Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
126 tokens/sec
GPT-4o
28 tokens/sec
Gemini 2.5 Pro Pro
42 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
38 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Reducing Usefulness of Stolen Credentials in SSO Contexts (2401.11599v1)

Published 21 Jan 2024 in cs.CR

Abstract: Approximately 61% of cyber attacks involve adversaries in possession of valid credentials. Attackers acquire credentials through various means, including phishing, dark web data drops, password reuse, etc. Multi-factor authentication (MFA) helps to thwart attacks that use valid credentials, but attackers still commonly breach systems by tricking users into accepting MFA step up requests through techniques, such as ``MFA Bombing'', where multiple requests are sent to a user until they accept one. Currently, there are several solutions to this problem, each with varying levels of security and increasing invasiveness on user devices. This paper proposes a token-based enroLLMent architecture that is less invasive to user devices than mobile device management, but still offers strong protection against use of stolen credentials and MFA attacks.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (20)
  1. Kerberos: The network authentication protocol.
  2. Apple. Secure enclave. https://support.apple.com/guide/security/secure-enclave-sec59b0b31ff/web.
  3. auth0.com. Json web tokens introduction. https://jwt.io/introduction.
  4. et al., D. C. Internet x.509 public key infrastructure certificate and certificate revocation list (crl) profile. https://datatracker.ietf.org/doc/html/rfc5280#section-3.1.
  5. Analysis of a cloud-based mobile device management solution on android phones: technological and organizational aspects.
  6. Goodin, D. Lapsus$ and solarwinds hackers both use the same old trick to bypass mfa, Mar 2022. https://arstechnica.com/information-technology/2022/03/lapsus-and-solar-winds-hackers-both-use-the-same-old-trick-to-bypass-mfa/.
  7. Google. Tpm-js. https://google.github.io/tpm-js/ Accessed: 4-10-2022.
  8. Group, T. C. Trusted platform module (tpm) summary, Mar 2018. https://trustedcomputinggroup.org/resource/trusted-platform-module-tpm-summary/.
  9. Risk assessment of x.509 certificate by evaluating certification practice statements. 2016 International Conference on Computing, Analytics and Security Trends (CAST) (2016), 501–506.
  10. An effective approach to mobile device management: Security and privacy issues associated with mobile applications. Digital Business 1, 1 (2020), 100001.
  11. Security assertion markup language (saml) 2.0 technical overview.
  12. Analysing the security of google’s implementation of openid connect. In DIMVA (2016).
  13. NIST. Digital identity guidelines for authentication and lifecycle management. https://pages.nist.gov/800-63-3/sp800-63b.html#memsecretver Accessed: 3-18-2022.
  14. A survey on single sign-on techniques. Procedia Technology 4 (2012), 134–139. 2nd International Conference on Computer, Communication, Control and Information Technology( C3IT-2012) on February 25 - 26, 2012.
  15. Security requirements of a mobile device management system.
  16. Taylor, P. Number of devices and connections per person worldwide 2023, Jan 2023.
  17. Data breaches, phishing, or malware? Understanding the risks of stolen credentials (2017).
  18. van Oorschot, P. C. Public-Key Certificate Management and Use Cases. Springer International Publishing, Cham, 2021, pp. 213–244.
  19. webassembly.org. Webassembly. https://webassembly.org/.
  20. Mobile device management (mdm) technologies, issues and challenges. In Proceedings of the 3rd International Conference on Cryptography, Security and Privacy (New York, NY, USA, 2019), ICCSP ’19, Association for Computing Machinery, p. 143–147.

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now