Verifying identity via keystroke characteristics
International Journal of Man-Machine Studies
Identity authentication based on keystroke latencies
Communications of the ACM
Computer-Access Security Systems Using Keystroke Dynamics
IEEE Transactions on Pattern Analysis and Machine Intelligence
ACM SIGCOMM Computer Communication Review
Artificial intelligence: a modern approach
Artificial intelligence: a modern approach
The official PGP user's guide
Authentication via keystroke dynamics
Proceedings of the 4th ACM conference on Computer and communications security
Password hardening based on keystroke dynamics
CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
SSH: secure login connections over the internet
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
Computer user verification using login string keystroke dynamics
IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans
Authenticated encryption in SSH: provably fixing the SSH binary packet protocol
Proceedings of the 9th ACM conference on Computer and communications security
ACM Transactions on Information and System Security (TISSEC)
Typing Patterns: A Key to User Identification
IEEE Security and Privacy
Information flow in hybrid systems
ACM Transactions on Embedded Computing Systems (TECS)
HMM profiles for network traffic classification
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
Using visual motifs to classify encrypted traffic
Proceedings of the 3rd international workshop on Visualization for computer security
A natural language approach to automated cryptanalysis of two-time pads
Proceedings of the 13th ACM conference on Computer and communications security
Dictionary attacks using keyboard acoustic emanations
Proceedings of the 13th ACM conference on Computer and communications security
Fundamenta Informaticae - SPECIAL ISSUE ON CONCURRENCY SPECIFICATION AND PROGRAMMING (CS&P 2005) Ruciane-Nide, Poland, 28-30 September 2005
On Inferring Application Protocol Behaviors in Encrypted Network Traffic
The Journal of Machine Learning Research
When Cryptographers Turn Lead into Gold
IEEE Security and Privacy
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Reducing shoulder-surfing by using gaze-based password entry
Proceedings of the 3rd symposium on Usable privacy and security
Proceedings of the 13th annual ACM international conference on Mobile computing and networking
Proceedings of the 9th workshop on Multimedia & security
Language identification of encrypted VoIP traffic: Alejandra y Roberto or Alice and Bob?
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Observation Based System Security
Fundamenta Informaticae - Special Issue on Concurrency Specification and Programming (CS&P)
Improving wireless privacy with an identifier-free link layer protocol
Proceedings of the 6th international conference on Mobile systems, applications, and services
Performance Analysis of Real Traffic Carried with Encrypted Cover Flows
Proceedings of the 22nd Workshop on Principles of Advanced and Distributed Simulation
Software—Practice & Experience
Opportunities and Limits of Remote Timing Attacks
ACM Transactions on Information and System Security (TISSEC)
Deconstructing new cache designs for thwarting software cache-based side channel attacks
Proceedings of the 2nd ACM workshop on Computer security architectures
Probabilistic Information Flow Security
Fundamenta Informaticae - Concurrency Specification and Programming (CS&P)
Security in a Model for Long-running Transactions
Fundamenta Informaticae - Concurrency Specification and Programming (CS&P)
Putting Trojans on the Horns of a Dilemma: Redundancy for Information Theft Detection
Transactions on Computational Science IV
Performing traffic analysis on a wireless identifier-free link layer
The Fifth Richard Tapia Celebration of Diversity in Computing Conference: Intellect, Initiatives, Insight, and Innovations
Games for extracting randomness
Proceedings of the 5th Symposium on Usable Privacy and Security
Keyboard acoustic emanations revisited
ACM Transactions on Information and System Security (TISSEC)
Physical Layer Attacks on Unlinkability in Wireless LANs
PETS '09 Proceedings of the 9th International Symposium on Privacy Enhancing Technologies
Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds
Proceedings of the 16th ACM conference on Computer and communications security
Providing data confidentiality against malicious hosts in Shared Data Spaces
Science of Computer Programming
Information-flow attacks based on limited observations
PSI'06 Proceedings of the 6th international Andrei Ershov memorial conference on Perspectives of systems informatics
Early recognition of encrypted applications
PAM'07 Proceedings of the 8th international conference on Passive and active network measurement
Fingerprinting websites using traffic analysis
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
COORDINATION'08 Proceedings of the 10th international conference on Coordination models and languages
Secure transaction protocol analysis: models and applications
Secure transaction protocol analysis: models and applications
Traffic classification using visual motifs: an empirical evaluation
Proceedings of the Seventh International Symposium on Visualization for Cyber Security
Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research
Compromising electromagnetic emanations of wired and wireless keyboards
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Peeping tom in the neighborhood: keystroke eavesdropping on multi-user systems
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Proceedings of the 17th ACM conference on Computer and communications security
Timing attacks on PIN input devices
Proceedings of the 17th ACM conference on Computer and communications security
Fingerprinting websites using remote traffic analysis
Proceedings of the 17th ACM conference on Computer and communications security
Determinating timing channels in compute clouds
Proceedings of the 2010 ACM workshop on Cloud computing security workshop
Uncovering Spoken Phrases in Encrypted Voice over IP Conversations
ACM Transactions on Information and System Security (TISSEC)
Website fingerprinting and identification using ordered feature sequences
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
gPath: a game-theoretic path selection algorithm to protect Tor's anonymity
GameSec'10 Proceedings of the First international conference on Decision and game theory for security
