Van Goethem et al., 2015 - Google Patents
The clock is still ticking: Timing attacks in the modern webVan Goethem et al., 2015
View PDF- Document ID
- 10376159778693461708
- Author
- Van Goethem T
- Joosen W
- Nikiforakis N
- Publication year
- Publication venue
- Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security
External Links
Snippet
Web-based timing attacks have been known for over a decade, and it has been shown that, under optimal network conditions, an adversary can use such an attack to obtain information on the state of a user in a cross-origin website. In recent years, desktop computers have …
- 238000005259 measurement 0 abstract description 52
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/82—Protecting input, output or interconnection devices
- G06F21/83—Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L27/00—Modulated-carrier systems
- H04L27/26—Systems using multi-frequency codes
- H04L27/2601—Multicarrier modulation systems
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Van Goethem et al. | The clock is still ticking: Timing attacks in the modern web | |
| Lee et al. | Pride and prejudice in progressive web apps: Abusing native app-like features in web applications | |
| Franken et al. | Who left open the cookie jar? a comprehensive evaluation of {Third-Party} cookie policies | |
| US8515918B2 (en) | Method, system and computer program product for comparing or measuring information content in at least one data stream | |
| Nikiforakis et al. | You are what you include: large-scale evaluation of remote javascript inclusions | |
| Acar et al. | The web never forgets: Persistent tracking mechanisms in the wild | |
| US10333924B2 (en) | Reliable selection of security countermeasures | |
| Borders et al. | Quantifying information leaks in outbound web traffic | |
| Khodayari et al. | The state of the samesite: Studying the usage, effectiveness, and adequacy of samesite cookies | |
| US11386181B2 (en) | Detecting a change to the content of information displayed to a user of a website | |
| Bhavani | Cross-site scripting attacks on android webview | |
| US11303670B1 (en) | Pre-filtering detection of an injected script on a webpage accessed by a computing device | |
| US9210184B2 (en) | Determining the vulnerability of computer software applications to attacks | |
| Kim et al. | Inferring browser activity and status through remote monitoring of storage usage | |
| Sanchez-Rola et al. | Bakingtimer: privacy analysis of server-side request processing time | |
| Urban et al. | Towards understanding privacy implications of adware and potentially unwanted programs | |
| Bauer et al. | Analyzing the dangers posed by Chrome extensions | |
| Zaheri et al. | Targeted deanonymization via the cache side channel: Attacks and defenses | |
| Sanchez-Rola et al. | Cookies from the past: Timing server-side request processing code for history sniffing | |
| Van Acker et al. | Password meters and generators on the web: From large-scale empirical study to getting it right | |
| Beer et al. | Tabbed out: Subverting the android custom tab security model | |
| Shahriar et al. | Proclick: a framework for testing clickjacking attacks in web applications | |
| Sanchez-Rola et al. | Rods with laser beams: Understanding browser fingerprinting on phishing pages | |
| US11736512B1 (en) | Methods for automatically preventing data exfiltration and devices thereof | |
| Kimak | An investigation into possible attacks on HTML5 indexedDB and their prevention |