Attacks & Countermeasures of Ultrasonic Cross-Device Tracking
eu-16-Mavroudis-Talking-Behind-Your-Back-Attacks-And-Countermeasures-Of-Ultrasonic-Cross-Device-Tracking
eu-16-Mavroudis-Talking-Behind-Your-Back-Attacks-And-Countermeasures-Of-Ultrasonic-Cross-Device-Tracking
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Talking Behind Your Back<br />
<strong>Attacks</strong> & <strong>Countermeasures</strong> <strong>of</strong><br />
<strong>Ultrasonic</strong> <strong>Cross</strong>-<strong>Device</strong> <strong>Tracking</strong><br />
Vasilios Mavroudis<br />
Doctoral Researcher UCL
Contents<br />
•<br />
•<br />
•<br />
•<br />
•<br />
•
Who we are
The Story <strong>of</strong> a Product<br />
•<br />
•<br />
•
The Story <strong>of</strong> a Product<br />
•<br />
•<br />
•<br />
•
The Story <strong>of</strong> a Product<br />
•<br />
•<br />
•<br />
•<br />
•
FTC <strong>Cross</strong>-<strong>Device</strong> <strong>Tracking</strong> Workshop, Nov 16, 2015 (Washington, DC)
The Story <strong>of</strong> a Product<br />
•<br />
•<br />
•<br />
•<br />
•<br />
•
Unhappy<br />
Proactive<br />
Unconcerned
The Story <strong>of</strong> a Product<br />
•<br />
•<br />
•<br />
•<br />
•<br />
•<br />
•
The Story <strong>of</strong> a Product<br />
•<br />
•<br />
•<br />
•<br />
•<br />
•<br />
•<br />
•
The Tip <strong>of</strong> the Iceberg<br />
•<br />
•<br />
•<br />
•<br />
•
The Ultrasound <strong>Tracking</strong> Ecosystem<br />
•<br />
•<br />
•<br />
•<br />
•
uBeacons<br />
•<br />
•<br />
•<br />
•<br />
•
uBeacons: Technical Details<br />
•<br />
•<br />
•<br />
•<br />
•<br />
•<br />
•
uBeacons: Practical Details<br />
•<br />
•<br />
•<br />
•
<strong>Cross</strong>-<strong>Device</strong> <strong>Tracking</strong>: Overview
<strong>Cross</strong>-<strong>Device</strong> <strong>Tracking</strong>: Details<br />
•<br />
•<br />
•<br />
•<br />
•<br />
•
Ultrasound <strong>Cross</strong>-<strong>Device</strong> <strong>Tracking</strong><br />
•<br />
•<br />
•<br />
•<br />
•<br />
•<br />
•<br />
•
Ultrasound <strong>Cross</strong>-<strong>Device</strong> <strong>Tracking</strong>
Ultrasound <strong>Cross</strong>-<strong>Device</strong> <strong>Tracking</strong>
Ultrasound <strong>Cross</strong>-<strong>Device</strong> <strong>Tracking</strong><br />
•<br />
•
Proximity Marketing<br />
•<br />
•<br />
•<br />
•<br />
•<br />
•
Other Use Cases<br />
•<br />
•<br />
•<br />
•<br />
•<br />
•
Exploitation!<br />
•<br />
<br />
<br />
•
The Attacker’s Toolchest<br />
•<br />
•<br />
•<br />
•
The Attacker’s Toolchest<br />
•<br />
•
The Tor de-anonymization Attack
The Tor de-anonymization Attack
The Demo Explained<br />
•<br />
<br />
<br />
•
The Demo Explained<br />
•<br />
•<br />
•<br />
•<br />
•
More <strong>Attacks</strong><br />
•<br />
•<br />
•<br />
•
Security Evaluation<br />
•<br />
•<br />
•<br />
•
Security Evaluation<br />
•<br />
•<br />
•<br />
•<br />
•
Security Evaluation<br />
•<br />
•<br />
•<br />
•<br />
•
Security Evaluation<br />
•<br />
•<br />
•<br />
•<br />
•
Security Evaluation<br />
•<br />
•<br />
•<br />
•
May 10, 2016
Aug 31, 2016
July 19, 2016
Oct 17, 2016
Market Penetration<br />
•<br />
•<br />
•<br />
•<br />
•<br />
•<br />
•<br />
•
<strong>Countermeasures</strong>
Browser Extension<br />
•<br />
•<br />
•<br />
•<br />
•<br />
•
Android Permission<br />
•<br />
•<br />
•<br />
•<br />
•
Tor Bug Tracker
Securing the Ecosystem<br />
•<br />
•<br />
•<br />
•<br />
•
Securing the Ecosystem<br />
•<br />
•<br />
•<br />
•<br />
•
Conclusions: What we did<br />
•<br />
•<br />
•<br />
•<br />
•<br />
•
Conclusions: What’s left to do!<br />
•
Conclusions: What’s left to do!<br />
•<br />
<br />
<br />
•
Q & A