Visible to the public Biblio

Filters: Author is Waidner, Michael  [Clear All Filters]
2022-01-31
Baumann, Lukas, Heftrig, Elias, Shulman, Haya, Waidner, Michael.  2021.  The Master and Parasite Attack. 2021 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). :141—148.
We explore a new type of malicious script attacks: the persistent parasite attack. Persistent parasites are stealthy scripts, which persist for a long time in the browser's cache. We show to infect the caches of victims with parasite scripts via TCP injection. Once the cache is infected, we implement methodologies for propagation of the parasites to other popular domains on the victim client as well as to other caches on the network. We show how to design the parasites so that they stay long time in the victim's cache not restricted to the duration of the user's visit to the web site. We develop covert channels for communication between the attacker and the parasites, which allows the attacker to control which scripts are executed and when, and to exfiltrate private information to the attacker, such as cookies and passwords. We then demonstrate how to leverage the parasites to perform sophisticated attacks, and evaluate the attacks against a range of applications and security mechanisms on popular browsers. Finally we provide recommendations for countermeasures.
2019-08-26
Shrishak, Kris, Shulman, Haya, Waidner, Michael.  2018.  Removing the Bottleneck for Practical 2PC. Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. :2300-2302.

Secure Two Party Computation (2PC) has the potential to facilitate a wide range of real life applications where privacy of the computation and participants is critical. Nevertheless, this potential has not translated to widespread industry acceptance due to performance issues. Over the years a significant research effort has focused on optimising the performance of 2PC. The computation complexity has been continually improved and recently, following circuit optimisations and hardware support for cryptographic operations, evaluations of 2PC on a single host currently produce efficient results. Unfortunately, when evaluated on remote hosts, the performance remains prohibitive for practical purposes. The bottleneck is believed to be the bandwidth. In this work we explore the networking layer of 2PC implementations and show that the performance bottleneck is inherent in the usage of TCP sockets in implementations of 2PC schemes. Through experimental evaluations, we demonstrate that other transport protocols can significantly improve the performance of 2PC, making it suitable for practical applications.

2018-01-10
Rotenberg, Nadav, Shulman, Haya, Waidner, Michael, Zeltser, Benjamin.  2017.  Authentication-Bypass Vulnerabilities in SOHO Routers. Proceedings of the SIGCOMM Posters and Demos. :68–70.
SOHO routers act as a gateway to the Internet for Small Office/Home Office networks. Despite the important role that they fulfill, there is a long history of vulnerabilities allowing attackers to breach security and availability of the clients and services on SOHO networks. Following the multiple disclosures and recommendations for patches in the last two decades it seems an obvious question to verify whether the reality meets the expectation. We focus on an important class of vulnerabilities called 'authentication bypass', which allow an attacker to take control over a network device by subverting the authentication procedure. We perform a stealthy and non disruptive evaluation of authentication bypass vulnerabilities in SOHO routers. Our study focuses on a number of selected countries, to detect presence of vulnerable devices. The results of our study are worrisome: we find a large fraction of misconfigurations and insecurity issues in configuration of SOHO routers, which stand in sharp contrast to the awareness of the security and research communities to the vulnerabilities as well as a large body of work studying related topics.