Skip to Main content Skip to Navigation
Conference papers

DIVINA: Discovering Vulnerabilities of Internet Accounts

Abstract : Internet users typically have several online accounts – such as mail accounts, cloud storage accounts, or social media accounts. The security of these accounts is often intricately linked: The password of one account can be reset by sending an email to another account; the data of one account can be backed up on another account; one account can only be accessed by two-factor authentication through a second account ; and so forth. This poses three challenges: First, if a user loses one or several of his passwords, can he still access his data? Second, how many passwords does an attacker need in order to access the data? And finally, how many passwords does an attacker need in order to irreversibly delete the user's data? In this paper, we model the dependencies of online accounts in order to help the user discover security weaknesses. We have implemented our system and invite users to try it out on their real accounts.
Document type :
Conference papers
Complete list of metadata

Cited literature [5 references]  Display  Hide  Download
Contributor : Fabian Suchanek Connect in order to contact the contributor
Submitted on : Friday, February 2, 2018 - 6:05:48 PM
Last modification on : Saturday, June 25, 2022 - 10:28:59 PM
Long-term archiving on: : Thursday, May 3, 2018 - 12:49:32 AM


Files produced by the author(s)



Ziad Ismail, Danai Symeonidou, Fabian M. Suchanek. DIVINA: Discovering Vulnerabilities of Internet Accounts. 24th International Conference on World Wide Web Conference, May 2015, Florence, Italy. 1 562 p., ⟨10.1145/2740908.2742836⟩. ⟨hal-01699871⟩



Record views


Files downloads