You Are Here: Home » Industry News » HTTPS Makes Data Vulnerable to Prying Eyes

HTTPS Makes Data Vulnerable to Prying Eyes

HTTPS Makes Data Vulnerable to Prying EyesHTTPS secured websites are vulnerable to traffic analysis that can expose legal, financial and even health information, a recent security survey shows.

UC Berkeley researchers have found a way to identify web pages in someone’s traffic using their own methodology after analyzing 463,125 page loads collected from 10 websites in December 2013 and January 2014. The traffic analysis identified individual pages in the same website with 89% accuracy.

“Our attack applies clustering techniques to identify patterns in traffic. We then use a Gaussian distribution to determine similarity to each cluster and map traffic samples into a fixed width representation compatible with a wide range of machine learning techniques,” the researchers said.

Attackers can use this surveillance method to mine customer data for advertising purposes, block services for users suspected of accessing banned sites or monitor employees’ personal and corporate traffic.

To spot traffic patterns, the hacker needs to access the same websites as his victim and to be able to observe incoming traffic, to match it with the recognized patterns.

“While the use of HTTPS alleviates the privacy risks associated with sending data over untrusted networks, attackers and researchers alike are trying to poke holes in the encryption protocol or workarounds to decipher traffic,” Bogdan Botezatu, Senior E-Threat Analyst at Bitdefender says. “But this research shows that decryption of traffic is not necessary for information gathering; matching the encrypted traffic pattern with specific known information would suffice. Think of a rainbow table for information.”

About The Author

Content Specialist

Alexandra started writing about IT at the dawn of the decade – when an iPad was an eye-injury patch, we were minus Google+ and we all had Jobs. She has since wielded her background in PR and marketing communications to translate binary code to colorful stories that have been known to wear out readers’ mouse scrolls. Alexandra is also a social media enthusiast who `likes’ only what she likes and LOLs only when she laughs out loud.

Number of Entries : 61

Leave a Comment

© 2012 Powered By Bitdefender

x
Loading...
Scroll to top