[Zurück]


Zeitschriftenartikel:

M. Huber, M. Mulazzani, E. Weippl, G. Kitzler, S. Goluch:
"Friend-in-the-middle Attacks: Exploiting Social Networking Sites for Spam";
IEEE Internet Computing, Special Issue on Security and Privacy in Social Networks (2011).



Kurzfassung englisch:
In this work we present our friend-in-the-middle attacks on SNSs and how it can be used to harvest social data in an automated fashion. This social data can then be exploited for large-scale attacks such as context-aware spam and social-phishing. We prove the feasibility of our attack exemplary on Facebook and estimate the impact based upon a simulation on a regional network of Facebook. Alarmingly, all major SNSs are vulnerable to our attack as they fail to secure the network layer appropriately.


Elektronische Version der Publikation:
http://publik.tuwien.ac.at/files/PubDat_202734.pdf


Erstellt aus der Publikationsdatenbank der Technischen Universitšt Wien.