[Back]


Publications in Scientific Journals:

M. Huber, M. Mulazzani, E. Weippl, G. Kitzler, S. Goluch:
"Friend-in-the-middle Attacks: Exploiting Social Networking Sites for Spam";
IEEE Internet Computing, Special Issue on Security and Privacy in Social Networks (2011).



English abstract:
In this work we present our friend-in-the-middle attacks on SNSs and how it can be used to harvest social data in an automated fashion. This social data can then be exploited for large-scale attacks such as context-aware spam and social-phishing. We prove the feasibility of our attack exemplary on Facebook and estimate the impact based upon a simulation on a regional network of Facebook. Alarmingly, all major SNSs are vulnerable to our attack as they fail to secure the network layer appropriately.


Electronic version of the publication:
http://publik.tuwien.ac.at/files/PubDat_202734.pdf


Created from the Publication Database of the Vienna University of Technology.