Identifying Network Traffic Signatures For Texting Via Instant Messaging Applications: A Machine Learning Approach
Date
2024-08-16
Authors
Srivathsan, Thirumurugan
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
As Instant Messaging Applications become more popular, they can be used for a variety of purposes, including sending files, making voice and video calls as well as texting in groups and private channels for both personal and professional purposes. I aim to explore network traffic signatures in instant messaging applications for network monitoring and analysis purposes. To achieve this I designed and developed a framework to automatically generate and capture traffic from the seven most used and popular instant messaging applications, namely Discord, Messenger, Signal, Skype, Teams, Telegram, and WhatsApp. I have analyzed and discovered patterns of texting via IMAs from the perspective of texting behaviour such as synchronous and asynchronous communications. Moreover, their traffic is generated and captured with different types of user communication based on the number of participants such as private texting with two users, group texting with three users, and group texting with four users. The resulting end-to-end encrypted traffic is analyzed using a machine-learning-based approach to traffic metadata without using deep packet inspection. Evaluations show that it is possible to identify between private, groups with different users for asynchronous and synchronous instant messaging applications. This in return could help better planning and management of the network operations for user quality of service.
Description
Keywords
Machine Learning, Instant Messaging Applications, group chat, Private chat, Text Message, Encrypted Network Traffic, Flows, Asynchronous, Synchronous