References of "Lanze, Fabian 50002168"
     in
Bookmark and Share    
Full Text
Peer Reviewed
See detailAnalysis of Fingerprinting Techniques for Tor Hidden Services
Panchenko, Andriy UL; Mitseva, Asya UL; Henze, Martin et al

in Proceedings of the 24th ACM Computer and Communications Security (ACM CCS) 16th Workshop on Privacy in the Electronic Society (ACM WPES 2017) (2017, October 31)

Detailed reference viewed: 202 (17 UL)
Full Text
Peer Reviewed
See detailWebsite Fingerprinting at Internet Scale
Panchenko, Andriy UL; Lanze, Fabian UL; Zinnen, Andreas et al

in Proceedings of the 23rd Internet Society (ISOC) Network and Distributed System Security Symposium (NDSS 2016) (2016, February)

Detailed reference viewed: 387 (32 UL)
Full Text
Peer Reviewed
See detailA Formalization of Fingerprinting Techniques
Lanze, Fabian UL; Panchenko, Andriy UL; Engel, Thomas UL

in Proceedings of the IEEE International Symposium on Recent Advances of Trust, Security and Privacy in Computing and Communications (IEEE RATSP 2015), held in conjunction with IEEE TrustCom 2015 (2015, August)

Detailed reference viewed: 163 (14 UL)
See detailFingerprinting Techniques for Network Security
Lanze, Fabian UL

Doctoral thesis (2015)

Fingerprinting techniques aim to identify objects such as devices, data, users, or even attacks, based on distinctive characteristics. The goal of this thesis is to de- velop and evaluate methods for ... [more ▼]

Fingerprinting techniques aim to identify objects such as devices, data, users, or even attacks, based on distinctive characteristics. The goal of this thesis is to de- velop and evaluate methods for fingerprinting in different application domains and to contribute to a better understanding of fingerprinting in general. We concentrate on approaches that are applicable in practice to improve the security of computer networks. We first introduce a novel formal model of the central concepts of finger- printing in order to relate techniques to their particular application scenario. This model allows the comparison of approaches and the evaluation of their effectiveness for practical use. The evil twin attack in 802.11 networks is a severe security problem that nei- ther the industry nor the research community has found appropriate solutions for. Motivated by this threat, we develop novel fingerprinting methods. We address this challenge from two angles. In our first approach we exploit minuscule yet observable inaccuracies in crystal-oscillator-driven computer clocks. We will show that several conclusions drawn in the related research about the efficacy of this fingerprinting feature are false. We then enhance state-of-the-art approaches and for the first time provide a solution for remote physical device fingerprinting performed by typical off-the-shelf client devices that is able to mitigate the evil twin threat in practice. The second approach focuses on fingerprinting the behavioral characteristics of soft- ware tools that have been developed or can be misused to mount the attack. As we will show, our fingerprinting methods, which primarily exploit unavoidable low-level characteristics, allow the reliable detection of such an attack strategy within a few seconds. We then switch the perspective to the attacker’s side and investigate a finger- printing method that has been proposed to attack anonymization networks such as Tor by using traffic analysis, commonly referred to as website fingerprinting. We propose a novel approach that outperforms state-of-the-art methods in this area. We then evaluate for the first time the practical applicability of website fingerprinting in a realistic scenario, while avoiding simplified assumptions predominantly made in the related research. Our evaluation indicates that this particular threat, which is considered to be a serious security problem affecting many users, is not as severe as presumed. Therefore, concerns that have been raised and strategies for circumvent- ing this attack that have been proposed need to be reconsidered. [less ▲]

Detailed reference viewed: 276 (27 UL)
Full Text
Peer Reviewed
See detailHacker’s Toolbox: Detecting Software-Based 802.11 Evil Twin Access Points
Lanze, Fabian UL; Panchenko, Andriy UL; Ponce-Alcaide, Ignacio et al

in Proceedings of the 12th Annual IEEE Consumer Communications & Networking Conference (CCNC 2015) (2015)

The usage of public Wi-Fi hotspots has become a common routine in our everyday life. They are ubiquitous and offer fast and budget-friendly connectivity for various client devices. However, they are ... [more ▼]

