English
Related papers

Related papers: Limitless HTTP in an HTTPS World: Inferring the Se…

200 papers

HTTPS is quickly rising alongside the need of Internet users to benefit from security and privacy when accessing the Web, and it becomes the predominant application protocol on the Internet. This migration towards a secure Web using HTTPS…

Cryptography and Security · Computer Science 2020-08-20 Wazen M. Shbair , Thibault Cholez , Jerome Francois , Isabelle Chrisment

Browser fingerprinting is the identification of a browser through the network traffic captured during communication between the browser and server. This can be done using the HTTP protocol, browser extensions, and other methods. This paper…

Cryptography and Security · Computer Science 2024-10-29 Sandhya Aneja , Nagender Aneja

Traffic monitoring is essential for network management tasks that ensure security and QoS. However, the continuous increase of HTTPS traffic undermines the effectiveness of current service-level monitoring that can only rely on unreliable…

Cryptography and Security · Computer Science 2020-08-20 Wazen M. Shbair , Thibault Cholez , Jerome Francois , Isabelle Chrisment

The possibility of fingerprinting the search keywords issued by a user on popular web search engines is a significant threat to user privacy. This threat has received surprisingly little attention in the network traffic analysis literature.…

Cryptography and Security · Computer Science 2020-08-20 Junhua Yan , Hasan Faik Alan , Jasleen Kaur

TLS is an end-to-end protocol designed to provide confidentiality and integrity guarantees that improve end-user security and privacy. While TLS helps defend against pervasive surveillance of intercepted unencrypted traffic, it also hinders…

Cryptography and Security · Computer Science 2023-01-26 Xavier de Carné de Carnavalet , Paul C. van Oorschot

The surge in website attacks, including Denial of Service (DoS), Cross-Site Scripting (XSS), and Clickjacking, underscores the critical need for robust HTTPS implementation-a practice that, alarmingly, remains inadequately adopted.…

Cryptography and Security · Computer Science 2024-10-22 Urvashi Kishnani , Sanchari Das

In the Internet age, cyber-attacks occur frequently with complex types. Traffic generated by access activities can record website status and user request information, which brings a great opportunity for network attack detection. Among…

Cryptography and Security · Computer Science 2018-11-01 Yuqi Yu , Hanbing Yan , Hongchao Guan , Hao Zhou

Modern HTTPS mechanisms such as Encrypted Client Hello (ECH) and encrypted DNS improve privacy but remain vulnerable to website fingerprinting (WF) attacks, where adversaries infer visited sites from encrypted traffic patterns. Existing WF…

Cryptography and Security · Computer Science 2025-12-22 Yifei Cheng , Yujia Zhu , Baiyang Li , Xinhao Deng , Yitong Cai , Yaochen Ren , Qingyun Liu

In webpage fingerprinting, an on-path adversary infers the specific webpage loaded by a victim user by analysing the patterns in the encrypted TLS traffic exchanged between the user's browser and the website's servers. This work studies…

Cryptography and Security · Computer Science 2023-10-30 Vasilios Mavroudis , Jamie Hayes

The World Wide Web's connectivity is greatly attributed to the HTTP protocol, with HTTP messages offering informative header fields that appeal to disciplines like web security and privacy, especially concerning web tracking. Despite…

Cryptography and Security · Computer Science 2025-02-28 Wolf Rieder , Philip Raschke , Thomas Cory

Hypertext Transfer Protocol Secure (HTTPS) protocol has become an integral part of modern Internet technology. Currently, it is the primary protocol for commercialized web applications. It can provide a fast, secure connection with a…

Cryptography and Security · Computer Science 2022-09-28 Gordon King , Hans Wang

Hypertext transfer protocol (HTTP) is one of the most widely used protocols on the Internet. As a consequence, most attacks (i.e., SQL injection, XSS) use HTTP as the transport mechanism. Therefore, it is crucial to develop an intelligent…

Machine Learning · Computer Science 2021-08-05 Mateusz Gniewkowski , Henryk Maciejewski , Tomasz R. Surmacz , Wiktor Walentynowicz

Internet browsers use security protocols to protect sensitive messages. An inductive analysis of TLS (a descendant of SSL 3.0) has been performed using the theorem prover Isabelle. Proofs are based on higher-order logic and make no…

Cryptography and Security · Computer Science 2019-07-18 Lawrence C. Paulson

Securing the communication between a web server and a browser is a fundamental task of securing the World Wide Web. Websites today rely heavily on HTTPS to set up secure connections. In recent years, several incidents undermined this trust…

Cryptography and Security · Computer Science 2021-05-13 Thomas Sutter , Kevin Lapagna , