English
Related papers

Related papers: Rigorous statistical analysis of HTTPS reachabilit…

200 papers

HTTPS is quickly rising alongside the need of Internet users to benefit from security and privacy when accessing the Web, and it becomes the predominant application protocol on the Internet. This migration towards a secure Web using HTTPS…

Cryptography and Security · Computer Science 2020-08-20 Wazen M. Shbair , Thibault Cholez , Jerome Francois , Isabelle Chrisment

Revelations of large scale electronic surveillance and data mining by governments and corporations have fueled increased adoption of HTTPS. We present a traffic analysis attack against over 6000 webpages spanning the HTTPS deployments of 10…

Cryptography and Security · Computer Science 2014-03-04 Brad Miller , Ling Huang , A. D. Joseph , J. D. Tygar

If two or more identical HTTPS clients, located at different geographic locations (regions), make an HTTPS request to the same domain (e.g. example.com), on the same day, will they receive the same HTTPS security guarantees in response? Our…

Cryptography and Security · Computer Science 2020-10-21 Eman Salem Alashwali , Pawel Szalachowski , Andrew Martin

As of February, 2015, HTTP/2, the update to the 16-year-old HTTP 1.1, is officially complete. HTTP/2 aims to improve the Web experience by solving well-known problems (e.g., head of line blocking and redundant headers), while introducing…

Networking and Internet Architecture · Computer Science 2015-07-24 Matteo Varvello , Kyle Schomp , David Naylor , Jeremy Blackburn , Alessandro Finamore , Kostantina Papagiannaki

It is notoriously difficult to securely configure HTTPS, and poor server configurations have contributed to several attacks including the FREAK, Logjam, and POODLE attacks. In this work, we empirically evaluate the TLS security posture of…

Cryptography and Security · Computer Science 2021-11-02 Camelia Simoiu , Wilson Nguyen , Zakir Durumeric

TLS stripping attacks expose sensitive web traffic by forcing secure HTTPS connections to fall back to unencrypted HTTP. At present, protection against these attacks relies on website operators explicitly opting into security by deploying…

Cryptography and Security · Computer Science 2026-05-29 Aaron van Diepen , Adrian Zapletal , Fernando Kuipers

The possibility of fingerprinting the search keywords issued by a user on popular web search engines is a significant threat to user privacy. This threat has received surprisingly little attention in the network traffic analysis literature.…

Cryptography and Security · Computer Science 2020-08-20 Junhua Yan , Hasan Faik Alan , Jasleen Kaur

The surge in website attacks, including Denial of Service (DoS), Cross-Site Scripting (XSS), and Clickjacking, underscores the critical need for robust HTTPS implementation-a practice that, alarmingly, remains inadequately adopted.…

Cryptography and Security · Computer Science 2024-10-22 Urvashi Kishnani , Sanchari Das

This article provides a quantitative analysis of privacy-compromising mechanisms on 1 million popular websites. Findings indicate that nearly 9 in 10 websites leak user data to parties of which the user is likely unaware; more than 6 in 10…

Cryptography and Security · Computer Science 2015-11-03 Timothy Libert

HSTS (HTTP Strict Transport Security) serves to protect websites from certain attacks by allowing web servers to inform browsers that only secure HTTPS connections should be used. However, this still leaves the initial connection unsecured…

Cryptography and Security · Computer Science 2019-05-14 JV Roig , Eunice Grace Gatdula

Authenticating websites is an ongoing problem for users. Recent proposals have suggested strengthening current server authentication methods by incorporating website location as a comprehensible additional trust factor. In this work, we…

Cryptography and Security · Computer Science 2018-03-02 Der-Yeuan Yu , Elizabeth Stobert , David Basin , Srdjan Capkun

As of today, TLS is the most commonly used protocol to protect communication content. To provide good security, it is of central importance, that administrators know how to configure their services correctly. For this purpose, services…

Human-Computer Interaction · Computer Science 2018-09-25 Christian Tiefenau , Emanuel von Zezschwitz

Securing the communication between a web server and a browser is a fundamental task of securing the World Wide Web. Websites today rely heavily on HTTPS to set up secure connections. In recent years, several incidents undermined this trust…

Cryptography and Security · Computer Science 2021-05-13 Thomas Sutter , Kevin Lapagna , Peter Berlich , Marc Rennhard , Fabio Germann

With the popularity of mobile devices, such as smartphones, tablets, users prefer visiting Web pages on mobile devices. Meanwhile, HTTP(S) plays as the major protocol to deliver Web contents, and has served the Web well for more than 15…

Networking and Internet Architecture · Computer Science 2017-12-04 Yi Liu

Achieving situational awareness is a challenging process in current HTTPS-dominant web traffic. In this paper, we propose a new approach to encrypted web traffic monitoring. First, we design a method for correlating host-based and network…

Cryptography and Security · Computer Science 2022-06-23 Stanislav Špaček , Petr Velan , Pavel Čeleda , Daniel Tovarňák

Hosting providers play a key role in fighting web compromise, but their ability to prevent abuse is constrained by the security practices of their own customers. {\em Shared} hosting, offers a unique perspective since customers operate…

The third version of the Hypertext Transfer Protocol (HTTP) is currently in its final standardization phase by the IETF. Besides better security and increased flexibility, it promises benefits in terms of performance. HTTP/3 adopts a more…

Networking and Internet Architecture · Computer Science 2021-11-11 Martino Trevisan , Danilo Giordano , Idilio Drago , Ali Safari Khatouni

The ongoing trend to move industrial appliances from previously isolated networks to the Internet requires fundamental changes in security to uphold secure and safe operation. Consequently, to ensure end-to-end secure communication and…

Cryptography and Security · Computer Science 2022-06-02 Markus Dahlmanns , Johannes Lohmöller , Jan Pennekamp , Jörn Bodenhausen , Klaus Wehrle , Martin Henze

HTTP client hints are a set of standardized HTTP request headers designed to modernize and potentially replace the traditional user agent string. While the user agent string exposes a wide range of information about the client's browser and…

Cryptography and Security · Computer Science 2024-05-24 Stephan Wiefling , Marian Hönscheid , Luigi Lo Iacono

HTTP is a successful Internet technology on top of which a lot of the web resides. However, limitations with its current specification, i.e. HTTP/1.1, have encouraged some to look for the next generation of HTTP. In SPDY, Google has come up…

Networking and Internet Architecture · Computer Science 2014-01-28 Yehia Elkhatib , Gareth Tyson , Michael Welzl
‹ Prev 1 2 3 10 Next ›