利用 DNS 进行隐蔽用户追踪.pdf

《利用 DNS 进行隐蔽用户追踪.pdf》由会员分享，可在线阅读，更多相关《利用 DNS 进行隐蔽用户追踪.pdf（77页珍藏版）》请在三个皮匠报告上搜索。

1、#BHUSA BlackHatEventsExploiting DNS for Stealthy User TrackingBla Genge,Ioan Pdurean,Dan Macovei#BHUSA BlackHatEventsDirector of Product ManagementSecurity Product StrategyJunior Security ResearcherApplied ML techniques,IoT securityThe teamSenior Security ResearcherIoT security,vulnerability researc

2、hScientist at heartBla GENGEIoan PDUREANDan MACOVEI#BHUSA BlackHatEventsThe Transylvanian researchershttps:/en.wikipedia.org/wiki/World_map#BHUSA BlackHatEventsIntroduction&the why?DNS request patterns&transformationsUser tracking:approach and resultsConclusions&key takeawaysA birds eye viewAgenda#B

3、HUSA BlackHatEventsIntroduction&motivation#BHUSA BlackHatEventsThe Domain Name System(DNS)The phonebook of the internet Translate human-readable domain names into IP addresses ALL devices use DNSEmailWebDNSCDNdomainIP#BHUSA BlackHatEventsDNS and security applications DNS has a critical role in secur

4、ity applications DNS fuels the applications aimed to protect networks and usersSpam filterAd blockerDNSParental controlISPs infrastructure Recursive nameserversPhishing protectionDDoS mitigationIoT securityLoad balancingThreat intelligence#BHUSA BlackHatEvents#BHUSA BlackHatEventsWhy this research o

5、n DNS?Looking for ways to improve security solutionsSpam filterAd blockerParental control#BHUSA BlackHatEventsWhat we observedNoticed interesting sequences for devices in our testbed officeRepetitivebehavior#BHUSA BlackHatEventsThe question#BHUSA BlackHatEventsDNS and smartphone activityUser activit

6、y from DNS request perspective can be(IT IS!)repetitive!Incentive for user tracking!#BHUSA BlackHatEventsPrivacy-related policiesOrganisation for Economic Co-operation and Development(OECD)Privacy GuidelinesEuropean Unions General Data Protection Regulation(GDPR)Country-based(PIPEDA Canada,HIPAA US