English
Related papers

Related papers: Browser-Based Covert Data Exfiltration

200 papers

A network covert channel is created that uses resource names such as addresses to convey information, and that approximates typical user behavior in order to blend in with its environment. The channel correlates available resource names…

Cryptography and Security · Computer Science 2014-08-21 Joshua Davis , Victor S. Frost

Both enterprise and national firewalls filter network connections. For data forensics and botnet removal applications, it is important to establish the information source. In this paper, we describe a data transport layer which allows a…

Cryptography and Security · Computer Science 2017-04-04 Yu Fu , Zhe Jia , Lu Yu , Xingsi Zhong , Richard Brooks

The domain name system (DNS) that maps alphabetic names to numeric Internet Protocol (IP) addresses plays a foundational role for Internet communications. By default, DNS queries and responses are exchanged in unencrypted plaintext, and…

Cryptography and Security · Computer Science 2024-07-08 Minzhao Lyu , Hassan Habibi Gharakheili , Vijay Sivaraman

In the presence of security countermeasures, a malware designed for data exfiltration must do so using a covert channel to achieve its goal. Among existing covert channels stands the domain name system (DNS) protocol. Although the detection…

Cryptography and Security · Computer Science 2018-06-19 Asaf Nadler , Avi Aminov , Asaf Shabtai

This paper presents new methods enabling anonymous communication on the Internet. We describe a new protocol that allows us to create an anonymous overlay network by exploiting the web browsing activities of regular users. We show that the…

Cryptography and Security · Computer Science 2007-05-23 Matthias Bauer

Due to the vital role of security in online communications and this fact that attackers are developing their tools, modernizing the security tools is an essential. The efficiency of crypto systems has been proven after years, however one…

Cryptography and Security · Computer Science 2020-04-01 Mahboubeh Nazari , Sousan Tarahomi , Sobhan Aliabady

There is a continuous increase in the sophistication that modern malware exercise in order to bypass the deployed security mechanisms. A typical approach to evade the identification and potential takedown of a botnet command and control…

Cryptography and Security · Computer Science 2019-09-17 Constantinos Patsakis , Fran Casino , Vasilios Katos

Browser fingerprinting is the identification of a browser through the network traffic captured during communication between the browser and server. This can be done using the HTTP protocol, browser extensions, and other methods. This paper…

Cryptography and Security · Computer Science 2024-10-29 Sandhya Aneja , Nagender Aneja

Domain Name Service is a trusted protocol made for name resolution, but during past years some approaches have been developed to use it for data transfer. DNS Tunneling is a method where data is encoded inside DNS queries, allowing…

Cryptography and Security · Computer Science 2020-06-16 Franco Palau , Carlos Catania , Jorge Guerra , Sebastian Garcia , Maria Rigaki

We present a novel mechanism to construct a covert channel based on page faults. A page fault is an event that occurs when a process or a thread tries to access a page of memory that is not currently mapped to its address space. The kernel…

Operating Systems · Computer Science 2025-09-26 Sathvik Swaminathan

Network steganography and covert communication channels have been studied extensively in the past. However, prior works offer minimal practical use for their proposed techniques and are limited to specific use cases and network protocols.…

Cryptography and Security · Computer Science 2025-11-11 Sirus Shahini , Robert Ricci

We analyzed the generation of protocol header fields in the implementations of multiple TCP/IP network stacks and found new ways to leak information about global protocol states. We then demonstrated new covert channels by remotely…

Cryptography and Security · Computer Science 2022-09-02 Amit Klein

Computer network is unpredictable due to information warfare and is prone to various attacks. Such attacks on network compromise the most important attribute, the privacy. Most of such attacks are devised using special communication channel…

Cryptography and Security · Computer Science 2011-01-04 Anjan K , Jibi Abraham , Mamatha Jadhav

In the standard web browser programming model, third-party scripts included in an application execute with the same privilege as the application's own code. This leaves the application's confidential data vulnerable to theft and leakage by…

Cryptography and Security · Computer Science 2023-05-09 Abhishek Bichhawat , Vineet Rajani , Jinank Jain , Deepak Garg , Christian Hammer

Real-time, online-editing web apps provide free and convenient services for collaboratively editing, sharing and storing files. The benefits of these web applications do not come for free: not only do service providers have full access to…

Cryptography and Security · Computer Science 2019-11-19 Yihao Hu , Ari Trachtenberg , Prakash Ishwar

Web browsers provide the security foundation for our online experiences. Significant research has been done into the security of browsers themselves, but relatively little investigation has been done into how they interact with the…

Cryptography and Security · Computer Science 2025-04-25 Dolière Francis Somé , Moaz Airan , Zakir Durumeric , Cristian-Alexandru Staicu

Security protocols enable secure communication over insecure channels. Privacy protocols enable private interactions over secure channels. Security protocols set up secure channels using cryptographic primitives. Privacy protocols set up…

Cryptography and Security · Computer Science 2023-11-03 Jason Castiglione , Dusko Pavlovic , Peter-Michael Seidel

Securing the communication between a web server and a browser is a fundamental task of securing the World Wide Web. Websites today rely heavily on HTTPS to set up secure connections. In recent years, several incidents undermined this trust…

Cryptography and Security · Computer Science 2021-05-13 Thomas Sutter , Kevin Lapagna , Peter Berlich , Marc Rennhard , Fabio Germann

Browser extensions are third party programs, tightly integrated to browsers, where they execute with elevated privileges in order to provide users with additional functionalities. Unlike web applications, extensions are not subject to the…

Cryptography and Security · Computer Science 2019-01-14 Dolière Francis Somé

Internet censors seek ways to identify and block internet access to information they deem objectionable. Increasingly, censors deploy advanced networking tools such as deep-packet inspection (DPI) to identify such connections. In response,…

Networking and Internet Architecture · Computer Science 2016-11-15 Lucas Dixon , Thomas Ristenpart , Thomas Shrimpton
‹ Prev 1 2 3 10 Next ›