學術產出-學位論文

文章檢視/開啟

書目匯出

Google ScholarTM

政大圖書館

引文資訊

TAIR相關學術產出

題名 即時通訊軟體安全性分析之研究
A Study on Security Analysis of Instant Messaging Applications
作者 鄧妤庭
Deng, Yu-Ting
貢獻者 左瑞麟
Tso, Ray-Lin
鄧妤庭
Deng, Yu-Ting
關鍵詞 即時通訊軟體
網路封包分析
檔案分析
資料庫分析
Instant messaging applications
Network packet analysis
File analysis
Database analysis
日期 2024
上傳時間 1-二月-2024 13:00:08 (UTC+8)
摘要 近年來各式各樣的即時通訊軟體相繼崛起發展,使得人與人之間的互動更加便利。即時通訊軟體不僅為人們帶來更便捷的交流方式,也造成使用者對安全和隱私的擔憂越來越大。本篇論文將著重在台灣使用率較高的即時通訊軟體LINE、Messenger及由國內開發的即時通訊軟體SKI+進行通訊時之資訊安全議題進行分析及研究,透過網路封包分析、檔案分析及資料庫分析等3種分析方法,澈底瞭解在網路傳輸及行動裝置內部儲存空間中所能發現的資訊,以保證即時通訊軟體在傳輸訊息及在儲存上的安全性,提供使用者去判斷及評估即時通訊軟體的使用與否,以降低自身使用即時通訊軟體的風險。
In recent years, various instant messaging applications have successively emerged and developed, making interpersonal interactions more convenient. Instant messaging applications not only bring people a more convenient way to communicate but also raise concerns among users regarding security and privacy. This paper will focus on analyzing and researching information security issues during communication on three instant messaging applications: widely used in Taiwan—LINE, Messenger, and the domestically developed SKI+. Through three analysis methods—network packet analysis, file analysis, and database analysis—the study aims to thoroughly understand the information that can be discovered in network transmissions and the internal storage space of mobile devices. This analysis aims to ensure the security of message transmission and storage on instant messaging applications. By providing users with the means to assess and evaluate the usage of instant messaging applications, the paper aims to reduce the risks associated with using these applications.
參考文獻 [1] 財團法人台灣網路資訊中心(TWNIC), "Table of Content - Internet基本概念", 2003, from http://dns-learning.twnic.net.tw/internet/intro6.html [2] Joseph A. Salowey, Sean Turner, Christopher A. Wood, "TLS 1.3", IETF., 10 August 2018. [3] WIRED, "Hacker Lexicon: What Is End-to-End Encryption? ", 2014, from https://www.wired.com/2014/11/hacker-lexicon-end-to-end-encryption/ [4] Ryota INOUE, "Becoming a "Third Pole" from Japan: Expansion of LINE's Hyper-Localization Strategy in Asia", 2023, from https://www.z-holdings.co.jp/en/strategy/13/ [5] SimilarWeb, "全球最受歡迎的通訊應用程式", 2023, from https://www.similarweb.com/blog/zh-tw/research/market-research/worldwide-messaging-apps/ [6] LINE, "LINE的最低系統需求為何?", 2023, from https://help.line.me/line/android/pc?lang=zh-Hant&contentId=10002433 [7] LINE, "LINE Encryption Report", 2022, from https://linecorp.com/en/security/encryption/2022h1 [8] 財團法人台灣網路資訊中心(TWNIC), "2023年台灣網路報告", 2023年8月29日 [9] Messenger, "哪些作業系統版本支援Messenger應用程式?", 2023, from https://zh-tw.facebook.com/help/messenger-app/197039404112757 [10] 陳冠榮, "不顧FBI反對加密方式,Messenger個人訊息和通話終獲端對端加密", 2023, from https://infosecu.technews.tw/2023/12/10/launching-default-end-to-end-encryption-on-messenger/ [11] Messenger, "Messenger端對端加密功能的意義及運作方式", 2023, from https://zh-tw.facebook.com/help/messenger-app/786613221989782 [12] Matt Joras, Yang Chi, "How Facebook