Abstract

WhatsApp messenger is a popular instant messaging application that employs end-to-end encryption for communication. WhatsApp Web is the browser-based implementation of WhatsApp messenger. Users of WhatsApp communicate securely using SSL protocol. Encryption and use of common port for communication by multiple applications poses challenge in traffic classification for application identification. It is highly needed to analyze the network traffic for the purpose of QoS, Intrusion Detection and application specific traffic classification. In this paper, we have done traffic analysis on the network packets captured through data transfer in whatsApp web. In the result, we have explored the user activities such as message texting, contact sharing, voice message, location sharing, media transfer and status viewing. Packet level traffic analysis of user activities reveal patterns in the encrypted SSL communication. This pattern is identified across SSL packet lengths for WhatsApp media transfer and voice message communication. Other important features WhatsApp is the ability to view the status of the message being sent. We have identified the read and unread message status in these data packets by exposing signatures in the network layer. These signatures are identified with the help of the SSL lengths in the TLS header information of WhatsApp Web network traffic traces. Various other information on WhatsApp traffic presented in our study is relevant to the version of WhatsApp Web v0.3.2386. Also in this work machine learning based classifier is trained to classify the encrypted malicious, normal network traffic. From the results it is clear that SVM classifier gives the highest accuracy of 0.9666.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.