Completed
Introduction
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Timing Attacks Have Never Been So Practical - Advanced Cross-Site Search Attacks
Automatically move to the next video in the Classroom when playback concludes
- 1 Introduction
- 2 Title
- 3 Agenda
- 4 Background
- 5 Attacker Example
- 6 Advanced CrossSite Search Attacks
- 7 Basic CrossSite Search Attack Flow
- 8 Step 1 Challenge Search Request
- 9 Step 2 Dummy Search Request
- 10 Step 2 Challenge Search Request
- 11 Step 1 Statistical Tests
- 12 Challenges
- 13 Response Inflation
- 14 Attack on Gmail
- 15 Two new attack vectors
- 16 Browserbased timing attacks
- 17 Classical timing attacks
- 18 Algorithmic improvements
- 19 Evaluation
- 20 Example
- 21 Browserbased Optimization
- 22 Improved Accuracy
- 23 Demo
- 24 Limitations
- 25 Second Order Attack
- 26 Simple Attack
- 27 Simple Attack Flow
- 28 Inflating Second Order Attack
- 29 Extending the Model
- 30 How to create an inflating record
- 31 Extracting credit card numbers
- 32 Sending requests for autocomplete suggestions
- 33 Attacked account example
- 34 Attacked account demo
- 35 Attack success rate
- 36 Stealthy attack
- 37 Email services
- 38 Defenses
- 39 Conclusions
- 40 Questions