Learn More
This paper reports the highlights of a user study which gauges reactions to a variety of common “trust indicators” – such as logos, third party endorsements, and padlock icons – over a selection of authentic and phishing stimuli. In the course of the think-aloud protocol, participants revealed different sensitivities to email messages and web pages. Our(More)
In this paper we introduce the notion of warkitting as the drive-by subversion of wireless home routers through unauthorized access by mobile WiFi clients. We describe how such attacks can be performed, evaluate the vulnerability of currently deployed wireless routers based on experimental data, and examine the impact of these attacks on Internet fraud. Our(More)
This short paper describes an attack that exploits the online marketplace’s susceptibility to covert fraud, opaqueness of embedded software, and social engineering to hijack account access and ultimately steal money. The attacker introduces a fatal security flaw into a trusted embedded system (e.g. computer motherboard, network interface card, network(More)
Mix-networks, a family of anonymous messaging protocols, have been engineered to withstand a wide range of theoretical internal and external adversaries. An undetectable insider threat—voluntary partial trace disclosures by server administrators—remains a troubling source of vulnerability. An administrator's cooperation could be the resulting(More)
A design formalization based on behavior tables was presented at Lfm97. This paper describes ongoing work on a supporting tool, now in development. The goal is to make design derivation, the interactive construction of correct implementations, more natural and visually palatable while preserving the benefits of formal manipulation. We review the syntax and(More)
Net Trust is a distributed reputation system that identifies fraudulent web sites by aggregating individual opinions and browsing histories over user-selected social networks. This paper examines the security properties intrinsic to any correct implementation of Net Trust’s ratings system and the privacy properties arising from the paper’s proposed(More)