Timing attacks on Web privacy

Authors:
Edward W. Felten;Michael A. Schneider
Affiliations:
Secure Internet Programming Laboratory, Department of Computer Science, Princeton University, Princeton, NJ;Secure Internet Programming Laboratory, Department of Computer Science, Princeton University, Princeton, NJ
Venue:
Proceedings of the 7th ACM conference on Computer and communications security
Year:
2000

Citing 5
Cited 60

Crowds: anonymity for Web transactions

ACM Transactions on Information and System Security (TISSEC)
DNS and BIND

DNS and BIND
How to Make Personalized Web Browising Simple, Secure, and Anonymous

FC '97 Proceedings of the First International Conference on Financial Cryptography
Blocking Java Applets at the Firewall

SNDSS '97 Proceedings of the 1997 Symposium on Network and Distributed System Security
Organization-based analysis of web-object sharing and caching

USITS'99 Proceedings of the 2nd conference on USENIX Symposium on Internet Technologies and Systems - Volume 2

Deanonymizing Users of the SafeWeb Anonymizing Service

Proceedings of the 11th USENIX Security Symposium
Towards Pseudonymous e-Commerce

Electronic Commerce Research
Information flow in hybrid systems

ACM Transactions on Embedded Computing Systems (TECS)
Timed model checking of security protocols

Proceedings of the 2004 ACM workshop on Formal methods in security engineering
Tracking anonymous peer-to-peer VoIP calls on the internet

Proceedings of the 12th ACM conference on Computer and communications security
A Tool for Improving the Web Accessibility of Visually Handicapped Persons

Journal of Medical Systems
Invasive browser sniffing and countermeasures

Proceedings of the 15th international conference on World Wide Web
Protecting browser state from web privacy attacks

Proceedings of the 15th international conference on World Wide Web
A multifaceted approach to understanding the botnet phenomenon

Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
Puppetnets: misusing web browsers as a distributed attack infrastructure

Proceedings of the 13th ACM conference on Computer and communications security
Network Information Flow

Fundamenta Informaticae - SPECIAL ISSUE ON CONCURRENCY SPECIFICATION AND PROGRAMMING (CS&P 2005) Ruciane-Nide, Poland, 28-30 September 2005
Exposing private information by timing web applications

Proceedings of the 16th international conference on World Wide Web
On Inferring Application Protocol Behaviors in Encrypted Network Traffic

The Journal of Machine Learning Research
Design, implementation, and evaluation of duplicate transfer detection in HTTP

NSDI'04 Proceedings of the 1st conference on Symposium on Networked Systems Design and Implementation - Volume 1
Non-Interference Control Synthesis for Security Timed Automata

Electronic Notes in Theoretical Computer Science (ENTCS)
Private web search

Proceedings of the 2007 ACM workshop on Privacy in electronic society
An analysis of browser domain-isolation bugs and a light-weight transparent defense mechanism

Proceedings of the 14th ACM conference on Computer and communications security
The ND2DB attack: database content extraction using timing attacks on the indexing algorithms

WOOT '07 Proceedings of the first USENIX workshop on Offensive Technologies
Web Camouflage: Protecting Your Clients from Browser-Sniffing Attacks

IEEE Security and Privacy
Observation Based System Security

Fundamenta Informaticae - Special Issue on Concurrency Specification and Programming (CS&P)
Geographic web usage estimation by monitoring DNS caches

Proceedings of the first international workshop on Location and the web
Timed analysis of security protocols

Journal of Computer Security - Formal Methods in Security Engineering Workshop (FMSE 04)
A Timing Attack on Blakley's Modular Multiplication Algorithm, and Applications to DSA

ACNS '07 Proceedings of the 5th international conference on Applied Cryptography and Network Security
Opportunities and Limits of Remote Timing Attacks

ACM Transactions on Information and System Security (TISSEC)
SOMA: mutual approval for included content in web pages

Proceedings of the 15th ACM conference on Computer and communications security
Puppetnets: Misusing Web Browsers as a Distributed Attack Infrastructure

ACM Transactions on Information and System Security (TISSEC)
Probabilistic Information Flow Security

Fundamenta Informaticae - Concurrency Specification and Programming (CS&P)
Security in a Model for Long-running Transactions

