CAPEC-621: Analysis of Packet Timing and Sizes
ID
CAPEC-621
Typical Severity
Low
Status
Draft
An attacker may intercept and log encrypted transmissions for the purpose of analyzing metadata such as packet timing and sizes. Although the actual data may be encrypted, this metadata may reveal valuable information to an attacker. Note that this attack is applicable to VOIP data as well as application data, especially for interactive apps that require precise timing and low-latency (e.g. thin-clients).
Weaknesses
# ID | Name | Type |
---|---|---|
CWE-201 | Insertion of Sensitive Information Into Sent Data | weakness |