From the course: Threat Modeling: Information Disclosure in Depth
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Metadata in motion
From the course: Threat Modeling: Information Disclosure in Depth
Metadata in motion
- [Instructor] The content of communication with malware controlled on example.com is probably interesting, but even if their developer has done their job and encrypted both the channel and the messages, you can learn a lot from the metadata. Let me pause for a minute to say how easy it is to get this wrong. In my original script, I wrote "encrypted the channel and signed the messages," probably because I was thinking about tampering attacks on the channel, but this is a course on information disclosure. We should focus there. Back to the example. The metadata is not just the domain name, but when communication started, how frequent it is, how much data is going in each direction. Each of these can reveal something. Knowing which bank someone uses makes it easier to target them with good phishing emails. Digging in, the size of the packets coming from bank website can reveal which page or user is on, even if the…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.