hiding and fast connection establishment. In: Chen, L., Li, N., Liang, K., Schneider, S. (eds.) ESORICS 2020. LNCS, vol. 12308, pp. 3\u201322. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-58951-6_1"},{"key":"9_CR48","doi-asserted-by":"crossref","unstructured":"Ning, J., Poh, G., Loh, J.C., Chia, J., Chang, E.C.: PrivDPI: privacy-preserving encrypted traffic inspection with reusable obfuscated rules. In: ACM Conference on Computer and Communications Security (2019)","DOI":"10.1145\/3319535.3354204"},{"key":"9_CR49","unstructured":"Nir, Y.: A method for sharing record protocol keys with a middlebox in TLS (2012). https:\/\/tools.ietf.org\/id\/draft-nir-tls-keyshare-02.html"},{"key":"9_CR50","doi-asserted-by":"crossref","unstructured":"O\u2019Neill, M., Ruoti, S., Seamons, K., Zappala, D.: TLS proxies: friend or foe? In: The Internet Measurement Conference (2016)","DOI":"10.1145\/2987443.2987488"},{"key":"9_CR51","unstructured":"Pedersen, T.: Non-interactive and information-theoretic secure verifiable secret sharing. In: Annual International Cryptology Conference (1991)"},{"key":"9_CR52","unstructured":"Poddar, R., Lan, C., Popa, R.A., Ratnasamy, S.: SafeBricks: shielding network functions in the cloud. In: USENIX Security (2018)"},{"key":"9_CR53","unstructured":"Ren, H., Li, H., Liu, D., Xu, G., Cheng, N., Shen, X.S.: Privacy-preserving efficient verifiable deep packet inspection for cloud-assisted middlebox. IEEE Trans. Cloud Comput. (2020)"},{"key":"9_CR54","unstructured":"Reports, V.: Deep packet inspection market size to reach USD 16620 million by 2026 at a CAGR of 25.0 percent valuates reports (2021). https:\/\/tinyurl.com\/438yktzs"},{"key":"9_CR55","unstructured":"Rescorla, E.: The TLS protocol version 1.3 (2018)"},{"key":"9_CR56","doi-asserted-by":"crossref","unstructured":"Sherry, J., Lan, C., Popa, R.A., Ratnasamy, S.: BlindBox: deep packet inspection over encrypted traffic. In: The ACM Conference on Special Interest Group on Data Communication (2015)","DOI":"10.1145\/2785956.2787502"},{"key":"9_CR57","unstructured":"Silowash, G.J., Lewellen, T., Costa, D.L., Lewellen, T.B.: Detecting and preventing data exfiltration through encrypted web sessions via traffic inspection (2013)"},{"key":"9_CR58","doi-asserted-by":"crossref","unstructured":"Singh, R., Dunna, A., Gill, P.: Characterizing the deployment and performance of multi-CDNs. In: Internet Measurement Conference (2018)","DOI":"10.1145\/3278532.3278548"},{"key":"9_CR59","doi-asserted-by":"crossref","unstructured":"Soghoian, C., Stamm, S.: Certified lies: detecting and defeating government interception attacks against SSL. In: ACM Symposium on Operating Systems Principles (2010)","DOI":"10.2139\/ssrn.1591033"},{"key":"9_CR60","doi-asserted-by":"crossref","unstructured":"Waked, L., Mannan, M., Youssef, A.: To intercept or not to intercept: analyzing TLS interception in network appliances. In: AsiaCCS (2018)","DOI":"10.1145\/3196494.3196528"},{"key":"9_CR61","doi-asserted-by":"crossref","unstructured":"Winternitz, R.: A secure one-way hash function built from des. In: IEEE Symposium on Security and Privacy (1984)","DOI":"10.1109\/SP.1984.10027"},{"key":"9_CR62","doi-asserted-by":"crossref","unstructured":"Yamada, A., Miyake, Y., Takemori, K., Studer, A., Perrig, A.: Intrusion detection for encrypted web accesses. In: International Conference on Advanced Information Networking and Applications Workshops (2007)","DOI":"10.1109\/AINAW.2007.212"},{"key":"9_CR63","doi-asserted-by":"crossref","unstructured":"Yang, K., Weng, C., Lan, X., Zhang, J., Wang, X.: Ferret: fast extension for correlated OT with small communication. In: the ACM Conference on Computer and Communications Security (2020)","DOI":"10.1145\/3372297.3417276"},{"key":"9_CR64","doi-asserted-by":"crossref","unstructured":"Yao, A.C.C.: How to generate and exchange secrets. In: Annual Symposium on Foundations of Computer Science (1986)","DOI":"10.1109\/SFCS.1986.25"},{"key":"9_CR65","doi-asserted-by":"crossref","unstructured":"Yuan, X., Wang, X., Lin, J., Wang, C.: Privacy-preserving deep packet inspection in outsourced middleboxes. In: IEEE INFOCOM (2016)","DOI":"10.1109\/INFOCOM.2016.7524526"}],"container-title":["Lecture Notes in Computer Science","Computer Security \u2013 ESORICS 2023"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-51476-0_9","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,1,10]],"date-time":"2024-01-10T07:04:47Z","timestamp":1704870287000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-51476-0_9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"ISBN":["9783031514753","9783031514760"],"references-count":65,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-51476-0_9","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024]]},"assertion":[{"value":"11 January 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ESORICS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"European Symposium on Research in Computer Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"The Hague","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"The Netherlands","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2023","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"25 September 2023","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29 September 2023","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"28","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"esorics2023","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/esorics2023.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"478","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"93","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"19% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3-4","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"10","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}