Locational wireless and social media-based surveillance

The number of smartphones and tablets as well as the volume of traffic generated by these devices has been growing constantly over the past decade and this growth is predicted to continue at an increasing rate over the next five years. Numerous native features built into contemporary smart devices enable highly accurate digital fingerprinting techniques. Furthermore, software developers have been taking advantage of locational capabilities of these devices by building applications and social media services that enable convenient sharing of information tied to geographical locations. Mass online sharing resulted in a large volume of locational and personal data being publicly available for extraction. A number of researchers have used this opportunity to design and build tools for a variety of uses – both respectable and nefarious. Furthermore, due to the peculiarities of the IEEE 802.11 specification, wireless-enabled smart devices disclose a number of attributes, which can be observed via passive monitoring. These attributes coupled with the information that can be extracted using social media APIs present an opportunity for research into locational surveillance, device fingerprinting and device user identification techniques. This paper presents an in-progress research study and details the findings to date

Verification of primitive Sub-Ghz RF replay attack techniques based on visual signal analysis

As the low-cost options for radio traffic capture, analysis and transmission are becoming available, some security researchers have developed open-source tools that potentially make it easier to assess the security of the devices that rely on radio communications without the need for extensive knowledge and understanding of the associated concepts. Recent research in this area suggests that primitive visual analysis techniques may be applied to decode selected radio signals successfully. This study builds upon the previous research in the area of sub-GHz radio communications and aims to outline the associated methodology as well as verify some of the reported techniques for carrying out radio frequency replay attacks using low-cost materials and freely available software

The zombies strike back: Towards client-side beef detection

A web browser is an application that comes bundled with every consumer operating system, including both desktop and mobile platforms. A modern web browser is complex software that has access to system-level features, includes various plugins and requires the availability of an Internet connection. Like any multifaceted software products, web browsers are prone to numerous vulnerabilities. Exploitation of these vulnerabilities can result in destructive consequences ranging from identity theft to network infrastructure damage. BeEF, the Browser Exploitation Framework, allows taking advantage of these vulnerabilities to launch a diverse range of readily available attacks from within the browser context. Existing defensive approaches aimed at hardening network perimeters and detecting common threats based on traffic analysis have not been found successful in the context of BeEF detection. This paper presents a proof-of-concept approach to BeEF detection in its own operating environment – the web browser – based on global context monitoring, abstract syntax tree fingerprinting and real-time network traffic analysis

Locational wireless and social media-based surveillance

The number of smartphones and tablets as well as the volume of traffic generated by these devices has been growing constantly over the past decade and this growth is predicted to continue at an increasing rate over the next five years. Numerous native features built into contemporary smart devices enable highly accurate digital fingerprinting techniques. Furthermore, software developers have been taking advantage of locational capabilities of these devices by building applications and social media services that enable convenient sharing of information tied to geographical locations. Mass online sharing resulted in a large volume of locational and personal data being publicly available for extraction. A number of researchers have used this opportunity to design and build tools for a variety of uses – both respectable and nefarious. Furthermore, due to the peculiarities of the IEEE 802.11 specification, wireless-enabled smart devices disclose a number of attributes, which can be observed via passive monitoring. These attributes coupled with the information that can be extracted using social media APIs present an opportunity for research into locational surveillance, device fingerprinting and device user identification techniques. This paper presents an in-progress research study and details the findings to date

An overview of bluetooth device discovery and fingerprinting techniques – assessing the local context

The ubiquitous nature of portable communication devices presents a number of opportunities for automated device discovery, tracking and possible owner identification. Consumer devices such as smartphones, tablets, wearables, laptops and vehicle entertainment systems commonly support the 802.15.1 (Bluetooth) wireless communication protocol that enables a variety device discovery and fingerprinting techniques. We provide an overview of these techniques encompassing those native to the protocol as well as those that are possibly protocol-agnostic due to their inherently generic nature. We then introduce an opportunity for a comparison study that sets out to examine and quantify the effectiveness of selected techniques in the field. To assess the potential viability of such study in the local context, we employ location-aware inquiry scanning and discuss the results of the exploratory data collection. We conclude that in this context the simplest technique being inquiry scanning can be used to establish a baseline for comparison with other techniques

Verification Of Primitive Sub Ghz Rf Replay Attack Techniques Based On Visual Signal Analysis

As the low cost options for radio traffic capture, analysis and transmission are becoming available, some security researchers have developed open source tools that potentially make it easier to assess the security of the devices that rely on radio communications without the need for extensive knowledge and understanding of the associated concepts. Recent research in this area suggests that primitive visual analysis techniques may be applied to decode selected radio signals successfully. This study builds upon the previous research in the area of sub GHz radio communications and aims to outline the associated methodology as well as verify some of the reported techniques for carrying out radio frequency replay attacks using low cost materials and freely available software

Evolution Of Political Cleavages And Entry Of The Far-right In Government Coalitions In Italy And Poland

This project focuses on a comparative analysis of governing coalitions between conservative and far-right parties in recent years in Italy (1994) and Poland (2005). The aim is to show how the inclusion of the radical right in government coalitions in these countries reflects recent changes in Western and Eastern European party systems through the reformulation of the old and formation of new party cleavages. The focus in the recent literature on personality clashes of party leaders over the distribution of ministry portfolios does not explain the nature of the disagreement between these leaders about key issues of national politics. I argue that the mechanism of policy formulation between prospective coalitional partners can be traced at the level of party cleavages which pre-exist the negotiation process between party leaders. The political breakthrough of the far-right parties became possible because of the development of new issues related to the process of European integration and based on the longstanding confrontation between the left and right parties since the beginning of the Cold War. The disintegration of the previous party systems as a result of the collapse of the Communist regime in Poland and the First Republic in Italy in the post-Cold War era created a vacuum partly exploited by the previous anti-system far-right parties and the new emerging ones. At the same time, a clear tendency toward the cartelization of the programmatic supply was prominent on both the left and right sides of the political spectrum. I argue that the rise to prominence of center-right coalitions in the two countries led by Silvio Berlusconi and Jaroslav Kachinskiy respectively represents not only a new dimension in the development of the right wing in Europe but also constitutes a model of political realignment where new cleavages are gradually substituting for the old cleavages described in the Lipset-Rokkan model

Security assessment of IoT devices: The case of two smart TVs

Being increasingly complex devices, smart TVs are becoming more capable and have the potential to receive, store, process and transmit considerable amounts of personal data. These capabilities also represent several diverse attack surfaces potentially rendering these devices highly vulnerable. The emergence and high adoption rate of smart TVs have been drawing notable interest from security researchers and industry. We utilise an attack surface area-based approach to assess the security of two modern smart TVs from different vendors and describe some of the possible multi-surface attacks that can be carried out against these devices

The zombies strike back: Towards client-side BeEFdetection

A web browser is an application that comes bundled with every consumer operating system, including both desktop and mobile platforms. A modern web browser is complex software that has access to system-level features, includes various plugins and requires the availability of an Internet connection. Like any multifaceted software products, web browsers are prone to numerous vulnerabilities. Exploitation of these vulnerabilities can result in destructive consequences ranging from identity theft to network infrastructure damage. BeEF, the Browser Exploitation Framework, allows taking advantage of these vulnerabilities to launch a diverse range of readily available attacks from within the browser context. Existing defensive approaches aimed at hardening network perimeters and detecting common threats based on traffic analysis have not been found successful in the context of BeEF detection. This paper presents a proof-of-concept approach to BeEF detection in its own operating environment – the web browser – based on global context monitoring, abstract syntax tree fingerprinting and real-time network traffic analysis