Homework #10 - Inferring Activity - Due Wednesday Sep 28, 11PM

Turn in this assignment via email (vern@berkeley.edu) by the due date, with the term Homework in the Subject.

Read the paper Timing Analysis of Keystrokes and Timing Attacks on SSH, Dawn Song, David Wagner, Xuqing Tian, USENIX Security 2001

Briefly write up your views of:

  1. What are the main contributions of this paper?

  2. What parts of the paper do you find unclear? (optional)

  3. What parts of the paper are questionable? (That is, you think a conclusion may be wrong, an approach or evaluation technically flawed, or data ill-presented.)

  4. Propose some form of inferring activity (it needn't rely upon timing) by which you might plausibly be able to infer a particular property of network activity that is not directly manifest. Your approach should exploit some form of non-obvious connection between an observable property and the activity of interest. Sketch how you might acquire data to test whether your approach could work in practice, including the issue of obtaining or approximating/bootstrapping ground truth.

    Do not draw upon any external resources for this assignment, as part of the point of the exercise is to work through the initial brainstorming process about how to identify inference opportunities.