seb/keylogger-detector
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2025-01-05. You can view files and clone it, but cannot push or open issues or pull requests.
keylogger-detector/doc/research/acm_risk_of_stolen_credentials.bib
Sebastian Lenzlinger 522fb0a847 Add QR Code to repository.
2023-06-13 11:39:09 +02:00

17 lines
2.2 KiB
BibTeX
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

@inproceedings{10.1145/3133956.3134067,
author = {Thomas, Kurt and Li, Frank and Zand, Ali and Barrett, Jacob and Ranieri, Juri and Invernizzi, Luca and Markov, Yarik and Comanescu, Oxana and Eranti, Vijay and Moscicki, Angelika and Margolis, Daniel and Paxson, Vern and Bursztein, Elie},
title = {Data Breaches, Phishing, or Malware? Understanding the Risks of Stolen Credentials},
year = {2017},
isbn = {9781450349468},
publisher = {Association for Computing Machinery},
address = {New York, NY, USA},
url = {https://doi.org/10.1145/3133956.3134067},
doi = {10.1145/3133956.3134067},
abstract = {In this paper, we present the first longitudinal measurement study of the underground ecosystem fueling credential theft and assess the risk it poses to millions of users. Over the course of March, 2016--March, 2017, we identify 788,000 potential victims of off-the-shelf keyloggers; 12.4 million potential victims of phishing kits; and 1.9 billion usernames and passwords exposed via data breaches and traded on blackmarket forums. Using this dataset, we explore to what degree the stolen passwords---which originate from thousands of online services---enable an attacker to obtain a victim's valid email credentials---and thus complete control of their online identity due to transitive trust. Drawing upon Google as a case study, we find 7--25\% of exposed passwords match a victim's Google account. For these accounts, we show how hardening authentication mechanisms to include additional risk signals such as a user's historical geolocations and device profiles helps to mitigate the risk of hijacking. Beyond these risk metrics, we delve into the global reach of the miscreants involved in credential theft and the blackhat tools they rely on. We observe a remarkable lack of external pressure on bad actors, with phishing kit playbooks and keylogger capabilities remaining largely unchanged since the mid-2000s.},
booktitle = {Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security},
pages = {14211434},
numpages = {14},
keywords = {keylogger, phishing, risk analysis, data breach, password reuse, authentication, phishing kit, password},
location = {Dallas, Texas, USA},
series = {CCS '17}
}
Reference in New Issue View Git Blame Copy Permalink