CHARACTERIZING INFORMATION LEAKAGE FROM USER DEFINED INPUT EVENTS
dc.contributor.advisor | Monaco, John | |
dc.contributor.author | Burns, John P. | |
dc.contributor.department | Computer Science (CS) | |
dc.contributor.secondreader | Huffmire, Theodore D. | |
dc.date.accessioned | 2020-08-21T00:25:16Z | |
dc.date.available | 2020-08-21T00:25:16Z | |
dc.date.issued | 2020-06 | |
dc.description.abstract | Computer operators cannot comprehend the amount of identifying information that a single machine regularly broadcasts over the internet. These seemingly benign bits of information have the ability to create unintended and irreparable security and privacy consequences, such as the ability to remotely profile and fingerprint devices. In this work, we explore the privacy implications of keyboard event timestamps recorded in a web browser. We use time controlled keyboard inputs to characterize information leakage from a host computer connect to the internet. The study takes the user out of the picture and focuses on the hardware. This area of focus is significant because keyboard timestamps are not guarded by permissions and remain ubiquitous across devices connected to the internet. Timestamp analysis betrays a non-trivial amount of information about the host machine. This study characterizes this passive leakage in the examination and testing of nine typical personal computers. The results yielded 100% accuracy in operating system profiling and finds that seemingly identical computers can be fingerprinted with almost 90% accuracy. | en_US |
dc.description.distributionstatement | Approved for public release. distribution is unlimited | en_US |
dc.description.service | Lieutenant, United States Navy | en_US |
dc.identifier.thesisid | 34528 | |
dc.identifier.uri | https://hdl.handle.net/10945/65480 | |
dc.publisher | Monterey, CA; Naval Postgraduate School | en_US |
dc.rights | This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States. | en_US |
dc.subject.author | keyboard | en_US |
dc.subject.author | clock skew | en_US |
dc.subject.author | security | en_US |
dc.subject.author | privacy | en_US |
dc.title | CHARACTERIZING INFORMATION LEAKAGE FROM USER DEFINED INPUT EVENTS | en_US |
dc.type | Thesis | en_US |
dspace.entity.type | Publication | |
etd.thesisdegree.discipline | Computer Science | en_US |
etd.thesisdegree.grantor | Naval Postgraduate School | en_US |
etd.thesisdegree.level | Masters | en_US |
etd.thesisdegree.name | Master of Science in Computer Science | en_US |
Files
Original bundle
1 - 1 of 1