2024-09-21, 18:30–19:15 (Europe/Belgrade), Tesla
Here author presents a novel method to estimate the type of traffic (file downloads, streaming, VoIP, etc.) going through a router via a probe initiated from a different network.
The presentation features novel research on using different protocols to remotely measure network load and deduce network traffic patterns of a target using ICMP and other widely adopted protocols. The attack allows to distinguish between file upload, file download, video streaming, VoIP, web browsing, etc. depending on network conditions.
This attack works when done form a different AS.
Kirils Solovjovs is an IT policy activist, bug bounty hunter, and the most visible white-hat hacker in Latvia having discovered and responsibly disclosed or reported multiple security vulnerabilities in information systems of both national and international significance. He has extensive experience in social engineering, penetration testing, network flow analysis, reverse engineering, and the legal dimension.
He has developed the jailbreak tool for Mikrotik RouterOS, as well as created e-Saeima, helping the Latvian Parliament become the first parliament in the world that is prepared for a fully remote legislative process. Kirils currently works as a research assistant in Institute of Electronics in Computer Science and as a member of the board in IT security company "Possible Security".