Florian Fankhauser
Projektass. Dipl.-Ing.
Florian Fankhauser
- Email: florian.fankhauser@tuwien.ac.at
- Phone: +43-1-58801-183410
- Office: (1040 Wien, Favoritenstrasse 11)
- About:
- Orcid:
- Keywords:
- Roles: PreDoc Researcher
Publications
Global VoIP security threats - large scale validation based on independent honeynets
Markus GruberDirk HoffstadtAdnan AzizFlorian FankhauserChristian SchanesErwin RathgebThomas GrechenigKeywords:
Astract: Voice over IP (VoIP) gains more and more attractiveness by large companies as well as private users. Therefore, the risk increases that VoIP systems get attacked by hackers. In order to effectively protect VoIP users from misuse, researchers use, e.g., honeynets to capture and analyze VoIP attacks occurring in the Internet. Global VoIP security threats are analyzed by studying several millions of real-world attacks collected in independent VoIP honeynet solutions with different capture mechanisms over a long period of time. Due to the validation of results from several honeynet designs we have achieved a unique, much broader view on large scale attacks. The results show similar attacker behavior, confirm previous assumptions about attacks and present new insights in large scale VoIP attacks, e.g., for toll fraud.
Gruber, M., Hoffstadt, D., Aziz, A., Fankhauser, F., Schanes, C., Rathgeb, E., & Grechenig, T. (2015). Global VoIP security threats - large scale validation based on independent honeynets. In 2015 IFIP Networking Conference (IFIP Networking). IFIP Networking Conference (IFIP Networking 2015), Toulouse, Frankreich, EU. IEEE Conference Publications. https://doi.org/10.1109/ifipnetworking.2015.7145329
Prying open Pandora's box: KCI attacks against TLS
Clemens HlauschekMarkus GruberFlorian FankhauserChristian SchanesKeywords:
Astract: Protection of Internet communication is becoming more common in many products, as the demand for privacy in an age of state-level adversaries and crime syndicates is steadily increasing. The industry standard for doing this is TLS. The TLS protocol supports a multitude of key agreement and authentication options which provide various different security guarantees. Recent attacks showed that this plethora of cryptographic options in TLS (including long forgotten government backdoors, which have been cunningly inserted via export restric- tion laws) is a Pandora's box, waiting to be pried open by heinous computer whizzes. Novel attacks lay hidden in plain sight. Parts of TLS are so old that their foul smell of rot cannot be easily distinguished from the flowery smell of 'strong' cryptography and water-tight security mechanisms. With an arcane (but well-known among some theoretical cryptographers) tool, we put new cracks into Pandora's box, achieving a full break of TLS security. This time, the tool of choice is KCI, or Key Compromise Impersonation.
The TLS protocol includes a class of key agreement and authentication methods that are vulnerable to KCI attacks: non-ephemeral Diffie-Hellman key exchange with fixed Diffie-Hellman client authentication - both on elliptic curve groups, as well as on classical integer groups modulo a prime. We show that TLS clients that support these weak handshakes pose serious security concerns in modern systems, opening the supposedly securely encrypted communication to full-blown Man-in-the-Middle (MitM) attacks.
This paper discusses and analyzes KCI attacks in regard to the TLS protocol. We present an evaluation of the TLS software landscape regarding this threat, including a successful MitM attack against the Safari Web Browser on Mac OS X. We conclude that the insecure TLS options that enable KCI attacks should be immediately dis- abled in TLS clients and removed from future versions and implementations of the protocol: their utility is extremely limited, their raison d'etre is practically nil, and the existence of these insecure key agreement options only adds to the arsenal of attack vectors against cryptographically secured communication on the Internet.
Hlauschek, C., Gruber, M., Fankhauser, F., & Schanes, C. (2015). Prying open Pandora’s box: KCI attacks against TLS. 9th USENIX Workshop on Offensive Technologies (WOOT 15), Washington D.C., Non-EU. http://hdl.handle.net/20.500.12708/86209
KCI-based Man-in-the-Middle Attacks against TLS
Clemens HlauschekMarkus GruberFlorian FankhauserChristian Schanes
Hlauschek, C., Gruber, M., Fankhauser, F., & Schanes, C. (2015). KCI-based Man-in-the-Middle Attacks against TLS. BSidesVienna 2015, Wien, Austria. http://hdl.handle.net/20.500.12708/86221
Schanes, C., Fankhauser, F., & Grechenig, T. (2015). Aktive Bewußtseinsbildung. Workshop Internationale Wirtschafts- und Industriespionage, Wien, Austria. http://hdl.handle.net/20.500.12708/86225
Analyse spezieller Anforderungen an Sicherheitstesttools für GUI-basierte Anwendungen und Entwurf eines toolgestützten methodischen Sicherheitstestvorgehens
Stefan TaberFlorian FankhauserThomas GrechenigKeywords: Software Testing, Security Tests, GUI Testing, GUI, GUI Testing Framework;
Astract: Nowadays most applications use Graphical User Interfaces (GUIs) to interact with the user. Those GUIs are frequently used by attackers to manipulate applications. Although applications are usually tested intensely, the GUIs of the applications are rarely checked with respect to the most critical security aspects. To increase the robustness of the applications, appropriate automated security testing is required the identifies vulnerabilities in the application reliably.
The objective of this master's thesis is to design a comprehensive GUI testing framework that not only allows functional testing of GUIs but also security tests.
First, fundamentals of automated security testing of GUIs and relevant requirements of these are discussed through literature research.
Subsequently, a comparative overview of existing tools for GUI testing is given. This research shows that most of the tools are only suitable for functional testing, where as using these tools for security testing is not feasible. Reasons for that are the lack of support for suitable analytical systems to identify emerging vulnerabilities and a clear separation between test data and test cases. The latter is required for executing the test cases with many different security-relevant test data.
Based on these observations a new platform- and programming language-independent testing framework is designed. It builds on existing solutions to support many different applications with different GUIs (e.g. Java applications and websites). The designed framework supports not only functional testing of the GUIs but particularly considers the special requirements of security tests. The proposed design serves as a model for the development of GUI testing frameworks to increase the quality and security of GUIs.
Taber, S. (2013). Analyse spezieller Anforderungen an Sicherheitstesttools für GUI-basierte Anwendungen und Entwurf eines toolgestützten methodischen Sicherheitstestvorgehens [Diploma Thesis, Technische Universität Wien]. reposiTUm. http://hdl.handle.net/20.500.12708/159704
Teaching
Introduction to Security
Semester: 2024W; Nr: 194.157; Type: VU; Hours: 4.0; Language: German; View on TISSTeam
Business Informatics Group, TU Wien
Professors
Christian Huemer
Ao.Univ.Prof. Mag.rer.soc.oec.Dr.rer.soc.oec.
Dominik Bork
Associate Prof. Dipl.-Wirtsch.Inf.Univ.Dr.rer.pol.
Gerti Kappel
O.Univ.Prof.in Dipl.-Ing.inMag.a Dr.in techn.
Henderik Proper
Univ.Prof. PhDResearchers
Aleksandar Gavric
Univ.Ass. MEng. B.Eng.Galina Paskaleva
Projektass.in Dipl.-Ing.inDipl.-Ing.in BSc
Marianne Schnellmann
Univ.Ass.in BSc MScMarion Murzek
Senior Lecturer Mag.a rer.soc.oec.Dr.in rer.soc.oec.
Marion Scholz
Senior Lecturer Dipl.-Ing.inMag.a rer.soc.oec.