Litcius/Paper detail

Impersonation-as-a-Service: Characterizing the Emerging Criminal Infrastructure for User Impersonation at Scale

Michele Campobasso, Luca Allodi

202024 citationsDOIOpen Access PDF

Abstract

In this paper we provide evidence of an emerging criminal infrastructure enabling impersonation attacks at scale. Impersonation-as-a-Service (IMPaaS) allows attackers to systematically collect and enforce user profiles (consisting of user credentials, cookies, device and behavioural fingerprints, and other metadata) to circumvent risk-based authentication system and effectively bypass multi-factor authentication mechanisms. We present the IMPaaS model and evaluate its implementation by analysing the operation of a large, invite-only, Russian IMPaaS platform providing user profiles for more than 260,000 Internet users worldwide. Our findings suggest that the IMPaaS model is growing, and provides the mechanisms needed to systematically evade authentication controls across multiple platforms, while providing attackers with a reliable, up-to-date, and semi-automated environment enabling target selection and user impersonation against Internet users as scale.

Topics & Concepts

Computer securityAuthentication (law)The InternetComputer scienceScale (ratio)Selection (genetic algorithm)Internet privacyKey (lock)Internet usersUser interfaceWorld Wide WebEnd userIp addressMulti-factor authenticationPhishingExploitCritical infrastructureInternet securityUser Authentication and Security SystemsSpam and Phishing DetectionPrivacy, Security, and Data Protection
Impersonation-as-a-Service: Characterizing the Emerging Criminal Infrastructure for User Impersonation at Scale | Litcius