Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

traffic analysis

Abbreviation(s) and Synonym(s):

TA

Definition(s):

  The inference of information from observation of traffic flows (presence, absence, amount, direction, and frequency).
Source(s):
NIST SP 800-33

  Gaining knowledge of information by inference from observable characteristics of a data flow, even if the information is not directly available (e.g., when the data is encrypted). These characteristics include the identities and locations of the source(s) and destination(s) of the flow, and the flow's presence, amount, frequency, and duration of occurrence.
Source(s):
CNSSI 4009-2015 under traffic analysis (TA)

  The analysis of patterns in communications for the purpose of gaining intelligence about a system or its users. Traffic analysis does not require examination of the content of the communications, which may or may not be decipherable. For example, an adversary may be able to detect a signal from a reader that could enable it to infer that a particular activity is occurring (e.g., a shipment has arrived, someone is entering a facility) without necessarily learning an identifier or associated data.
Source(s):
NIST SP 800-98 under Traffic Analysis

  a form of passive attack in which an intruder observes information being fransmitted and makes inferences from the calling and called numbers, and the frequency and length of the calls.
Source(s):
NIST SP 800-13 under Traffic analysis