A Model for the Study of Privacy Issues in Secure Shell Connections

The secure shell protocol strives to protect the privacy of its users in several ways. On one hand, the strong encryption and authentication algorithms that it adopts provide guarantees that the data exchanged between two SSH endpoints remain private to third parties. On the other hand, the type of traffic that each SSH channel transports, such as e-mail, remote shell activity, etc., is also supposed to be hidden from any observer that does not possess the necessary keys. This paper introduces a simple but accurate model of the SSH channel which can be used to study the level of privacy that SSH-protected traffic can achieve with respect to the users´ activities. We think that the model can facilitate several types of projects. For example, network managers can detect traffic anomalies hidden by SSH connections more easily by relying on the output of our model. Another example, which we present in this paper, is the use of this model to derive accurate fingerprints of the type of applications run through an SSH channel by simply starting from the statistics of captured clear-text traffic. Such fingerprints can then be used to detect what type of activity, i.e., what type of traffic, is going on within an SSH channel, thereby breaking user privacy.