DIO.NYSOS.NET:~$ » research

Technical Report: Friend-in-the-Middle (FITM) Attacks

admin — Wed, 14 Jul 2010 09:34:08 +0000

Abstract. In the ongoing arms race between spammers and the multi-million dollar anti-spam industry, the number of unsolicited e-mail messages (better known as “spam”) and phishing has increased heavily in the last decade. In this paper, we show that our novel friend-in-the-middle attack on social networking sites (SNSs) can be used to harvest social data in an automated fashion. This social data can then be exploited for large-scale attacks such as context-aware spam and social-phishing. We prove the feasibility of our attack exemplarily on Facebook and identify possible consequences based on a mathematical model and simulations. Alarmingly, all major SNSs are vulnerable to our attack as they fail to secure the network layer appropriately.

FITM_TR0710

http://fitm.nysos.net

Who On Earth Is ”Mr. Cypher“: Automated Friend Injection Attacks on Social Networking Sites

admin — Mon, 14 Jun 2010 13:12:51 +0000

Abstract. Within this paper we present our novel friend injection attack which exploits the fact that the great majority of social networking sites fail to protect the communication between its users and their services. In a practical evaluation, on the basis of public wireless access points, we furthermore demonstrate the feasibility of our attack. The friend injection attack enables a stealth infiltration of social networks and thus outlines the devastating consequences of active eavesdropping attacks against social networking sites.

Preprint

http://friendinjection.nysos.net

I went to visit the DSV SecLab … and got run over by a car.

admin — Fri, 28 May 2010 15:44:59 +0000

My recent visits to other universities have been rather interesting … First with UCSB – I went and found nobody there, to talk to. This time though – I was even more successfully whilst trying to visit the DSV SecLab, I got run over by a car just 30 minutes after I arrived in Stockholm. Luckily after one week in a great Swedish hospital I safely returned back to Vienna with my broken leg.

Tor HTTP usage and Information Leakage

admin — Thu, 13 May 2010 22:28:18 +0000

Abstract- This paper analyzes the web browsing behaviour of Tor users. By collecting HTTP requests we show which websites are of interest to Tor users and we determined an upper bound on how vulnerable Tor users are to sophisticated de-anonymization attacks: up to 78 % of the Tor users do not use Tor as suggested by the Tor community, namely to browse the web with TorButton. They could thus fall victim to de-anonymization attacks by merely browsing the web. Around 1 % of the requests could be used by an adversary for exploit piggybacking on vulnerable file formats. Another 7 % of all requests were generated by social networking sites which leak plenty of sensitive and identifying information. Due to the design of HTTP and Tor, we argue that HTTPS is currently the only effective countermeasure against de-anonymization and information leakage for HTTP over Tor.

Get the preprint here: http://torhttp.nysos.net

Happy Birtday Spam!

admin — Mon, 03 May 2010 08:18:38 +0000

Apparently 30 years ago the first Spam message was sent. Thus happy birthday dear beloved Spam and hopefully we get rid of these messages clogging up our mailboxes soon.

Facebook: A security and privacy nightmare?

admin — Wed, 21 Apr 2010 14:52:57 +0000

Apparently Facebook decided to open-up profiles to the public yet a little further in future, read more at this blog entry. So whilst a plethora of security research highlights how broken this service really is, Facebook keeps on exposing more private information to third-parties on a sneaky opt-out basis.
Want to catch up how broken Facebook is? Read some interesting (academic) publications regarding Facebook Security:
A Practical Attack to De-Anonymize Social Network Users
All Your Contacts Are Belong to Us
Towards Automating Social Engineering Using Social Networking Sites

What can Facebook users do to protect themselves? So far not that much; at least: adapt your privacy settings, protect your communication with browser extensions such as ForceTLS.

As soon as all review cycles are finished, I plan to publish more information on a new security threat with SNSs that we recently discovered.

New publications coming up soon …

admin — Thu, 25 Feb 2010 09:39:28 +0000

Our publications have been accepted at the IFIP CMS’2010 and the SEC 2010 conference. I will publish preprints soon.

I went to visit the UCSB Seclab …

admin — Thu, 03 Sep 2009 18:57:07 +0000

… and all I got were these lousy pictures.

UCSB campus

UCSB Seclab – hackidy hack

UCSB Seclab – some more hackers and books

PASSAT-09 in Vancouver

admin — Sat, 29 Aug 2009 18:06:29 +0000

Just arrived yesterday in Vancouver. The PASSAT-09 conference is quite nice so far and I gave my presentation today (“con mucha mierda” – Javier). I’m still tired from the trip and will hopefully post some pictures from Canada soon.
Update: The conference was great and I met some interesting people, below are some snapshots from my Vancouver sightseeing.

Sculptures near the harbour

Vancouver harbourfront

Stanley Park

Skyline from hotel room

HAR09 – It was super awesome

admin — Mon, 17 Aug 2009 10:14:09 +0000

KUDOS to the HAR09 orga-team!

HAR09 Peter Kleissner – stoned bootkit

HAR09 computer robot at night

HAR09 Metalab knicklichter helium baloons

HAR09 Metalab linux server projected