Encryption is Not Enough: Inferring User Activities on KakaoTalk with Traffic Analysis
نویسندگان
چکیده
Many people started being concerned about their privacy in delivering private chats, photographs, contacts and other personal information through mobile instant messaging services. Fortunately, in the majority of mobile instant messaging services, encrypted communication channels (e.g., using the SSL/TLS protocols) are used by default to protect delivered messages against eavesdropping attacks. In this paper, however, we show that encryption is not enough. For example, in a real world service named KakaoTalk, many users’ online activities can effectively be identified with 99.7% accuracy even though traffic is encrypted. We present a practical traffic analysis attack using a supervised machine learning technique.
منابع مشابه
Your WiFi Is Leaking: Inferring Private User Information Despite Encryption
This thesis describes how wireless networks can inadvertently leak and broadcast users’ personal information despite the correct use of encryption. Users would likely assume that their activities (for example, the program or app they are using) and personal information (including age, religion, sexuality and gender) would remain confidential when using an encrypted network. However, we demonstr...
متن کاملSpying on the Smart Home: Privacy Attacks and Defenses on Encrypted IoT Traffic
The growing market for smart home IoT devices promises new conveniences for consumers while presenting new challenges for preserving privacy within the home. Many smart home devices have always-on sensors that capture users’ offline activities in their living spaces and transmit information about these activities on the Internet. In this paper, we demonstrate that an ISP or other network observ...
متن کاملDetecting Bot Networks Based On HTTP And TLS Traffic Analysis
Abstract— Bot networks are a serious threat to cyber security, whose destructive behavior affects network performance directly. Detecting of infected HTTP communications is a big challenge because infected HTTP connections are clearly merged with other types of HTTP traffic. Cybercriminals prefer to use the web as a communication environment to launch application layer attacks and secretly enga...
متن کاملEvaluation of the Effects of Maintenance and Rehabilitation Projects on Road User Costs via HDM-4 Software
Rapid growth in a number of vehicles on roadways accelerates pavement deterioration trends. Pavement inefficiency in carrying the applied load from passing vehicles results in spending significant costs on continues Maintenance and Rehabilitation (M&R) treatments. Lane closure owing to the implementation of M&R operations incurs enormous costs on road users. The research aimed to calculate, and...
متن کاملHTTPOS: Sealing Information Leaks with Browser-side Obfuscation of Encrypted Flows
Leakage of private information from web applications— even when the traffic is encrypted—is a major security threat to many applications that use HTTP for data delivery. This paper considers the problem of inferring from encrypted HTTP traffic the web sites or web pages visited by a user. Existing browser-side approaches to this problem cannot defend against more advanced attacks, and serversid...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2015