Tls

Abstract There is no absolute safe disguise, all protocols have risks of detected. Common attack made by middle box Passive analysis (Traffic characteristic, PoC vulnerability) Usually use for plain text protocol or TLS handshake. Active analysis Usually use for Shadowsocks, V2Ray, TLS v1.3 (obtian svers’s SSL certificate) replay package Some obvious charecteristics of proxy traffic. Long connection Most HTTP traffic is short connection. bidireaction flow 99% of Web traffic(HTTP) is one-way flow, which is a group of request match a group of response, few website use websocket. ...