CAPEC-621: Analysis of Packet Timing and Sizes

Detailed Draft 严重程度: Low

CAPEC版本: 3.9

更新日期: 2023-01-24

攻击模式描述

An attacker may intercept and log encrypted transmissions for the purpose of analyzing metadata such as packet timing and sizes. Although the actual data may be encrypted, this metadata may reveal valuable information to an attacker. Note that this attack is applicable to VOIP data as well as application data, especially for interactive apps that require precise timing and low-latency (e.g. thin-clients).

前提条件

Use of untrusted communication paths enables an attacker to intercept and log communications, including metadata such as packet timing and sizes.

所需技能

High These attacks generally require sophisticated machine learning techniques and require traffic capture as a prerequisite.

后果影响

影响范围: Confidentiality

技术影响: Read Data

说明: Derive sensitive information about encrypted data.

缓解措施

Distort packet sizes and timing at VPN layer by adding padding to normalize packet sizes and timing delays to reduce information leakage via timing.

关键信息

CAPEC ID: CAPEC-621

抽象级别: Detailed

状态: Draft

典型严重程度: Low

CAPEC-621: Analysis of Packet Timing and Sizes

攻击模式描述

前提条件

所需技能

后果影响

缓解措施

关键信息

相关攻击模式

相关CWE弱点

CAPEC-621: Analysis of Packet Timing and Sizes

攻击模式描述

前提条件

所需技能

后果影响

缓解措施

关键信息

相关攻击模式

ChildOf CAPEC-189

相关CWE弱点