DEF CON 26 Slides & Data

Below are the DEF CON 26 slides including additional data and previous presentations on the ElectionBuster tool.

Defending the 2018 Midterm Elections From Foreign Adversaries

DEF CON, 2018 (Presented Slides)

Co-authors: Kevin Franklin, Ian Weinstock, Eli Franklin

Election Buster is an open source tool created in 2014 to identify malicious domains masquerading as candidate webpages and voter registration systems. During 2016, fake domains were used to compromise credentials of a Democratic National Committee (DNC) IT services company, and foreign adversaries probed voter registration systems. The tool now cross-checks domain information against open source threat intelligence feeds, and uses a semi-autonomous scheme for identifying phundraising and false flag sites via ensembled data mining and deep learning techniques. We identified Russian nationals registering fake campaign sites, candidates deploying defensive—and offensive—measures against their opponents, and candidates unintentionally exposing sensitive PII to the public. This talk provides an analysis of our 2016 Presidential Election data, and all data recently collected during the 2018 midterm elections. The talk also details technological and procedural measures that government offices and campaigns can use to defend themselves

DEF CON 26 Tableau Visualization

DEF CON, 2018 (Tableau)

Co-authors: Kevin Franklin, Ian Weinstock, Eli Franklin

The Tableau visualization that we've buit to showcase this project's data.

Election Buster Code

DEF CON, 2018 (GitHub)

Co-authors: Kevin Franklin, Ian Weinstock, Eli Franklin

The code for alongside some operational scripts to get the election buster process going.

Defending Election Campaigns from Cyberspace

BSides DC 2015 (Slides) (Code)

Co-authors: Kevin Franklin

Electoral candidates from both sides of the aisle increasingly rely on the internet to promote their brands and to focus the message of their political platforms. Yet cyberspace isn’t safespace. How do voters know they’re viewing a candidate’s real website? How can voters ensure their online donations are actually going to a specific candidate or cause? Election cybercrime is a burgeoning area but little data exists on the size and scope of these unscrupulous activities. We wrote our own open source suite of tools to begin to measure the scope of this problem and used it to scan every single candidate running for the house and senate (1000+ candidates)in the 2014 General Elections. In this session we’ll discuss the results of our scans and explore how any candidates and voters can defend themselves online.

Malicious Online Activities Related to the 2012 U.S. General Election

ShmooCon 2014 (Slides)

Co-authors: Matthew Jablonski, Robert Tarlecki

This presentation looks back at the number of ways that the 2012 Presidential election was bought, sold, and manipulated through malicious online activities. We identify activities that could be classified as manipulative, mischievous, or downright illegal, such as fake campaign donation sites, political spam, attempts to sell ballots, privacy violations, and rogue Super PACs. For each of these activities we provide examples of sources that demonstrate their online presence during the 2012 election and include additional information. We also include examples of malicious election activity in recent elections. Finally, we attempt to examine and discuss the motivations and methods behind these malicious activities.