Automatic text processing: the transformation, analysis, and retrieval of information by computer
Automatic text processing: the transformation, analysis, and retrieval of information by computer
Untraceable electronic mail, return addresses, and digital pseudonyms
Communications of the ACM
Automatic Information Organization and Retrieval.
Automatic Information Organization and Retrieval.
Extending p3p to facilitate proxies which pose as a potential threat to privacy
TrustBus'06 Proceedings of the Third international conference on Trust, Privacy, and Security in Digital Business
Hi-index | 0.00 |
Several active attacks on user privacy in the World Wide Web using cookies or active elements (Java, Javascript, ActiveX) are known. One goal is to identify a user in consecutive Internet session to track and to profile him (such a profile can be extended by personal information if available). In this paper, a passive attack is presented that uses information of a different network layer in the first place. It is exposed how expressive the data of the HyperText Transfer Protocol (HTTP) can be with respect to identify computers (and therefore their users). An algorithm to reidentify computers using dynamically assigned IP addresses with a certain degree of assurance is introduced. Thereafter simple countermeasures are demonstrated. The motivation for this attack is to show the capability of passive privacy attacks using Web server log files and to propagate the use of anonymising techniques for Web users.