Fundamenta Informaticae - Concurrency Specification and Programming (CS&P)
RequestPolicy: Increasing Web Browsing Privacy through Control of Cross-Site Requests

PETS '09 Proceedings of the 9th International Symposium on Privacy Enhancing Technologies
Deterring voluntary trace disclosure in re-encryption mix-networks

ACM Transactions on Information and System Security (TISSEC)
Information-flow attacks based on limited observations

PSI'06 Proceedings of the 6th international Andrei Ershov memorial conference on Perspectives of systems informatics
DNS prefetching and its privacy implications: when good things go bad

LEET'10 Proceedings of the 3rd USENIX conference on Large-scale exploits and emergent threats: botnets, spyware, worms, and more
An empirical study of privacy-violating information flows in JavaScript web applications

Proceedings of the 17th ACM conference on Computer and communications security
Website fingerprinting and identification using ordered feature sequences

ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Web browser history detection as a real-world privacy threat

ESORICS'10 Proceedings of the 15th European conference on Research in computer security
AdJail: practical enforcement of confidentiality and integrity policies on web advertisements

USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Application-level reconnaissance: timing channel attacks against antivirus software

LEET'11 Proceedings of the 4th USENIX conference on Large-scale exploits and emergent threats
Timing is everything: the importance of history detection

ESORICS'11 Proceedings of the 16th European conference on Research in computer security
App isolation: get the security of multiple browsers with just one

Proceedings of the 18th ACM conference on Computer and communications security
WAR: wireless anonymous routing

Proceedings of the 11th international conference on Security Protocols
Empirical and theoretical evaluation of active probing attacks and their countermeasures

IH'04 Proceedings of the 6th international conference on Information Hiding
Extracting user web browsing patterns from non-content network traces: The online advertising case study

Computer Networks: The International Journal of Computer and Telecommunications Networking
Extending p3p to facilitate proxies which pose as a potential threat to privacy

TrustBus'06 Proceedings of the Third international conference on Trust, Privacy, and Security in Digital Business
Efficient web browsing with perfect anonymity using page prefetching

ICA3PP'10 Proceedings of the 10th international conference on Algorithms and Architectures for Parallel Processing - Volume Part I
Spying in the dark: TCP and tor traffic analysis

PETS'12 Proceedings of the 12th international conference on Privacy Enhancing Technologies
Addressing covert termination and timing channels in concurrent information flow systems

Proceedings of the 17th ACM SIGPLAN international conference on Functional programming
Probabilistic Information Flow Security

Fundamenta Informaticae - Concurrency Specification and Programming (CS&P)
Security in a Model for Long-running Transactions

Fundamenta Informaticae - Concurrency Specification and Programming (CS&P)
Observation Based System Security

Fundamenta Informaticae - Special Issue on Concurrency Specification and Programming (CS&P)
Network Information Flow

Fundamenta Informaticae - SPECIAL ISSUE ON CONCURRENCY SPECIFICATION AND PROGRAMMING (CS&P 2005) Ruciane-Nide, Poland, 28-30 September 2005
WAFFle: fingerprinting filter rules of web application firewalls

WOOT'12 Proceedings of the 6th USENIX conference on Offensive Technologies
Scriptless attacks: stealing the pie without touching the sill

Proceedings of the 2012 ACM conference on Computer and communications security
Protecting access privacy of cached contents in information centric networks

Proceedings of the 2012 ACM conference on Computer and communications security
Securing web-clients with instrumented code and dynamic runtime monitoring

Journal of Systems and Software
I know the shortened URLs you clicked on Twitter: inference attack using public click analytics and Twitter metadata

Proceedings of the 22nd international conference on World Wide Web
CacheKeeper: a system-wide web caching service for smartphones

Proceedings of the 2013 ACM international joint conference on Pervasive and ubiquitous computing
Privacy in content-oriented networking: threats and countermeasures

ACM SIGCOMM Computer Communication Review
Cross-origin pixel stealing: timing attacks using CSS filters

Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
SideAuto: quantitative information flow for side-channel leakage in web applications

Proceedings of the 12th ACM workshop on Workshop on privacy in the electronic society
Flow stealing: A well-timed redirection attack

Journal of Computer Security - Research in Computer Security and Privacy: Emerging Trends

Quantified Score

Hi-index	0.00

Timing attacks on Web privacy

Quantified Score

Visualization

Abstract