Hack Red Con 2024
-
Doors, Cameras, and Mantraps: Oh, my!
Dylan "The Magician" Baklor
-
End the Burnout - 3 things your CISO wishes you knew.
Mark Thacker
-
Registration Opens
Oct. 25
-
Opening Ceremony
Oct. 25
-
Keynote Round Table - Ed Skoudis, Dave Kennedy, Ken Nevers, Amanda Berlin
Oct. 25
-
Securing Derby 150
Jason PaytonOct. 25
-
Intro to Infrastructure Automation for Offensive Security
Alex MartirosyanOct. 25
-
Creating Intelligence From Malware Samples
Jon "Wally" Prather and Jeff SmealOct. 25
-
CISO Roundtable
Oct. 25
-
Tough Adversary? Don’t Blame Sun Tzu
Dr. Gregory CarpenterOct. 25
I am currently a Research intern at the Indian Institute of Technology, Bombay (IIT-B), where I am developing a Mobile Device Fingerprinting module to integrate with Suricata and Wazuh. My work involves analyzing packet inter-arrival times, and integrating web APIs to enhance network security.
I have one year of work experience in cybersecurity, during which I have made significant contributions and gained recognition through various speaking engagements and competitions:
- Speaker at Defcon Delhi 0x06: Presented my white paper on analyzing the Mirai Botnet and its derivatives.
- Speaker at IIT Bombay FOSSx : Awarded first prize for a comprehensive white paper on Suricata, competing against over 200 teams.
- Speaker at IIT Bombay Summer of Code: Presented my latest research paper, demonstrating advanced knowledge and innovative approaches in the field of cybersecurity.
- Cython Hackathon Winner at IIT Delhi: Developed a Linux kernel fuzzer, winning against more than 200 teams in a competition hosted by NTRO.
Accurately identifying and tracking users across platforms and browsers has become essential to online security and marketing tactics in the digital era. This paper explores the complex mechanisms of browser and mobile device fingerprinting, providing insight into how businesses employ these techniques to monitor and identify users. We show how unique digital fingerprints are generated by looking at a wide range of metrics, such as clock skew rate, battery status, audio configuration, time zone, canvas fingerprinting, machine characteristics, emojis, DOMrect, extensions, math functions, screen properties, TLS handshake patterns, and even favicons.
We discuss how they are combined under a single umbrella and can be used to accurately identify a user and they can either be used as a tool for improving security, Fraud detection & can also be a security & privacy risk in a lot cases.
