The main goal of this thesis is the security evaluation of captured Single Sign-On traffic. For this purpose, an existing JAVA tool will be used and extended.
The thesis consists of three parts:
- Test Catalog: A test catalog summarizing all previously implemented features and new scanning features will be elaborated. The result of this task is a comprehensive methodology how to analyze Single Sign-On traffic.
- Implementation: A ground truth consisting of traces of 1.000 websites will be provided by the supervisors. In this phase, the new features will be implemented and evaluated.
- Large-scale Evaluation: The improved traffic analyzer will be integrated in the production environment and used to analyze the traffic on Tranco TOP 10.000 websites supporting Single Sign-On. A scanning report will be generated and the results will be graphically presented.
The challenge for this thesis is the traffic analysis of a given HAR-file and Single Sign-On discovery. For this purpose:
- Contact firstname.lastname@example.org to receive the HAR file.
- Implement a JAVA application parsing and analyzing the captured HAR traffic
- The challenge is solved when your application successfully detects the authentication response in the OAuth flow. Your solution should be generic as possible and should work on other HAR traffic files, too.
- (Message-Level Security is a plus)