Instance Based Learning Model for Timing Analysis of Keystrokes to Perform Timing Attacks on the Secure Shell Protocol

Authors

  • Ajayi E. Akinyemi Department of Computer Science Federal Polytechnic,Idah Kogi State
  • Durojaye D. Samson Kogi State University, Anyigba, Kogi State
  • F. M. Dahunsi Department of Computer Science Federal University of Technology, Akure,Ondo State
  • B. K. Alese Department of Computer Science Federal University of Technology, Akure,Ondo State

Keywords:

Secure Shell, Authentication, Encrypting Key., Key strokes

Abstract

The research present Instance Based Learning Model for timing analysis of keystrokes to perform timing attacks on the Secure Shell protocol. SSH is designed to provide a secure channel between two hosts. Despite the encryption and authentication mechanisms it uses, SSH has two weakness: First, the transmitted packets are padded only to an eight-byte boundary (if a block cipher is in use), which reveals the approximate size of the original data. Second, in interactive mode, every individual keystroke that a user types is sent to the remote machine in a separate IP packet immediately after the key is pressed, which leaks the inter-keystroke timing information of users’ typing. The research shows how these seemingly minor weaknesses result in serious security risks. The research picks up the ideas of Song et al.(2001) and show that there are problems with their practicability today. The research implements a countermeasure against timing attacks which it analyses and then shows a possibility to handle it. The research also presents a method to collect keystroke timing characteristics from users silently. Evaluation of Instance based learning and Hidden Markov Model was done to show how effective an Instance based learning model can handle timing analysis of keystrokes and timing attacks on secure shell.

References

. Ahmad S. and Christian W. (2004): Network Security II - Secure Shell, Ruhr-Universitat Bochum.

. David et al (2007): Remote Timing Attacks are Practical Proceedings of the 12th USENIX Security Symposium.

. David et al (2002): Timing Analysis of Keystrokes and Timing Attacks on SSH*11th USENIX Security Symposium.Edward et al (2005): Timing Attacks on Web Privacy

. Michael et al (2001): Analysis of the Feasibility of Keystroke Timing Attacks over SSH Connections, Research Project at University of Virginia.

. Michael L. and Yonit S.(2001):Keystrokes Attack on SSH, Final Project Report at Technion IIT.Moheeb et al (2005) :Worm Evolution Tracking via Timing Analysis, In Proceedings of the 6th ACMConference on Computer and Communications Security Alexandria, Virginia, USA.

. Noack et al(2007):Timing Analysis of Keystrokes and Timing Attacks on SSHRevisited, seminar work atthe Chair for Network and Data Security, WS06/07.

. Song et al (2001): Timing Analysis of Keystrokes and Timing Attacks on SSH10th USENIX Security Symposium.

. Solar and Song (2001): Passive Analysis of SSH (Secure Shell)Traffic,

. www.securiteam.com/securitynews/5KPOOOA3PU.html posted on March 2001. Retrieved on 25, August 2010.

. Trostle (1998):Timing Attacks against Trusted Path, IEEE Symposium Proceedings, Oakland, USA.

. Yigael et al (2006):Dictionary Attacks Using Keyboard Acoustic Emanations.

. XiaoFeng and Kehuan (2005): Peeping Tom in the Neighbourhood: “Keystroke Eavesdroppingon Multi-User Systemsâ€.

. Gagliardi, F (2011). "Instance-based classifiers applied to medical databases: Diagnosis and knowledge

extraction". Artificial Intelligence in Medicine 52 (3): 123-

doi:10.1016/j.artmed.2011.04.002. http://dx.doi.org/10.1016.artmed.2011.04.002

Downloads

Published

2013-12-13

How to Cite

Akinyemi, A. E., Samson, D. D., Dahunsi, F. M., & Alese, B. K. (2013). Instance Based Learning Model for Timing Analysis of Keystrokes to Perform Timing Attacks on the Secure Shell Protocol. Asian Journal of Computer and Information Systems, 1(4). Retrieved from https://ajouronline.com/index.php/AJCIS/article/view/577

Issue

Vol. 1 No. 4 (2013): December 2013

Section

Articles

License

  • Papers must be submitted on the understanding that they have not been published elsewhere (except in the form of an abstract or as part of a published lecture, review, or thesis) and are not currently under consideration by another journal published by any other publisher.
  • It is also the authors responsibility to ensure that the articles emanating from a particular source are submitted with the necessary approval.
  • The authors warrant that the paper is original and that he/she is the author of the paper, except for material that is clearly identified as to its original source, with permission notices from the copyright owners where required.
  • The authors ensure that all the references carefully and they are accurate in the text as well as in the list of references (and vice versa).
  • Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Attribution-NonCommercial 4.0 International that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
  • Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
  • Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
  • The journal/publisher is not responsible for subsequent uses of the work. It is the author's responsibility to bring an infringement action if so desired by the author.