Abstract : Within this paper we present our novel friend injection attack which exploits the fact that the great majority of social networking sites fail to protect the communication between its users and their services. In a practical evaluation, on the basis of public wireless access points, we furthermore demonstrate the feasibility of our attack. The friend injection attack enables a stealth infiltration of social networks and thus outlines the devastating consequences of active eavesdropping attacks against social networking sites.
Kai Rannenberg; Vijay Varadharajan; Christian Weber. 25th IFIP TC 11 International Information Security Conference (SEC) / Held as Part of World Computer Congress (WCC), Sep 2010, Brisbane, Australia. Springer, IFIP Advances in Information and Communication Technology, AICT-330, pp.80-89, 2010, Security and Privacy - Silver Linings in the Cloud. 〈10.1007/978-3-642-15257-3_8〉
https://hal.inria.fr/hal-01054574
Contributeur : Hal Ifip
<>
Soumis le : jeudi 7 août 2014 - 14:20:48
Dernière modification le : jeudi 21 septembre 2017 - 14:37:20
Document(s) archivé(s) le : mercredi 26 novembre 2014 - 01:45:24
Markus Huber, Martin Mulazzani, Edgar Weippl. Who On Earth Is "Mr. Cypher": Automated Friend Injection Attacks on Social Networking Sites. Kai Rannenberg; Vijay Varadharajan; Christian Weber. 25th IFIP TC 11 International Information Security Conference (SEC) / Held as Part of World Computer Congress (WCC), Sep 2010, Brisbane, Australia. Springer, IFIP Advances in Information and Communication Technology, AICT-330, pp.80-89, 2010, Security and Privacy - Silver Linings in the Cloud. 〈10.1007/978-3-642-15257-3_8〉. 〈hal-01054574〉
