Instant Message Traffic Meta-Data and Its Susceptibility to Traffic Analysis
Abstract
Instant Message (IM) applications are commonly used by both civilian and DOD personnel for bothcommunication and collaboration. The web-based variants of these applications generally ride encryptedchannels for message security. However, these channels may be vulnerable to keystroke timing attackswhereby textual content is determined by the timing of network traffic induced by keyboard events. Anexample of this induced traffic is the activity notifications common to many of these platforms, indicatingwhen a conversant begins typing. Our aim is to determine whether the network traffic that carries thismetadata enables recovering portions of the message or leaks information about the senders identity. Usinga combination of network packet capture analysis and local keystroke logging, we characterize trafficpatterns of three widely used web-based IM platforms: Facebook Messaging, Google Hangouts, and InternetRelay Chat (IRC) through the Kiwi IRC web client.
Document Details
- Document Type
- Technical Report
- Publication Date
- Jun 01, 2020
- Accession Number
- AD1114735
Entities
People
- Alexander Arnell
- Cassondra C. Bullock
- Jeana M. Verkempinck
Organizations
- Naval Postgraduate School