analysis of instant messenger programs celia hung and nathan miller ece 478/578 department of...
TRANSCRIPT
![Page 1: Analysis of Instant Messenger Programs Celia Hung and Nathan Miller ECE 478/578 Department of Electrical Engineering Oregon State University](https://reader035.vdocuments.us/reader035/viewer/2022072010/56649db15503460f94aa0519/html5/thumbnails/1.jpg)
Analysis of Instant Messenger Programs
Celia Hung and Nathan Miller
ECE 478/578Department of Electrical
EngineeringOregon State University
![Page 2: Analysis of Instant Messenger Programs Celia Hung and Nathan Miller ECE 478/578 Department of Electrical Engineering Oregon State University](https://reader035.vdocuments.us/reader035/viewer/2022072010/56649db15503460f94aa0519/html5/thumbnails/2.jpg)
Introduction
• What is it??• Features
– Instant Messaging– IM Images– Voice/Video Chat– Game Request– File Transfer– Application
Sharing/Remote Access
![Page 3: Analysis of Instant Messenger Programs Celia Hung and Nathan Miller ECE 478/578 Department of Electrical Engineering Oregon State University](https://reader035.vdocuments.us/reader035/viewer/2022072010/56649db15503460f94aa0519/html5/thumbnails/3.jpg)
AOL Instant Messenger (AIM)
• 43.6 Million Users• Features
• Instant Messaging• IM Images• Voice Chat• Game Request• File Transfer• File Sharing
• FLAP and OSCAR– Authentication
Protocol
![Page 4: Analysis of Instant Messenger Programs Celia Hung and Nathan Miller ECE 478/578 Department of Electrical Engineering Oregon State University](https://reader035.vdocuments.us/reader035/viewer/2022072010/56649db15503460f94aa0519/html5/thumbnails/4.jpg)
.NET Messenger
• 18.5 Million Users• Features
• Instant Messaging• Voice/Video Chat• Application Sharing• File Transfer• Remote Assistance
• MSNP– Authentication
Protocol
![Page 5: Analysis of Instant Messenger Programs Celia Hung and Nathan Miller ECE 478/578 Department of Electrical Engineering Oregon State University](https://reader035.vdocuments.us/reader035/viewer/2022072010/56649db15503460f94aa0519/html5/thumbnails/5.jpg)
ICQ (I Seek You)
• 7.2 Million Users• Features
• Instant Messaging• Voice/Video Chat• File Transfer• File Sharing
• FLAP and OSCAR– Authentication
Protocol
![Page 6: Analysis of Instant Messenger Programs Celia Hung and Nathan Miller ECE 478/578 Department of Electrical Engineering Oregon State University](https://reader035.vdocuments.us/reader035/viewer/2022072010/56649db15503460f94aa0519/html5/thumbnails/6.jpg)
Yahoo! Messenger
• 11.9 Million Users• Features
• Instant Messaging• IM Images• Voice Chat• Game Request• File Transfer• File Sharing
• YMSG– Authentication
Protocol
![Page 7: Analysis of Instant Messenger Programs Celia Hung and Nathan Miller ECE 478/578 Department of Electrical Engineering Oregon State University](https://reader035.vdocuments.us/reader035/viewer/2022072010/56649db15503460f94aa0519/html5/thumbnails/7.jpg)
Existing Security
• Blocking– Ignoring– Firewall– Company Policy
• Warning• Software
![Page 8: Analysis of Instant Messenger Programs Celia Hung and Nathan Miller ECE 478/578 Department of Electrical Engineering Oregon State University](https://reader035.vdocuments.us/reader035/viewer/2022072010/56649db15503460f94aa0519/html5/thumbnails/8.jpg)
Vulnerabilities
• Worms• Trojan Horses• Hijacking• Denial of Service• Disclosure
![Page 9: Analysis of Instant Messenger Programs Celia Hung and Nathan Miller ECE 478/578 Department of Electrical Engineering Oregon State University](https://reader035.vdocuments.us/reader035/viewer/2022072010/56649db15503460f94aa0519/html5/thumbnails/9.jpg)
Solutions
• Eliminate IM• Stronger
Cryptography/Software
• Trillian
![Page 10: Analysis of Instant Messenger Programs Celia Hung and Nathan Miller ECE 478/578 Department of Electrical Engineering Oregon State University](https://reader035.vdocuments.us/reader035/viewer/2022072010/56649db15503460f94aa0519/html5/thumbnails/10.jpg)
References• [1] “Cyber-attacks Batter Web Heavyweights.” www.cnn.com. February 2002.
• [2] “Risk Eposure Through Instant Messaging and Peer-to-Peer (P2P) Networks.” Internet Security Systems. April 2002.
• [3] “SecureIM.” www.trillian.cc
• [4] Dalton, Curtis E. and Kannengeisser, William. “Instant Headache.” Info Security Magazine. August 2002.
• [5] Gaudin, Sharon. “Norton Antivirus Attacks Instant Messaging.” www.instantmessaging.com. August 2002.
• [6] Grimes, Roger A. "IM Security Primer." www.secadministrator.com. May 2002.
• [7] Hindocha, Neal. “Instant Insecurity: Security Issues of Instant Messaging.” www.securityfocus.com. January 2003.
• [8] Hindocha, Neal. “Threats to Instant Messaging.” Symantec Security Response. January 2003.
• [9] Hu, Jim. “Worms Find Fertile Ground in IM.” www.cnetnews.com. August 2001.
• [10] Shinder, Thomas. “How to Block Dangerous Instant Messengers Using ISA Server.” www.windowssecurity.com. July 2002.
• [11] Thorsberg, Frank. “Is IM a Sieve for Corporate Secrets?” www.pcworld.com. July 2002.
• [12] Varnosi, Robert. “The Problem with Instant Messaging Apps at Work.” www.cnet.com. August 2002