Post on 23-Feb-2016
description
ESORICS 2011
Timing is Everything:The Importance of History Detection
FISHING SITE!
Timing is Everything:The Importance of History Detection
1. Old tab has gets a handle to the new tab2. Tricks exist to detect when a user goes
to a new webpage (history detection)3. Attacker detects, and redirects page
to fishing site
Who wrote this code?Identifying the Authors of Program Binaries
Authors Programs
Who wrote which program?
Different authors different coding styles
Who wrote this code?
Idioms (push ebp | * | mov esp,ebp)
(Call) Graphlets
Byte n-grams 0x75, 0x30, 0x90, 0x0c
Use machine learning to map features to authors#Authors#Programs
93834
1911747
32203
Privacy-Preserving DNS
Client DNS Resolver
.be
ugent.be
elis.ugent.be
• ISP’s DNS• Google Public DNS• OpenDNS• …
Knows which websites are visited per user!
Privacy-Preserving DNS
Client DNS Resolver
.be
ugent.be
elis.ugent.be
BroadcastPopular domains
Mix 1 Mix 2 Mix n
Top 100/1000/… domains broadcasted Less communication
Mixing traffic through different mixers hides your identity
• Simulation of latency using real DNS traffic data• Zero latency for >=80% of lookups with broadcasting top 10.000 domains• Analysis of safety of privacy of range queries
Remote Timing Attacks Are Still Practical
OpenSSL TLS handshake withECDSA signatures
Timing of messagesMessagesSignatures
Lattice AttackA.k.a
“Magic”
Automated Information Flow Analysis of Virtualized Infrastructures
• Complex !• Manual analysis is
unfeasible