کد مقاله | کد نشریه | سال انتشار | مقاله انگلیسی | نسخه تمام متن |
---|---|---|---|---|
6884282 | 695189 | 2015 | 9 صفحه PDF | دانلود رایگان |
عنوان انگلیسی مقاله ISI
Design and analysis of enumeration attacks on finding friends with phone numbers: A case study with KakaoTalk
دانلود مقاله + سفارش ترجمه
دانلود مقاله ISI انگلیسی
رایگان برای ایرانیان
کلمات کلیدی
موضوعات مرتبط
مهندسی و علوم پایه
مهندسی کامپیوتر
شبکه های کامپیوتری و ارتباطات
پیش نمایش صفحه اول مقاله
چکیده انگلیسی
Users' phone numbers are popularly used for finding friends in instant messaging (IM) services. In this paper, we present a new security concern about this search feature through a case study with KakaoTalk which is the most widely used IM in Korea. We demonstrate that there are multiple ways of collecting victims' personal information such as their (display) names, phone numbers and photos, which can be potentially misused for a variety of cyber-criminal activities. Our experimental results show that a user's personal data can be obtained automatically (0.26Â s on average). The results also indicate that a large portion of KakaoTalk users (72.8%) have used real or real-like names in their profiles, which means that our discovered enumeration attacks seem to be practically dangerous. To mitigate these attacks, we present three countermeasures including a misuse detection system that can discover abnormal application activities within a certain time-window.
ناشر
Database: Elsevier - ScienceDirect (ساینس دایرکت)
Journal: Computers & Security - Volume 52, July 2015, Pages 267-275
Journal: Computers & Security - Volume 52, July 2015, Pages 267-275
نویسندگان
Eunhyun Kim, Kyungwon Park, Hyoungshick Kim, Jaeseung Song,