![wireshark decrypt tls wireshark decrypt tls](https://iponwire.com/wp-content/uploads/2021/01/Wireshark-TLS-decrypted-capture-1450x840.jpg)
In recent years, various types of heterogeneous networks develop rapidly. With the created framework, encrypted traffic was classified with a high success rate and 94.53% success was achieved by using the XGBoost classification method. ISCX VPN-NonVPN dataset was used to test the proposed model in this study. Thus, without deciphering, it is possible to classify packets passing through encrypted traffic using some metadata like size and duration and to take precautions against attacks.
![wireshark decrypt tls wireshark decrypt tls](https://didierstevens.files.wordpress.com/2021/01/20210110-231819.png)
In this study, it is aimed to classify the network traffic by analysing the outgoing and incoming data over the encrypted traffic using extreme gradient boosting (XGBoost), decision tree and random forest classification methods. Since payload analysis cannot be performed without deciphering the encrypted traffic, existing commercial security solutions fall short in this situation.
![wireshark decrypt tls wireshark decrypt tls](http://blog.icewolf.ch/images/blog_icewolf_ch/201411/Wireshark_DecryptTLS_06.jpg)
Cyber attackers or hackers gain the ability to bypass security precautions such as IDS/IPS and antivirus systems with using encrypted traffic. This situation, which is beneficial for normal users, is also used by attackers to hide. Encryption algorithms and protocols are used for this purpose. With this increase, it becomes important to ensure the confidentiality of the information in the traffic flowing over the internet. The rate of internet usage in the world is over 62% and this rate is increasing day by day.