LINE封包特徵分析預測使用者網路活動

Profile User Activity through LINE Encrypted Traffic

陳詰昌(Jay-chang Chen)

加密封包分析 ； LINE ； 通訊監察 ； Encrypted Traffic ； LINE ； Telecommunication Surveillance

資訊安全通訊

23卷3期（2017 / 07 / 01）

37 - 48

繁體中文

過去網路犯罪偵查，常對涉嫌對象進行通訊監察蒐證，由於隱私權及安全性意識，幾乎所有網路通訊均以SSL/TLS 或其他方式進行加密傳送，對於釐清犯罪事實造成相當大衝擊。在智慧型手機普及化後，即時通訊軟體已漸漸取代傳統話務，通訊種類愈來愈多元，不但可以進行語音視訊通話、文字訊息傳送，亦可傳送圖片、影像及各類檔案。本文針對通訊軟體LINE 為主題，以深度封包檢測概念應用於智慧型手機加密封包，首先以簡易方式取出LINE 傳送之封包後，去除掉無效封包，下一步再針對使用者網路行為常見之文字訊息傳送接收、語音通話、圖片影音傳送等行為進行分析，試圖找出各類網路行為之特徵，並將此特徵應用以Wireshark 過濾語法呈現，使偵查人員易於分析及判斷通訊監察封包內容，指引偵辦方向。

Smart Phone and 4G Network are popular today. Many criminals use instant message application as a communication tools. LINE is the most popular instant message application in Taiwan. Telecommunication surveillance is ineffective for encrypted traffic. We setup a control environment to capture the traffic of smart phone, and filter all the packets related to LINE. It is helpful for law enforcement to extract some information from encrypted traffic.

1. Coull, S. E.,Dyer, K. P.(2014).Traffic Analysis of Encrypted Messaging Services: Apple iMessage and Beyond.ACM SIGCOMM Computer Communication Review,44(5),5-11.
2. Kabakus, A. T.,Kara, R.(2015).Survey of Instant Messaging Applications Encryption Methods.European Journal of Science and Technology,2(4),112-117.
3. Park, K.,Kim, H.(2015).Encryption Is Not Enough: Inferring user activities on kakaoTalk with traffic analysis.WISA 2015 Revised Selected Papers of the 16th International Workshop on Information Security Applications
4. Sherry, J.,Lan, C.,Popa, R. A.,Ratnasamy, S.(2015).BlindBox: Deep Packet Inspection over Encrypted Traffic.Proceedings of the 2015 ACM Conference on Special Interest Group on Data Communication
5. Taylor, V. F.,Spolaor, R.,Conti, M.,Martinovic, I.(2016).AppScanner: Automatic Fingerprinting of Smartphone Apps From Encrypted Network Traffic.IEEE European Symposium on Security and Privacy
6. Taylor, V. F.,Spolaor, R.,Conti, M.,Martinvic, I.(2018).Robust Smartphone App Identification Via Encrypted Network Traffic Analysis.IEEE Transactions on Information Forensics and Security,13(1),63-78.
7. Velan, P.,Čermák, M.,Čeleda, P.,Drašar, M.(2015).A Survey of Methods for Encrypted Traffic Classification and Analysis.Int. J. Network Mgmt,25,355-374.
8. Walnycky, D.,Baggili, L.,Marrington, A.,Moore, J.,Breitinger, F.(2015).Network and device forensic analysis of Android social-message applications.Digital Investigation,14,77-84.
9. Zhang, F.,He, W.,Liu, X.,Bridges, P. G.(2011).Inferring Users' Online Activities Through Traffic Analysis.Proceedings of the 4th ACM Conference on Wireless Network Security
10. 王傑民、伍立鈞、李泓暐、吳育松(2014)。LINE 即時通訊軟體之通訊協定與安全性分析。第24屆全國資訊安全會議

1. 樊祖燁,趙麗萍,陳柔伊,徐鳳臨(2022)。客製化服裝設計平台行銷企劃之研究。管理資訊計算，11(1)，15-31。