Automated Mining of User Account Access Graphs
OPEN ACCESS
Loading...
Author / Producer
Date
2021
Publication Type
Master Thesis
ETH Bibliography
yes
Citations
Altmetric
OPEN ACCESS
Data
Rights / License
Abstract
Most users have a multitude of different accounts making it hard to get
an overview for security analysis. In particular, as there are frequently
multiple ways to obtain access to an account, be it via recovery methods
or through storage in a password manager. To model and analyze
such relationships, prior work introduced a formalism called account
access graphs, but to work with it, it is necessary to create the graph
manually from the knowledge about the user’s account setup. This
thesis proposes to automate the generation of account access graphs
from data that the user already has access to, such as exports required
by privacy legislation and their email archive. The complexity of the
user setups is addressed with a flexible and extensible design. To prove
the viability, a corresponding implementation lays the foundation of
a practically applicable tool that also integrates the existing analysis
capabilities.
Permanent link
Publication status
published
External links
Editor
Contributors
Book title
Journal / series
Volume
Pages / Article No.
Publisher
ETH Zurich
Event
Edition / version
Methods
Software
Geographic location
Date collected
Date created
Subject
Organisational unit
03634 - Basin, David / Basin, David