Security related research
[Publication] The Failure of Noise-Based Non-Continuous Audio Captchas
We show how using a generic approach, based on advance audio processing and machine learning algorithm, our captcha breaker "Decaptcha" is able to break all the popular audio CAPTCHA schemes, including Microsoft and Yahoo.
[Publication] Text-based CAPTCHA Strengths and Weaknesses
Based on sucessfull attacks on 13 of the most popular captchas schemes we show how to attack text-based captchas and provide guidelines on how to design secure ones.
[Publication] Bad Memories
We demonstrate how to steal a WiFi network WPA key and location by attacking the router web interface. Then we show how to bypass SSL warning on Internet Explorer and Firefox to perform HTTPS cache injection attacks. Finally we show how to perform various advanced click-jacking attacks on browser and phones (tapjacking)
We study frame busting defense for the Alexa Top-500 sites
and show that all can be broken. Some attack are browser-specific, other exploit code mistakes. We conclude with practical recommendations how to implement a secure frame busting defense.
[Publication] An Analysis of Private Browsing Modes in Modern Browsers
We analyze how each of the major browser implement the private browsing mode and show their limitations and describe attacks against them. We also measure on which kind of website people use the private browsing mode.
We perform a mass-scale user study on how people react to the 21 most popular captcha schemes (13 images, 8 audios). This study reveals that
even the most popular captchas scheme are often difficult for humans, with audio captchas being particularly problematic.
[Publication] Webseclab Security Education Workbench
Webseclab is a teaching framework designed to teach students web security through various exercises, project and quizzes. Webseclab combine a cloud-base service to aggregate class result and a student lab in form of a virtual machine that contains more than 80 exercises.
We reveal a series of attacks against embedded devices based on a new type of vulnerability that we call cross channel scripting (XCS). XCS is a sophisticated form of cross site scripting (XSS) in which the attack injection and execution are carried out via different protocols.
[Publication] Using Strategy Objectives for Network Security Analysis
We introduce the notion of "strategy objectives" that mixes logical constraints and numerical one. Using strategy objectives allows to perform a new
range of analysis, such as evaluate what is the least costly defense, that traditional attacks graphs system are unable to perform. Strategy objectives are implemented in NetQi.
We evaluate the effectiveness of the most popular web automated vulnerability scanners and analyze how effective they are at detecting various vulnerabilities (XSS, CSRF, SQLi…). We also test how good they are at crawling website and discovering non-standard link (flash, java, AJAX)
The anticipation-games are a logic-based framework designed to evaluate the resilience of networks against attacks. What set anticipation-games from standard attack graphs is that it allows to model the dynamic nature of the attack and to take into account how the administrator respond to attacks .
We present a three-fold extension to the anticipation-game framework designed to model network cooperation, the cost of attacks based on its duration and the introduction of new vector of attacks over time.
[Best Paper Award] We show that NetAnalyzer is able to detect obfuscated protocols (i.e Bit torrent) by combining a payload analysis with a classifier based on several discriminators,
including packet entropy and size. We also details how netAnalyzer deals with tunneled session and covert channel.
[Publication] Framing Attacks on Smartphones Dumb Routers and Social Sites Tap-jacking Geo-localization and Framing Leak Attacks
We show that phone features makes Tap-jacking easier. We explain how to exploit router web interface to steal WiFi network WPA key and location. Finally we demonstrate how to exploit the frame scrolling attack
to attack Facebook frame busting defense and leak private information from Yahoo mobile webemail.
[Publication] Kamouflage Loss-Resistant Password Management
Kamouflage is a new kind of password manager that use plausible decoys to prevent offline attacks when the master password is weak.
[Publication] Towards Secure Embedded Web Interfaces
We audited the security of more than 30 embedded devices web interfaces and found more than 50 vulnerabilities. To help developers, we have developed WebDroid the first framework specifically dedicated to build secure embedded WebApp.
[Publication] The emergence of cross channel scripting
We reveal a series of attacks against embedded devices based on a new type of vulnerability that we call cross channel scripting (XCS). XCS is a sophisticated form of cross site scripting (XSS) in which the attack injection and execution are carried out via different protocols.
[Publication] TrackBack Spam Abuse and Prevention
We conducted a longitudinal study of TrackBack spam, collecting and analyzing almost 10 million samples from a massive spam campaign over a 1 period. We report our finding including where the spam campaign leads and why blog spammers are different than email spammers.
[Publication] NetQi A Model checker for Anticipation Game
NetQi is a free and open-source model-checker that implements the anticipation game logic framework, a variant of timed game. NetQi was designed to analyze
all kind of network evolutions. In particular it is well suited to analyze network attacks and intrusions.
TalkBack is a new blog Linkback protocol that use a lightweight PKI and a rate limiting system to fight blog SPAM
We present a new technique to count the number of host behind a NAT. This technique based on TCP timestamp option, work with Linux and OSX system which make it
complementary to the previous one based on IPID that only works against Windows hosts.
[Software] NetAnalyzer
NetAnalyzer is a multi-threaded statefull passive network analyzer.
[Software] Foursquare PHP
Foursquare-php is a php library that allows to easily display Foursquare informations on a webpage.
[Software] Webseclab
Webseclab is a virtual environement designed to provides student a web security hands-on experience.
[Software] SaferChrome
SaferChrome makes browsing safer by identifying and preventing security and privacy breaches.
[Software] NetQi
Netqi is a model checker for the anticipation game framework.
Tag cloud
Social news
Blog Posts
loading, please wait