is bringing QUIC to billions", 21 October 2020, from https://engineering.fb.com/2020/10/21/networking-traffic/how-facebook-is-bringing-quic-to-billions/ [13] Chromium Blog, "Experimenting with QUIC", 2013, from https://blog.chromium.org/2013/06/experimenting-with-quic.html [14] Catalin Cimpanu, "HTTP-over-QUIC to be renamed HTTP/3", 12 November 2018, from https://www.zdnet.com/article/http-over-quic-to-be-renamed-http3/ [15] IETF, RFC 9000, 2021. [16] 中央研究院資訊科技創新研究中心, "SKI+ APP操作手冊", 2018. [17] 中央研究院資訊科技創新研究中心, "SKI+即時通", 2021, from https://iptt.sinica.edu.tw/shares/905 [18] SANS Institute InfoSec Reading Room, "iPwn Apps:Pentesting iOS Applications", 2014. [19] 邱金燕, "社群通訊應用程式安全性分析之研究-以LINE即時通APP為例", 國防大學管理學院資訊管理學系碩士班碩士論文, 2017. [20] 陳詰昌, "LINE封包特徵分析預測使用者網路活動", Communications of the CCISA, Vol. 23, No. 3, July 2017
描述 碩士
國立政治大學
資訊科學系碩士在職專班
109971004
資料來源 http://thesis.lib.nccu.edu.tw/record/#G0109971004
資料類型 thesis
dc.contributor.advisor 左瑞麟zh_TW
dc.contributor.advisor Tso, Ray-Linen_US
dc.contributor.author (作者) 鄧妤庭zh_TW
dc.contributor.author (作者) Deng, Yu-Tingen_US
dc.creator (作者) 鄧妤庭zh_TW
dc.creator (作者) Deng, Yu-Tingen_US
dc.date (日期) 2024en_US
dc.date.accessioned 1-二月-2024 13:00:08 (UTC+8)-
dc.date.available 1-二月-2024 13:00:08 (UTC+8)-
dc.date.issued (上傳時間) 1-二月-2024 13:00:08 (UTC+8)-
dc.identifier (其他 識別碼) G0109971004en_US
dc.identifier.uri (URI) https://nccur.lib.nccu.edu.tw/handle/140.119/149682-
dc.description (描述) 碩士zh_TW
dc.description (描述) 國立政治大學zh_TW
dc.description (描述) 資訊科學系碩士在職專班zh_TW
dc.description (描述) 109971004zh_TW
dc.description.abstract (摘要) 近年來各式各樣的即時通訊軟體相繼崛起發展,使得人與人之間的互動更加便利。即時通訊軟體不僅為人們帶來更便捷的交流方式,也造成使用者對安全和隱私的擔憂越來越大。本篇論文將著重在台灣使用率較高的即時通訊軟體LINE、Messenger及由國內開發的即時通訊軟體SKI+進行通訊時之資訊安全議題進行分析及研究,透過網路封包分析、檔案分析及資料庫分析等3種分析方法,澈底瞭解在網路傳輸及行動裝置內部儲存空間中所能發現的資訊,以保證即時通訊軟體在傳輸訊息及在儲存上的安全性,提供使用者去判斷及評估即時通訊軟體的使用與否,以降低自身使用即時通訊軟體的風險。zh_TW
dc.description.abstract (摘要) In recent years, various instant messaging applications have successively emerged and developed, making interpersonal interactions more convenient. Instant messaging applications not only bring people a more convenient way to communicate but also raise concerns among users regarding security and privacy. This paper will focus on analyzing and researching information security issues during communication on three instant messaging applications: widely used in Taiwan—LINE, Messenger, and the domestically developed SKI+. Through three analysis methods—network packet analysis, file analysis, and database analysis—the study aims to thoroughly understand the information that can be discovered in network transmissions and the internal storage space of mobile devices. This analysis aims to ensure the security of message transmission and storage on instant messaging applications. By providing users with the means to assess and evaluate the usage of instant messaging applications, the paper aims to reduce the risks associated with using these applications.en_US
