Investigation: Facebook ID login on

    General discussion

  • Below are the labeled traces for analysis:

    benign trace       scenario (A)                     scenario (B)                   scenario (C)

    Some basic understandings about the benign trace:

    1. The trace is very complex. Each raw traffic file contains more than 30 HTTP conversations. I manually identified that only the first 5 conversations are related to the SSO. So I have removed all other conversations from the raw traffic.

    Tuesday, February 07, 2012 7:25 PM