Skip to main content
OSTI.GOVU.S. Department of Energy Office of Scientific and Technical Information
U.S. Department of Energy
Office of Scientific and Technical Information
 

A Taxonomy and Feature set for Server-Side Identification of Proxies

Technical Report ·
DOI:https://doi.org/10.2172/2530825· OSTI ID:2530825
 [1]
  1. Sandia National Laboratories (SNL-NM), Albuquerque, NM (United States)
+ Show Author Affiliations

Malicious actors frequently use proxies and VPNs to evade detection and hide their origin. Current challenges to information security include the use of residential proxies to blend in with normal traffic and Man-in-the-Middle phishing proxies that are used to compromise accounts protected with mult-factor authentication. We advance a taxonomy and feature set for the identification of proxied traffic based on the network layer where proxying occurs. We describe how these features apply to common proxy types and how to use these features in the classification of the proxied traffic. Collection of these additional features is feasible using existing network sensors and web servers, while only adding about 30% volume to commonly deployed network sensor logs.

Research Organization:
Sandia National Laboratories (SNL-NM), Albuquerque, NM (United States)
Sponsoring Organization:
USDOE National Nuclear Security Administration (NNSA)
DOE Contract Number:
NA0003525
OSTI ID:
2530825
Report Number(s):
SAND--2025-02246
Country of Publication:
United States
Language:
English

Similar Records

Disruption of Commercial Solar Inverter System by TLS Proxy Man-in-the-Middle Attack
Journal Article · Sun May 12 00:00:00 EDT 2024 · 2024 IEEE 7th International Conference on Industrial Cyber-Physical Systems (ICPS) · OSTI ID:2345004
A Proxy Signature-Based Drone Authentication in 5G D2D Networks
Conference · Wed Apr 28 00:00:00 EDT 2021 · OSTI ID:1924424

Related Subjects

97 MATHEMATICS AND COMPUTING