Protecting users' privacy over the Internet is of great importance. However, due to the increasing complexity of network protocols and components, it becomes harder and harder to maintain. Therefore, investigating and understanding how data is leaked from the information transport platform/protocols can lead us to a more secure environment. In this paper, we propose an iterative framework to find the most vulnerable information fields in a network protocol systematically. To this end, focusing on the Transport Layer Security (TLS) protocol, we perform different machine-learning-based fingerprinting attacks by collecting data from more than 70 domains (websites) to understand how and where this information leakage occurs in the TLS protocol. Then, by employing the interpretation techniques developed in the machine learning community, and using our framework, we find the most vulnerable information fields in the TLS protocol. Our findings demonstrate that the TLS handshake (which is mainly unencrypted), the TLS record length appears in the TLS application data header, and the initialization vector (IV) field are among the most critical leaker parts in this protocol, respectively.

中文翻译：

---

机器学习可解释性满足 TLS 指纹识别

保护用户在 Internet 上的隐私非常重要。然而，由于网络协议和组件的日益复杂，它变得越来越难以维护。因此，调查和了解数据是如何从信息传输平台/协议中泄露出来的，可以引导我们进入一个更安全的环境。在本文中，我们提出了一个迭代框架来系统地查找网络协议中最脆弱的信息字段。为此，我们以传输层安全 (TLS) 协议为重点，通过从 70 多个域（网站）收集数据来执行不同的基于机器学习的指纹识别攻击，以了解 TLS 协议中信息泄漏的发生方式和位置。然后，通过使用机器学习社区开发的解释技术，并使用我们的框架，我们找到了 TLS 协议中最易受攻击的信息字段。我们的研究结果表明，TLS 握手（主要是未加密的）、TLS 记录长度出现在 TLS 应用程序数据头中，以及初始化向量 (IV) 字段分别是该协议中最关键的泄密部分。