SNIFFO: Security of networks and intelligence for field operations

With the spread of social networks and mobile applications (apps), the amount of sensitive information shared across Internet increased considerably. Although the majority of this information is encrypted, many apps still transmit sensitive data in plain text, e.g., using HTTP (HyperText Transfer Protocol). Seemingly trivial information, if collected together, can leak out important data about a user or about people related to such user, for example, friends of the user in the online social networks. There are many useful tools to obtain data from a wireless network. They analyze the wireless traffic and extract some information. The main limitation of available tools is that, in order to find useful insights, they leave to the analyst the tasks of manually analyzing and aggregating together the retrieved data. In this paper, we fill this gap by proposing SNIFFO (Security of Networks and Intelligence for Field Operations), a framework that allows to eavesdrop the wireless traffic generated by the devices in the neighborhood, and to reason over these data in an automatic way. In fact, our tool combines and elaborates the raw information collected from the network traffic, in order to obtain more complex data. To do so, SNIFFO can query third-party services, such as social networks or other websites. The output are not only basic informations about a mobilephone user, but a more complex and informative profile of a user, which may include behaviours, installed applications in a smartphone, preferences, social network profiles and so on.