dc.description.tableofcontents 第一章 緒論 1 1.1 研究動機 1 1.2 研究方法及目標 2 第二章 背景知識 3 2.1 封包格式 3 2.2 安全通訊協定(Secure Socket Layer)/傳輸層安全協定(Transport Layer Security) 4 2.3 端對端加密(End-to-End Encryption,E2EE) 6 第三章 即時通訊軟體研究 7 3.1 LINE 7 3.2 Messenger 11 3.3 SKI+ 14 第四章 即時通訊軟體分析實作 22 4.1 網路封包分析 23 4.2 手機內部儲存空間檔案分析 41 4.3 手機內部儲存空間資料庫分析 45 4.4 即時通訊軟體分析結果 52 第五章 結論 59 參考文獻 60zh_TW
dc.format.extent 6848967 bytes-
dc.format.mimetype application/pdf-
dc.source.uri (資料來源) http://thesis.lib.nccu.edu.tw/record/#G0109971004en_US
dc.subject (關鍵詞) 即時通訊軟體zh_TW
dc.subject (關鍵詞) 網路封包分析zh_TW
dc.subject (關鍵詞) 檔案分析zh_TW
dc.subject (關鍵詞) 資料庫分析zh_TW
dc.subject (關鍵詞) Instant messaging applicationsen_US
dc.subject (關鍵詞) Network packet analysisen_US
dc.subject (關鍵詞) File analysisen_US
dc.subject (關鍵詞) Database analysisen_US
dc.title (題名) 即時通訊軟體安全性分析之研究zh_TW
dc.title (題名) A Study on Security Analysis of Instant Messaging Applicationsen_US
dc.type (資料類型) thesisen_US
dc.relation.reference (參考文獻) [1] 財團法人台灣網路資訊中心(TWNIC), "Table of Content - Internet基本概念", 2003, from http://dns-learning.twnic.net.tw/internet/intro6.html [2] Joseph A. Salowey, Sean Turner, Christopher A. Wood, "TLS 1.3", IETF., 10 August 2018. [3] WIRED, "Hacker Lexicon: What Is End-to-End Encryption? ", 2014, from https://www.wired.com/2014/11/hacker-lexicon-end-to-end-encryption/ [4] Ryota INOUE, "Becoming a "Third Pole" from Japan: Expansion of LINE's Hyper-Localization Strategy in Asia", 2023, from https://www.z-holdings.co.jp/en/strategy/13/ [5] SimilarWeb, "全球最受歡迎的通訊應用程式", 2023, from https://www.similarweb.com/blog/zh-tw/research/market-research/worldwide-messaging-apps/ [6] LINE, "LINE的最低系統需求為何?", 2023, from https://help.line.me/line/android/pc?lang=zh-Hant&contentId=10002433 [7] LINE, "LINE Encryption Report", 2022, from https://linecorp.com/en/security/encryption/2022h1 [8] 財團法人台灣網路資訊中心(TWNIC), "2023年台灣網路報告", 2023年8月29日 [9] Messenger, "哪些作業系統版本支援Messenger應用程式?", 2023, from https://zh-tw.facebook.com/help/messenger-app/197039404112757 [10] 陳冠榮, "不顧FBI反對加密方式,Messenger個人訊息和通話終獲端對端加密", 2023, from https://infosecu.technews.tw/2023/12/10/launching-default-end-to-end-encryption-on-messenger/ [11] Messenger, "Messenger端對端加密功能的意義及運作方式", 2023, from https://zh-tw.facebook.com/help/messenger-app/786613221989782 [12] Matt Joras, Yang Chi, "How Facebook is bringing QUIC to billions", 21 October 2020, from https://engineering.fb.com/2020/10/21/networking-traffic/how-facebook-is-bringing-quic-to-billions/ [13] Chromium Blog, "Experimenting with QUIC", 2013, from https://blog.chromium.org/2013/06/experimenting-with-quic.html [14] Catalin Cimpanu, "HTTP-over-QUIC to be renamed HTTP/3", 12 November 2018, from https://www.zdnet.com/article/http-over-quic-to-be-renamed-http3/ [15] IETF, RFC 9000, 2021. [16] 中央研究院資訊科技創新研究中心, "SKI+ APP操作手冊", 2018. [17] 中央研究院資訊科技創新研究中心, "SKI+即時通", 2021, from https://iptt.sinica.edu.tw/shares/905 [18] SANS Institute InfoSec Reading Room, "iPwn Apps:Pentesting iOS Applications", 2014. [19] 邱金燕, "社群通訊應用程式安全性分析之研究-以LINE即時通APP為例", 國防大學管理學院資訊管理學系碩士班碩士論文, 2017. [20] 陳詰昌, "LINE封包特徵分析預測使用者網路活動", Communications of the CCISA, Vol. 23, No. 3, July 2017zh_TW