Kaixuan Luo
PhD Candidate @ Mobile Technologies Centre (MobiTeC), The Chinese University of Hong Kong (CUHK)
Former Intern @ Samsung Research America
Session
02-27
09:00
30min
Cross-app OAuth Attacks in Integration Platforms: Mix-up Attacks Reloaded
Kaixuan Luo
OAuth Mix-up attacks were considered hard to exploit.
In this talk, we focus on open ecosystems like integration platforms that enable practical variants of mix-up attacks via malicious app integrations, and discuss potential tailored spec changes.
Kaldalón