INSTANT MESSAGE TRAFFIC META-DATA AND ITS SUSCEPTIBILITY TO TRAFFIC ANALYSIS
Author
Verkempinck, Jeana M.
Arnell, Alexander
Bullock, Cassondra C.
Date
2020-06Advisor
Monaco, John
Second Reader
Beverly, Robert
Metadata
Show full item recordAbstract
Instant Message (IM) applications are commonly used by both civilian and DoD personnel for both communication and collaboration. The web-based variants of these applications generally ride encrypted channels for message security. However, these channels may be vulnerable to keystroke timing attacks whereby textual content is determined by the timing of network traffic induced by keyboard events. An example of this induced traffic is the activity notifications common to many of these platforms, indicating when a conversant begins typing. Our aim is to determine whether the network traffic that carries this metadata enables recovering portions of the message or leaks information about the sender's identity. Using a combination of network packet capture analysis and local keystroke logging, we characterize traffic patterns of three widely used web-based IM platforms: Facebook Messaging, Google Hangouts, and Internet Relay Chat (IRC) through the Kiwi IRC web client.
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.Collections
Related items
Showing items related by title, author, creator and subject.
-
GPS ephemeris message broadcast simulation
James J. Light. (Monterey California. Naval Postgraduate School, 2005-09);The warfighter constantly needs increased accuracy from GPS and a means to increasing this accuracy to the decimeter level is a broadcast ephemeris message containing GPS satellite orbit and clock corrections. The ephemeris ... -
Cyber System Assurance through Improved Network Anomaly Modeling and Detection
Bollmann, Chad A. (Monterey, California: Naval Postgraduate SchoolMonterey, California. Naval Postgraduate School, 2019-12); NPS-19-N039-AThe objectives of this work were to investigate the source of the dual natures of network traffic (i.e., Gaussian and alpha-stable) in order prove the merit of further development, improvement, and application of non-parametric ... -
Cyber System Assurance through Improved Network Anomaly Modeling and Detection
Bollmann, Chad A. (Monterey, California: Naval Postgraduate SchoolMonterey, California. Naval Postgraduate School, 2019-12); NPS-19-N039-AThe objectives of this work were to investigate the source of the dual natures of network traffic (i.e., Gaussian and alpha-stable) in order prove the merit of further development, improvement, and application of non-parametric ...