White Papers and Scientific Research
The Real Face of KOOBFACE – TrendLabs (Trend Micro Inc.)
Probably the most comprehensive research yet on the Koobface social network worm. Be sure to check out the full three part series:
- “The Real Face of KOOBFACE: The Largest Web 2.0 Botnet Explained”
- “The Heart of KOOBFACE: C&C and Social Network Propagation”
- “Show Me the Money!: The Monetization of KOOBFACE”
Security and Privacy in Social Networks Bibliography – Maintained by Joseph Bonneau
Over 74 papers on social network security and privacy! Other social network resource links are included.
White paper on Dynamic Cross-Site Request Forgery. This attack was covered by Nathan Hamiel and Shawn Moyer at Black Hat US 2009 and Defcon 17. This paper outlines the issue and gives a couple of examples of attacks using the Dynamic CSRF vector.
Busting Frame Busting: a Study of Clickjacking Vulnerabilities on Popular Sites – Gustav Rydstedt, Elie Bursztein, Dan Boneh, Collin Jackson