Abstract : Within this paper we present our novel friend injection attack which exploits the fact that the great majority of social networking sites fail to protect the communication between its users and their services. In a practical evaluation, on the basis of public wireless access points, we furthermore demonstrate the feasibility of our attack. The friend injection attack enables a stealth infiltration of social networks and thus outlines the devastating consequences of active eavesdropping attacks against social networking sites.
https://hal.inria.fr/hal-01054574 Contributor : Hal IfipConnect in order to contact the contributor Submitted on : Thursday, August 7, 2014 - 2:20:48 PM Last modification on : Thursday, September 21, 2017 - 2:37:20 PM Long-term archiving on: : Wednesday, November 26, 2014 - 1:45:24 AM
Markus Huber, Martin Mulazzani, Edgar Weippl. Who On Earth Is "Mr. Cypher": Automated Friend Injection Attacks on Social Networking Sites. 25th IFIP TC 11 International Information Security Conference (SEC) / Held as Part of World Computer Congress (WCC), Sep 2010, Brisbane, Australia. pp.80-89, ⟨10.1007/978-3-642-15257-3_8⟩. ⟨hal-01054574⟩