Examining Potential Threats of Eavesdropping in TCP Stream of Personal Interactive Transmission Session
DOI:
https://doi.org/10.31436/ijpcc.v10i1.461Keywords:
Personal Interactive Transmission Session, Eavesdropping, TCP Stream, Security threatsAbstract
This study establishes that Personal Interactive Transmission Sessions conducted using TCP streams provide exceptional convenience and immediacy. However, they also provide noteworthy challenges and considerations, especially in terms of security, integrity, and performance. This study investigates the security weaknesses present in potential eavesdropping threats on TCP Streams during personal interactive transmission sessions. An experimental analysis was carried out, by doing a comprehensive analysis of network traffic using Wireshark. The investigation reveals a notable vulnerability in the management of user-provided data, together with the possible risks of eavesdropping, emphasizing the urgent need for enhanced security measures. The findings underscore the need of proactive cybersecurity strategies, such as frequent security audits, vulnerability assessments, and the implementation of robust encryption methods, to safeguard user privacy and ensure data integrity. To enhance risk mitigation, data protection, and user confidence in the digital environment, organizations should prioritize addressing potential eavesdropping threats during transmission sessions that involve sensitive personal data.
References
J. Mehra. Web Personalization Using Web Session for Web Usage Mining. In2nd International Conference on Data, Engineering and Applications (IDEA) 2020, 28 (pp. 1-5).
A. Følstad, C. Taylor. Investigating the user experience of customer service chatbot interaction: a framework for qualitative analysis of chatbot dialogues. Quality and User Experience. 2021 Dec;6(1):6.
R. Shah, S. Correia S. Encryption of data over HTTP (hypertext transfer protocol)/HTTPS (hypertext transfer protocol secure) requests for secure data transfers over the internet. In2021 International Conference on Recent Trends on Electronics, Information, Communication & Technology (RTEICT) 2021, 27 (pp. 587-590).
A. Court, H. Alamleh . Multi-path Data Transmission to Protect Data in Transit. In2023 IEEE International Conference on Consumer Electronics (ICCE) 2023, 6 (pp. 1-6).
A. Agrawal, A. Bhatia, A. Bahuguna, K. Tiwari, K. Haribabu, D. Vishwakarma, R. Kaushik. A survey on analyzing encrypted network traffic of mobile devices. International Journal of Information Security. 2022 Aug;21(4):873-915.
D.I. Elewaily, H.A. Ali, A.I. Saleh, M.M. Abdelsalam. Delay/Disruption-Tolerant Networking-based the Integrated Deep-Space Relay Network: State-of-the-Art. Ad Hoc Networks. 2024 Jan 1;152:103307.
F.F. Ashrif, E.A. Sundararajan, R. Ahmad, M.K. Hasan, E. Yadegaridehkordi. Survey on the authentication and key agreement of 6LoWPAN: Open issues and future direction. Journal of Network and Computer Applications. 2023 Oct 8:103759.
J. Ruohonen. The Similarities of Software Vulnerabilities for Interpreted Programming Languages. In2021 IEEE International Conference on Progress in Informatics and Computing (PIC) 2021, 17 (pp. 304-307).
W. Fraczek, W. Mazurczyk, K. Szczypiorski. Stream control transmission protocol steganography. In2010 International Conference on Multimedia Information Networking and Security 2010 Nov 4 (pp. 829-834)..
S.K. Ghosh, A. Das, S.C. Ghosh, N. Das. Anti-eavesdropping Proportional Fairness Access Control for 5G Networks. InQuality, Reliability, Security and Robustness in Heterogeneous Systems: 17th EAI International Conference, QShine 2021, Virtual Event, November 29–30, 2021, Proceedings 17 2021 (pp. 144-158). Springer International Publishing.
Fraczek W, Mazurczyk W, Szczypiorski K. Stream control transmission protocol steganography. In2010 International Conference on Multimedia Information Networking and Security 2010 Nov 4 (pp. 829-834). IEEE.
S.A. Nor, R. Alubady, W.A. Kamil. Simulated performance of TCP, SCTP, DCCP and UDP protocols over 4G network. Procedia computer science. 2017 Jan 1;111:2-7.
H. Nafea K. Kifayat Q. Shi, K.N. Qureshi, B. Askwith B. Efficient non-linear covert channel detection in TCP data streams. IEEE Access. 2019 Dec 25; 8:1680-90.
V. Pevnev., Aleksandr, Frolov., Mikhail, Tsuranov., Heorhii, Zemlianko. Ensuring the Data Integrity in Infocommunication Systems. International Journal of Computing, 21(2) 2022, 228-233.
C. Westlake C, inventor; Cardeasy Ltd, assignee. Accessing information from an internet user's web session. United States patent US 8,775,608. 2014 Jul 8.
V, Tea, H. Huang. A method for establishing an http-ota session between a secure element and an http-ota platform. US Patent App. 16/327,427, 2019.
A. Zúquete, F. Marques. An Architecture to Support the Invocation of Personal Services in Web Interactions. arXiv preprint arXiv:1904.01541. 2019 Apr 2.
A. Avgetidis, O. Alrawi, K. Valakuzhy, C. Lever, P. Burbage, A. Keromytis, F. Monrose, M. Antonakakis. Beyond the gates: An empirical analysis of HTTP-managed password stealers and operators. In32nd USENIX security symposium (USENIX Security 23) 2023.
M.A. Eltokhy, M. Abdel-Hady, A. Haggag, M.A. El-Bendary, H. Ali, T. Hosny. Audio SIMO system based on visible light communication using cavity LEDs. Multimedia Tools and Applications. 2023,10:1-5.
