M. Huber, M. Mulazzani, E. Weippl, G. Kitzler, S. Goluch:
"Friend-in-the-middle Attacks: Exploiting Social Networking Sites for Spam";
IEEE Internet Computing, Special Issue on Security and Privacy in Social Networks (2011).

Kurzfassung englisch:
In this work we present our friend-in-the-middle attacks on SNSs and how it can be used to harvest social data in an automated fashion. This social data can then be exploited for large-scale attacks such as context-aware spam and social-phishing. We prove the feasibility of our attack exemplary on Facebook and estimate the impact based upon a simulation on a regional network of Facebook. Alarmingly, all major SNSs are vulnerable to our attack as they fail to secure the network layer appropriately.

Elektronische Version der Publikation:

Erstellt aus der Publikationsdatenbank der Technischen Universitšt Wien.