13:35 - 14:30: KEYNOTE 1 | Jana Dittmann and Christian Kraetzer, Forensics in the encrypted domain: Analysis of Networks Stream to Detect Keystrokes and Audio-Video User Behaviour
ABSTRACT: In the talk the topic of forensics in the encrypted domain is motivated on the examples of data leakage incidents from crime-as-a-service perspective and its interplay with data-as-a-business models, online-tracking, data brokers and hidden data eco-systems. As encrypted traffic is increasing due to protection requirements from security and privacy, both business models (data-as-a-business as well as crime-as-a-service) are shifting to operate in the encrypted domain too. We briefly summarize existing findings from encrypted traffic analysis, selected applications goals and the overall interplay with other security incidents.Based on our research we show first results of an analysis of network streams to detect and interpret keystrokes during interactive protocols (such as search engine traffic). To illustrate the threats arising, we analyse browser traffic and show how much information can be revealed by those analyses about the encrypted content. Furthermore, on the example of video conferencing systems, the encrypted web traffic is analysed to show potential starting points for user behaviour analysis and user tracking. The results presented motivate further research for additional protection mechanisms to actually ensure security and privacy in already encrypted communications.
14:30 - 15:00: kEYNOTE 2 | Frederik Temmermans, Deepayan Bhowmik, Fernando Pereira and Touradj Ebrahimi, Fake Media - the JPEG Stake (Slides)
