DIVINA: Discovering Vulnerabilities of Internet Accounts - Archive ouverte HAL Access content directly
Conference Papers Year : 2015

DIVINA: Discovering Vulnerabilities of Internet Accounts

(1) , (2) , (3)
1
2
3

Abstract

Internet users typically have several online accounts – such as mail accounts, cloud storage accounts, or social media accounts. The security of these accounts is often intricately linked: The password of one account can be reset by sending an email to another account; the data of one account can be backed up on another account; one account can only be accessed by two-factor authentication through a second account ; and so forth. This poses three challenges: First, if a user loses one or several of his passwords, can he still access his data? Second, how many passwords does an attacker need in order to access the data? And finally, how many passwords does an attacker need in order to irreversibly delete the user's data? In this paper, we model the dependencies of online accounts in order to help the user discover security weaknesses. We have implemented our system and invite users to try it out on their real accounts.
Fichier principal
Vignette du fichier
www2015demo.pdf (475.05 Ko) Télécharger le fichier
Origin : Files produced by the author(s)
Loading...

Dates and versions

hal-01699871 , version 1 (02-02-2018)

Identifiers

Cite

Ziad Ismail, Danai Symeonidou, Fabian M. Suchanek. DIVINA: Discovering Vulnerabilities of Internet Accounts. 24th International Conference on World Wide Web Conference, May 2015, Florence, Italy. 1 562 p., ⟨10.1145/2740908.2742836⟩. ⟨hal-01699871⟩
387 View
117 Download

Altmetric

Share

Gmail Facebook Twitter LinkedIn More