Detecting fingerprinted data in TLS traffic

We present a new method for detecting known data in certain TLS encrypted communication channels. Our approach enables us to detect single files in eavesdropped TLS secured network traffic. We generate fingerprints by a fine-grained measurement of the entropy of fragments of known data and introduce the application of methods from the field of machine learning to the problem of file detection. We implement all proposed methods on a real data base and show the practical efficiency of our approach