All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

On Reliability of JA3 Hashes for Fingerprinting Mobile Applications

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26230%2F21%3APU138869" target="_blank" >RIV/00216305:26230/21:PU138869 - isvavai.cz</a>

  • Result on the web

    <a href="https://link.springer.com/chapter/10.1007%2F978-3-030-68734-2_1" target="_blank" >https://link.springer.com/chapter/10.1007%2F978-3-030-68734-2_1</a>

  • DOI - Digital Object Identifier

    <a href="http://dx.doi.org/10.1007/978-3-030-68734-2_1" target="_blank" >10.1007/978-3-030-68734-2_1</a>

Alternative languages

  • Result language

    angličtina

  • Original language name

    On Reliability of JA3 Hashes for Fingerprinting Mobile Applications

  • Original language description

    In recent years, mobile communication has become more secure due to TLS encapsulation. TLS enhances user security by encrypting transmitted data, on the other hand it limits network monitoring and data capturing which is important for digital forensics. When observing mobile traffic today most transmissions are encapsulated by TLS. Encrypted packets causes traditional methods to be obsolete for device fingerprinting that require visibility of protocol headers of HTTP, IMAP, SMTP, IM, etc. As a reaction to data encryption, new methods like TLS fingerprinting have been researched. These methods observe TLS parameters which are exchanged in an open form  before the establishment of a secure channel. TLS parameters can be used for identification of a sending application. Nevertheless, with the constant evolution of TLS protocol suites, it is not easy to create a unique and stable TLS fingerprint for forensic purposes. This paper presents experiments with JA3 hashes on mobile apps. We focus especially on the stability, reliability and uniqueness of JA3 fingerprints for digital forensics. 

  • Czech name

  • Czech description

Classification

  • Type

    D - Article in proceedings

  • CEP classification

  • OECD FORD branch

    20206 - Computer hardware and architecture

Result continuities

  • Project

    <a href="/en/project/VI20172020062" target="_blank" >VI20172020062: Integrated platform for analysis of digital data from security incidents</a><br>

  • Continuities

    P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Others

  • Publication year

    2021

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Article name in the collection

    Digital Forensics and Cyber Crime. ICDF2C 2020. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

  • ISBN

    978-3-030-68733-5

  • ISSN

  • e-ISSN

  • Number of pages

    22

  • Pages from-to

    1-22

  • Publisher name

    Springer International Publishing

  • Place of publication

    Boston

  • Event location

    Boston

  • Event date

    Oct 15, 2020

  • Type of event by nationality

    WRD - Celosvětová akce

  • UT code for WoS article

Similar results(10)

Tool for mobile app fingerprintingDetection of Malicious Network Traffic Behavior Using JA3 FingerprintsNetwork-based HTTPS Client Identification Using SSL/TLS Fingerprinting