Toward Exposing Timing-Based Probing Attacks in Web Applications
نویسندگان
چکیده
منابع مشابه
Toward Exposing Timing-Based Probing Attacks in Web Applications †
Web applications have become the foundation of many types of systems, ranging from cloud services to Internet of Things (IoT) systems. Due to the large amount of sensitive data processed by web applications, user privacy emerges as a major concern in web security. Existing protection mechanisms in modern browsers, e.g., the same origin policy, prevent the users' browsing information on one webs...
متن کاملWeb Timing Attacks Made Practical
This paper addresses the problem of exploiting timing side channels in web applications. To date, differences in execution time have been difficult to detect and to exploit. Very small differences in execution time induced by different security logics, coupled with the fact that these small differences are often lost to significant network noise, make their detection difficult. Additionally, te...
متن کاملStrategies for Automatically Exposing Faults in Web Applications
Web sites, such as Amazon.com and Travelocity, have become an integral way to perform daily operations in business, government, and academia. Since customers depend on these online sites, the correctness of the web applications driving them is crucial. The critical need for reliable web applications motivates the development of inexpensive, effective testing methods. One cost-effective approach...
متن کاملExposing Impersonation Attacks in Online Social Networks
Today, users sign on to most online social networking sites like Facebook, Twitter, and Google+ via weak identities, i.e., unverified identities that do not require users to prove that their online identities match their offline (real world) personalities. Weak identities leave the sites vulnerable to a variety of fake identity or Sybil attacks. In this paper, we focus on identity impersonation...
متن کاملOn Making Encrypted Web Traffic Resistant to Timing-Analysis Attacks
In this paper we introduce a trace-based tunnel that is resistant to traffic analysis in the sense that it provides deniability to users that a specific web page was fetched given that a packet trace is observed on the tunnel. We present a scheduler design for managing the transmission of traces to satisfy user traffic demand while maintaining reasonably low delay and throughput overhead due to...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Sensors
سال: 2017
ISSN: 1424-8220
DOI: 10.3390/s17030464