Zobrazeno 1 - 10
of 170
pro vyhledávání: '"Herzberg, Amir"'
Popular instant messaging applications such as WhatsApp and Signal provide end-to-end encryption for billions of users. They rely on a centralized, application-specific server to distribute public keys and relay encrypted messages between the users.
Externí odkaz:
http://arxiv.org/abs/2210.09940
Autor:
Pepin, Lynn, Wang, Lizhi, Wang, Jiangwei, Han, Songyang, Pishawikar, Pranav, Herzberg, Amir, Zhang, Peng, Miao, Fei
Traditional botnet attacks leverage large and distributed numbers of compromised internet-connected devices to target and overwhelm other devices with internet packets. With increasing consumer adoption of high-wattage internet-facing "smart devices"
Externí odkaz:
http://arxiv.org/abs/2203.10158
As mobile phones have evolved into `smartphones', with complex operating systems running third- party software, they have become increasingly vulnerable to malicious applications (malware). We introduce a new design for mitigating malware attacks aga
Externí odkaz:
http://arxiv.org/abs/1401.7444
Online Social Networks (OSNs) have rapidly become a prominent and widely used service, offering a wealth of personal and sensitive information with significant security and privacy implications. Hence, OSNs are also an important - and popular - subje
Externí odkaz:
http://arxiv.org/abs/1310.1651
Everyone is concerned about the Internet security, yet most traffic is not cryptographically protected. The usual justification is that most attackers are only off-path and cannot intercept traffic; hence, challenge-response mechanisms suffice to ens
Externí odkaz:
http://arxiv.org/abs/1305.0854
Autor:
Herzberg, Amir, Shulman, Haya
Publikováno v:
SecureComm 2011
We investigate defenses against DNS cache poisoning focusing on mechanisms that can be readily deployed unilaterally by the resolving organisation, preferably in a single gateway or a proxy. DNS poisoning is (still) a major threat to Internet securit
Externí odkaz:
http://arxiv.org/abs/1209.1482
Autor:
Gilad, Yossi, Herzberg, Amir
We present a new type of clogging DoS attacks, with the highest amplification factors achieved by off-path attackers, using only puppets, i.e., sandboxed malware on victim machines. Specifically, we present off-path variants of the Opt-ack, Ack-storm
Externí odkaz:
http://arxiv.org/abs/1208.2357
Autor:
Herzberg, Amir, Shulman, Haya
In spite of the availability of DNSSEC, which protects against cache poisoning even by MitM attackers, many caching DNS resolvers still rely for their security against poisoning on merely validating that DNS responses contain some 'unpredictable' val
Externí odkaz:
http://arxiv.org/abs/1205.5190
Autor:
Herzberg, Amir, Shulman, Haya
We present practical poisoning and name-server block- ing attacks on standard DNS resolvers, by off-path, spoofing adversaries. Our attacks exploit large DNS responses that cause IP fragmentation; such long re- sponses are increasingly common, mainly
Externí odkaz:
http://arxiv.org/abs/1205.4011
Autor:
Gilad, Yossi, Herzberg, Amir
We show how an off-path (spoofing-only) attacker can perform cross-site scripting (XSS), cross-site request forgery (CSRF) and site spoofing/defacement attacks, without requiring vulnerabilities in either web-browser or server and circumventing known
Externí odkaz:
http://arxiv.org/abs/1204.6623