INSTANT MESSAGE TRAFFIC META-DATA AND ITS SUSCEPTIBILITY TO TRAFFIC ANALYSIS
Loading...
Authors
Verkempinck, Jeana M.
Arnell, Alexander
Bullock, Cassondra C.
Subjects
meta-data
chat
Instant Message
vulnerabilities
Facebook
Microsoft Teams
network traffic analysis
covert channels
data exfiltration
chat
Instant Message
vulnerabilities
Microsoft Teams
network traffic analysis
covert channels
data exfiltration
Advisors
Monaco, John
Date of Issue
2020-06
Date
Publisher
Monterey, CA; Naval Postgraduate School
Language
Abstract
Instant Message (IM) applications are commonly used by both civilian and DoD personnel for both communication and collaboration. The web-based variants of these applications generally ride encrypted channels for message security. However, these channels may be vulnerable to keystroke timing attacks whereby textual content is determined by the timing of network traffic induced by keyboard events. An example of this induced traffic is the activity notifications common to many of these platforms, indicating when a conversant begins typing. Our aim is to determine whether the network traffic that carries this metadata enables recovering portions of the message or leaks information about the sender's identity. Using a combination of network packet capture analysis and local keystroke logging, we characterize traffic patterns of three widely used web-based IM platforms: Facebook Messaging, Google Hangouts, and Internet Relay Chat (IRC) through the Kiwi IRC web client.
Type
Thesis
Description
Series/Report No
Department
Information Sciences (IS)
Information Sciences (IS)
Information Sciences (IS)
Organization
Identifiers
NPS Report Number
Sponsors
Funder
Format
Citation
Distribution Statement
Approved for public release. distribution is unlimited
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.