Many people started being concerned about their privacy in delivering private chats, photographs, contacts and other personal information through mobile instant messaging services. Fortunately, in the majority of mobile instant messaging services, encrypted communication channels (e.g., using the SSL/TLS protocols) are used by default to protect delivered messages against eavesdropping attacks. In this paper, however, we show that encryption is not enough. For example, in a real world service named KakaoTalk, many users’ online activities can effectively be identified with 99.7% accuracy even though traffic is encrypted. We present a practical traffic analysis attack using a supervised machine learning technique.
CITATION STYLE
Park, K., & Kim, H. (2016). Encryption is not enough: Inferring user activities on KakaoTalk with traffic analysis. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 9503, pp. 254–265). Springer Verlag. https://doi.org/10.1007/978-3-319-31875-2_21
Mendeley helps you to discover research relevant for your work.