Presentation is loading. Please wait.

Presentation is loading. Please wait.

Timing Analysis of Keystrokes And Timing Attacks on SSH

Published byHamdani Yuwono Modified over 6 years ago

Similar presentations

Presentation on theme: "Timing Analysis of Keystrokes And Timing Attacks on SSH"— Presentation transcript:

1 Timing Analysis of Keystrokes And Timing Attacks on SSH
Authers:dawn xiaodong song,david wagner xuqing tian publication:usenix security simposium presenter: hiral chhaya for cap 6133

2 Outline…… Secure Shell (SSH) weaknesses
Analysis of user keystroke patterns Attack using inter-keystroke timing Performance evaluation Countermeasures Comments and conclusion

3 Ssh- secured shell Offers an encrypted channel and strong authentication. Replaces telnet, rlogin. protects a network from attacks such as IP spoofing, IP source routing, and DNS spoofing. If attacker tries to takeover the network SSh diconnects.

4 Ssh- secured shell

5 Weeknesses of ssh Two seemingly minor weaknesses: Padding: 1-8 bytes
Reveals approximate data size In interactive mode, every individual keystrokes is sent to remote machine in separate IP packet. Leaks timing information of user’s typing Padding length Random Padding Payload Integrity data (MAC) Packet length

6 Traffic signature attack

7 Traffic signature attack

8 Traffic signature attack

9 Traffic signature attack

10 Traffic signature attack

11 Traffic signature attack

12 Traffic signature attack

13 Traffic signature attack

14 Traffic signature attack

15 Traffic signature attack

16 Traffic signature attack

17 Traffic signature attack

18 Traffic signature attack

19 Traffic signature attack

20 Nested ssh attack User establish SSH session between A and B
Another session from B to C User’s password for C is transmitted across ssh link A-> B Adversary sniff the password

21 Statistical analysis of inter-keystroke timings
Pick a pair of characters, e.g. (“v”, “o”) Ask users to type the pair for times Collect latency information Repeat for every different pair of characters

22

23

24

25 Hidden markov model (hmm)
HMM - A Markov model when the current state can not be observed. Outputs of the process are observed. Probability of output depends only on the state. Information on the prior path of the process can be inferred from it’s output.

26 Hidden markov model (hmm)
Character pair is the hidden state. Keystroke latency measured is the output observation. Two assumptions: Probability of transformation from current state to another state, depends only on the current state. Probability distribution of latency, depends only on the current state q = character pair y = latency observation

27 Big picture Detect SSH session detect nested SSH or SU
A B Sniffer detect nested SSH or SU Keystroke Timing statistics n-Viterbi Possibilities Password

28 countermeasures Let the server return dummy packets when it receives keystroke packets from the client. Let the client randomly delay sending keystroke packets. Let the client send keystroke packets at a constant rate.

29 strengths Novel idea Nice technique Good performance
Interesting findings Countermeasures given

30 weeknesses No mention of how to deal with backspace
No discussion of how different keyboard layouts affect the results Laptop vs desktop Different keyboard layouts in different regions

31 THANK YOU

Download ppt "Timing Analysis of Keystrokes And Timing Attacks on SSH"

Similar presentations

Module X Session Hijacking

Module X Session Hijacking
McGraw-Hill©The McGraw-Hill Companies, Inc., 2000 Ferry Astika Saputra Workshop Administrasi Jaringan TELNET & SSH.

McGraw-Hill©The McGraw-Hill Companies, Inc., 2000 Ferry Astika Saputra Workshop Administrasi Jaringan TELNET & SSH.
HTTP Cookies. CPSC 441 - Application Layer 2 User-server state: cookies Many major Web sites use cookies Four components: 1) cookie header line of HTTP.

HTTP Cookies. CPSC Application Layer 2 User-server state: cookies Many major Web sites use cookies Four components: 1) cookie header line of HTTP.
Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.

Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.
Defending Against Traffic Analysis Attacks in Wireless Sensor Networks Security Team 2009.07.20.

Defending Against Traffic Analysis Attacks in Wireless Sensor Networks Security Team
Suneeta Chawla Web Security Presentation Topic : IP Spoofing Date : 03/24/04.

Suneeta Chawla Web Security Presentation Topic : IP Spoofing Date : 03/24/04.
Hacking Presented By :KUMAR ANAND SINGH 04-243,ETC/2008.

Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.
1 MD5 Cracking One way hash. Used in online passwords and file verification.

1 MD5 Cracking One way hash. Used in online passwords and file verification.
16-1 Last time Internet Application Security and Privacy Authentication Security controls using cryptography Link-layer security: WEP.

16-1 Last time Internet Application Security and Privacy Authentication Security controls using cryptography Link-layer security: WEP.
Traffic Morphing: An Efficient Defense Against Statistical Traffic Analysis Presented by Yang Gao 11/2/2011 Charles V. Wright MIT Lincoln Laboratory Scott.

Traffic Morphing: An Efficient Defense Against Statistical Traffic Analysis Presented by Yang Gao 11/2/2011 Charles V. Wright MIT Lincoln Laboratory Scott.
SSH: An Internet Protocol By Anja Kastl IS 373 - World Wide Web Standards.

SSH: An Internet Protocol By Anja Kastl IS World Wide Web Standards.
Secure Shell Client. SSH program allows you to: Access another computer over a network Execute commands on a remote machine Move files from one machine.

Secure Shell Client. SSH program allows you to: Access another computer over a network Execute commands on a remote machine Move files from one machine.
Secure Shell – SSH Tam Ngo Steve Licking cs265. Overview Introduction Brief History and Background of SSH Differences between SSH-1 and SSH- 2 Brief Overview.

Secure Shell – SSH Tam Ngo Steve Licking cs265. Overview Introduction Brief History and Background of SSH Differences between SSH-1 and SSH- 2 Brief Overview.
WEP Weaknesses Or “What on Earth does this Protect” Roy Werber.

WEP Weaknesses Or “What on Earth does this Protect” Roy Werber.
8-1 Internet security threats Mapping: m before attacking: gather information – find out what services are implemented on network  Use ping to determine.

8-1 Internet security threats Mapping: m before attacking: gather information – find out what services are implemented on network  Use ping to determine.
Telnet/SSH Tim Jansen, Mike Stanislawski. TELNET is short for Terminal Network Enables the establishment of a connection to a remote system, so that the.

Telnet/SSH Tim Jansen, Mike Stanislawski. TELNET is short for Terminal Network Enables the establishment of a connection to a remote system, so that the.
Encapsulation Security Payload Protocol Lan Vu. OUTLINE 1.Introduction and terms 2.ESP Overview 3.ESP Packet Format 4.ESP Fields 5.ESP Modes 6.ESP packet.

Encapsulation Security Payload Protocol Lan Vu. OUTLINE 1.Introduction and terms 2.ESP Overview 3.ESP Packet Format 4.ESP Fields 5.ESP Modes 6.ESP packet.
SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.

SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.
Georgy Melamed Eran Stiller

Georgy Melamed Eran Stiller
COS 420 DAY 24. Agenda Assignment 5 posted Chap 22-26 Due May 4 Final exam will be take home and handed out May 4 and Due May 10 Student evaluations Latest.

COS 420 DAY 24. Agenda Assignment 5 posted Chap Due May 4 Final exam will be take home and handed out May 4 and Due May 10 Student evaluations Latest.

Similar presentations

Ads by Google