Video streaming forensic - content identification with traffic snooping
ISC'10 Proceedings of the 13th international conference on Information security
On privacy leakage through silence suppression
ISC'10 Proceedings of the 13th international conference on Information security
Application-level reconnaissance: timing channel attacks against antivirus software
LEET'11 Proceedings of the 4th USENIX conference on Large-scale exploits and emergent threats
Traffic analysis attacks on Skype VoIP calls
Computer Communications
Inferring users' online activities through traffic analysis
Proceedings of the fourth ACM conference on Wireless network security
Crypt analysis of two time pads in case of compressed speech
Computers and Electrical Engineering
Timing attacks on PIN input in VoIP networks
DIMVA'11 Proceedings of the 8th international conference on Detection of intrusions and malware, and vulnerability assessment
TouchLogger: inferring keystrokes on touch screen from smartphone motion
HotSec'11 Proceedings of the 6th USENIX conference on Hot topics in security
Using global knowledge of users' typing traits to attack keystroke biometrics templates
Proceedings of the thirteenth ACM multimedia workshop on Multimedia and security
Empirical and theoretical evaluation of active probing attacks and their countermeasures
IH'04 Proceedings of the 6th international conference on Information Hiding
Computer Networks: The International Journal of Computer and Telecommunications Networking
On flow correlation attacks and countermeasures in mix networks
PET'04 Proceedings of the 4th international conference on Privacy Enhancing Technologies
SAS: a scalar anonymous communication system
ICCNMC'05 Proceedings of the Third international conference on Networking and Mobile Computing
Language modeling and encryption on packet switched networks
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Private communication detection: a stochastic approach
Proceedings of the fifth ACM conference on Security and Privacy in Wireless and Mobile Networks
Cloud terminal: secure access to sensitive applications from untrusted systems
USENIX ATC'12 Proceedings of the 2012 USENIX conference on Annual Technical Conference
Website detection using remote traffic analysis
PETS'12 Proceedings of the 12th international conference on Privacy Enhancing Technologies
Probabilistic Information Flow Security
Fundamenta Informaticae - Concurrency Specification and Programming (CS&P)
Security in a Model for Long-running Transactions
Fundamenta Informaticae - Concurrency Specification and Programming (CS&P)
Observation Based System Security
Fundamenta Informaticae - Special Issue on Concurrency Specification and Programming (CS&P)
On the practicality of motion based keystroke inference attack
TRUST'12 Proceedings of the 5th international conference on Trust and Trustworthy Computing
A new cell-counting-based attack against Tor
IEEE/ACM Transactions on Networking (TON)
Fundamenta Informaticae - SPECIAL ISSUE ON CONCURRENCY SPECIFICATION AND PROGRAMMING (CS&P 2005) Ruciane-Nide, Poland, 28-30 September 2005
Collaborative TCP sequence number inference attack: how to crack sequence number under a second
Proceedings of the 2012 ACM conference on Computer and communications security
Scriptless attacks: stealing the pie without touching the sill
Proceedings of the 2012 ACM conference on Computer and communications security
Practicality of accelerometer side channels on smartphones
Proceedings of the 28th Annual Computer Security Applications Conference
Designing leakage-resilient password entry on touchscreen mobile devices
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
Implementing side-channel attacks on suggest boxes in web applications
Proceedings of the First International Conference on Security of Internet of Things
DriverGuard: Virtualization-Based Fine-Grained Protection on I/O Flows
ACM Transactions on Information and System Security (TISSEC)
MinimaLT: minimal-latency networking through better security
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Examining a Large Keystroke Biometrics Dataset for Statistical-Attack Openings
ACM Transactions on Information and System Security (TISSEC)
Keystroke timing analysis of on-the-fly web apps
ACNS'13 Proceedings of the 11th international conference on Applied Cryptography and Network Security
Keystroke biometrics: the user perspective
Proceedings of the 4th ACM conference on Data and application security and privacy
ipShield: a framework for enforcing context-aware privacy
NSDI'14 Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation
| Hi-index | 0.00 |
SSH is designed to provide a secure channel between two hosts. Despite the encryption and authentication mechanisms it uses, SSH has two weakness: First, the transmitted packets are padded only to an eight-byte boundary (if a block cipher is in use), which reveals the approximate size of the original data. Second, in interactive mode, every individual keystroke that a user types is sent to the remote machine in a separate IP packet immediately after the key is pressed, which leaks the interkeystroke timing information of users' typing. In this paper, we show how these seemingly minor weaknesses result in serious security risks. First we show that even very simple statistical techniques suffice to reveal sensitive information such as the length of users' passwords or even root passwords. More importantly, we further show that by using more advanced statistical techniques on timing information collected from the network, the eavesdropper can learn significant information about what users type in SSH sessions. In particular, we perform a statistical study of users' typing patterns and show that these patterns reveal information about the keys typed. By developing a Hidden Markov Model and our key sequence prediction algorithm, we can predict key sequences from the interkeystroke timings. We further develop an attacker system, Herbivore, which tries to learn users' passwords by monitoring SSH sessions. By collecting timing information on the network, Herbivore can speed up exhaustive search for passwords by a factor of 50. We also propose some countermeasures. In general our results apply not only to SSH, but also to a general class of protocols for encrypting interactive traffic. We show that timing leaks open a new set of security risks, and hence caution must be taken when designing this type of protocol