1 / 9

ESORICS 2011

ESORICS 2011. Timing is Everything : The Importance of History Detection. FISHING SITE!. Timing is Everything : The Importance of History Detection. Old tab has gets a handle to the new tab Tricks exist to detect when a user goes to a new webpage ( history detection )

gunnar
Download Presentation

ESORICS 2011

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ESORICS 2011

  2. Timing is Everything:The Importance of HistoryDetection FISHING SITE!

  3. Timing is Everything:The Importance of HistoryDetection Old tab has gets a handle to the new tab Tricks existtodetectwhen a user goesto a new webpage (historydetection) Attackerdetects, andredirects pagetofishing site

  4. Whowrotethis code?Identifying the Authors of Program Binaries Programs Authors Whowrotewhich program? Different authors different codingstyles

  5. Whowrotethis code? Byte n-grams 0x75, 0x30, 0x90, 0x0c Idioms (push ebp | * | movesp,ebp) (Call) Graphlets Use machine learningto map features toauthors 32 203 191 1747 #Authors #Programs 93 834

  6. Privacy-Preserving DNS • ISP’s DNS • Google Public DNS • OpenDNS • … .be Client DNS Resolver ugent.be elis.ugent.be Knowswhich websites are visited per user!

  7. Privacy-Preserving DNS .be Mixing traffic through different mixers hidesyouridentity Mix 1 Mix 2 Mix n Client ugent.be DNS Resolver Broadcast Popular domains elis.ugent.be Top 100/1000/… domains broadcasted  Lesscommunication • Simulation of latencyusing real DNS traffic data • Zero latencyfor >=80% of lookupswithbroadcasting top 10.000 domains • Analysis of safety of privacy of range queries

  8. Remote Timing Attacks Are Still Practical Lattice Attack A.k.a “Magic” Timing of messages Messages Signatures OpenSSL TLS handshake with ECDSA signatures

  9. Automated Information Flow Analysis of Virtualized Infrastructures • Complex ! • Manual analysis is unfeasible

More Related