The usage of public Wi-Fi hotspots has become a common routine in our everyday life. They are ubiquitous and offer fast and budget-friendly connectivity for various client devices. However, they are exposed to a severe security threat: since 802.11 identifiers (SSID, BSSID) can be easily faked, an attacker can setup an evil twin, i.e., an access point (AP) that users are unable to distinguish from a legitimate one. Once a user connects to the evil twin, he inadvertently creates a playground for various attacks such as collection of sensitive data (e.g., credit card information, passwords) or man-in-the-middle attacks even on encrypted traffic. It is particularly alarming that this security flaw has led to the development of several tools that are freely available, easy to use and allow mounting the attack from commodity client devices such as laptops, smartphones or tablets without attracting attention. In this paper we provide a detailed overview of tools that have been developed (or can be misused) to set up evil twin APs. We inspect them thoroughly in order to identify characteristics that allow them to be distinguished from legitimate hardware-based access points. Our analysis has discovered three methods for detecting software-based APs. These exploit accuracy flaws due to emulation of hardware behavior or peculiarities of the client Wi-Fi hardware they operate on. Our evaluation with 60 hardware APs and a variety of tools on different platforms reveals enormous potential for reliable detection. Furthermore, our methods can be performed on typical client hardware within a short period of time without even connecting to a potentially untrustworthy access point. [less ▲]

Detailed reference viewed: 207 (4 UL)
Full Text
Peer Reviewed
See detailUndesired Relatives: Protection Mechanisms Against The Evil Twin Attack in IEEE 802.11
Lanze, Fabian UL; Panchenko, Andriy UL; Ponce-Alcaide, Ignacio et al

in Proceedings of the 10th ACM International Symposium on QoS and Security for Wireless and Mobile Networks (2014, September)

Commonly used identifiers for IEEE 802.11 access points (APs), such as network name (SSID), MAC (BSSID), or IP address can be trivially spoofed. Impersonating existing APs with faked ones to attract their ... [more ▼]

Commonly used identifiers for IEEE 802.11 access points (APs), such as network name (SSID), MAC (BSSID), or IP address can be trivially spoofed. Impersonating existing APs with faked ones to attract their traffic is referred to in the literature as the evil twin attack. It allows an attacker with little effort and expenditure to fake a genuine AP and intercept, collect, or alter (potentially even encrypted) data. Due to its severity, the topic has gained remarkable research interest in the past decade. In this paper, we introduce a differentiated attacker model to express the attack in all its facets. We propose a taxonomy for classifying and struc- turing countermeasures and apply it to existing approaches. We are the first to conduct a comprehensive survey in this domain to reveal the potential and the limits of state-of- the-art solutions. Our study discloses an important attack scenario which has not been addressed so far, i.e., the usage of specialized software to mount the attack. We propose and experimentally validate a novel method to detect evil twin APs operated by software within a few seconds. [less ▲]

Detailed reference viewed: 201 (7 UL)
Full Text
Peer Reviewed
See detailLetting the Puss in Boots Sweat: Detecting Fake Access Points using Dependency of Clock Skews on Temperature
Lanze, Fabian UL; Panchenko, Andriy UL; Braatz, Benjamin UL et al

in Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security (ASIACCS 2014) (2014)

Detailed reference viewed: 195 (17 UL)
Full Text
Peer Reviewed
See detailImproving Performance and Anonymity in the Tor Network
Panchenko, Andriy UL; Lanze, Fabian UL; Engel, Thomas UL

in Abstract book of 31st IEEE International Performance Computing and Communications Conference (IEEE IPCCC 2012) (2012)

Detailed reference viewed: 126 (13 UL)
Full Text
Peer Reviewed
See detailClock Skew Based Remote Device Fingerprinting Demystified
Lanze, Fabian UL; Panchenko, Andriy UL; Braatz, Benjamin UL et al

in Proceedings of the 55th International IEEE Global Communications Conference (IEEE GLOBECOM 2012) (2012)

Detailed reference viewed: 133 (12 UL)