Privacy data protection has become a major concern within regions, such as Europe, where GDPR is implemented. To discover the potentially privacyinfringing behaviors, manufacturers must test applications for compliance before release.
In practice, presented tools often dump TCP files, and novices cannot easily use methods of data detection. To solve these problems, we will hook systemlevel functions used for and by TCP, OpenSSL, and cipher methods to obtain network traffic and encrypted data. This way we can decrypt TLS traffic and automatically detect privacy data transmission behaviors, to tell if the data has been double encrypted.

In this session, we will share our research findings on hook points, TCPTLS traffic decryption, and HTTP/2 header decoding. Moreover, prospects of how to improve the tool for automated analysis will be discussed

By:
Zhengyang Zhou | Security Engineer, OPPO
Yiman He | Security Engineer, OPPO
Ning Wang | Cybersecurity researcher, Huazhong University of Science and Technology
Xianlin Wu | Senior Security Researcher, OPPO
Feifei Chen | Senior Security Engineer, OPPO

Full Abstract & Presentation Materials:
https://www.blackhat.com/asia24/brie...