Traffic Analysis

From Glitchdata
Revision as of 22:20, 19 April 2022 by Jasonchen (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

A Passive Attack on an organisation by monitoring traffic.

This allows a watching threat actor to determine the nature of the flow of traffic between defined hosts, which may allow the threat actor to guess the type of communication taking place without taking an active role.


  • In traffic analysis, which is a passive attack, an intruder determines the nature of the traffic flow between defined hosts and through an analysis of session length, frequency and message length, the intruder is able to guess the type of communication taking place. This typically is used when messages are encrypted, and eavesdropping would not yield any meaningful results.