Johnson, 2018 - Google Patents
Domain fronting: making backdoor access look like google requestsJohnson, 2018
View PDF- Document ID
- 255540056010679631
- Author
- Johnson A
- Publication year
External Links
Snippet
1. Abstract Domain fronting first gained widespread attention in 2017, when it came out that Cozy Bear (ATP 29) had used the technique to send packets out of a network, evading firewalls. The practice was initially developed to circumvent censorship, and has been …
- 238000000034 method 0 abstract description 15
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30861—Retrieval from the Internet, e.g. browsers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L51/00—Arrangements for user-to-user messaging in packet-switching networks, e.g. e-mail or instant messages
- H04L51/12—Arrangements for user-to-user messaging in packet-switching networks, e.g. e-mail or instant messages with filtering and selective blocking capabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
- G06F21/6263—Protecting personal data, e.g. for financial or medical purposes during internet communication, e.g. revealing personal data from cookies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/54—Store-and-forward switching systems
- H04L12/58—Message switching systems, e.g. electronic mail systems
- H04L12/585—Message switching systems, e.g. electronic mail systems with filtering and selective blocking capabilities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/54—Store-and-forward switching systems
- H04L12/58—Message switching systems, e.g. electronic mail systems
- H04L12/5825—Message adaptation based on network or terminal capabilities
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP7561265B2 (en) | ENCRYPTED SNI FILTERING METHOD AND SYSTEM FOR CYBER SECURITY APPLICATIONS - Patent application | |
| US10284526B2 (en) | Efficient SSL/TLS proxy | |
| US10652210B2 (en) | System and method for redirected firewall discovery in a network environment | |
| US9942204B2 (en) | Secure personal server system and method | |
| US20250141854A1 (en) | Efficient SSL/TLS Proxy | |
| OConnor et al. | PivotWall: SDN-based information flow control | |
| US20220029966A1 (en) | Embedded virtual private network | |
| JP2025501717A (en) | System and method for controlling internet access using encrypted dns - Patents.com | |
| Zave et al. | Patterns and interactions in network security | |
| Dutta et al. | Tor—the onion router | |
| KR20250012545A (en) | Privacy-preserving filtering of encrypted traffic | |
| CA3027340A1 (en) | Secure personal server system and method | |
| Koch et al. | Securing http/3 web architecture in the cloud | |
| Johnson | Domain fronting: making backdoor access look like google requests | |
| Wang et al. | Using web-referral architectures to mitigate denial-of-service threats | |
| Grahn et al. | Anonymous communication on the internet | |
| Tiwari et al. | Alternative (ab) uses for {HTTP} Alternative Services | |
| Chen et al. | Narrowing Down the Secrets of the Internet-A Review of Privacy Leakages and Prevention Methods | |
| Lin et al. | DAMUP: Practical and privacy-aware cloud-based DDoS mitigation | |
| US20230370492A1 (en) | Identify and block domains used for nxns-based ddos attack | |
| Grimes | An Exploration of the Security Gaps Created by Encrypted DNS | |
| Pahlevan | Signaling and Policy Enforcement for Cooperative Firewalls | |
| Mansoor et al. | An analysis of security systems for electronic information for establishing secure internet | |
| Xu et al. | A Review of Privacy Leakages and Prevention | |
| Parmar et al. | Compromising cloud security and privacy by dos, ddos, and botnet and their countermeasures |