Conditions préalables
Use of untrusted communication paths enables an attacker to intercept and log communications, including metadata such as packet timing and sizes.
Compétences requises
These attacks generally require sophisticated machine learning techniques and require traffic capture as a prerequisite.
Atténuations
Distort packet sizes and timing at VPN layer by adding padding to normalize packet sizes and timing delays to reduce information leakage via timing.
Faiblesses connexes
CWE-ID |
Nom de la faiblesse |
|
Insertion of Sensitive Information Into Sent Data The code transmits data to another actor, but a portion of the data includes sensitive information that should not be accessible to that actor. |
Soumission
Nom |
Organisation |
Date |
Date de publication |
CAPEC Content Team |
The MITRE Corporation |
2015-11-09 +00:00 |
|
Modifications
Nom |
Organisation |
Date |
Commentaire |
CAPEC Content Team |
The MITRE Corporation |
2018-07-31 +00:00 |
Updated Attack_Motivation-Consequences |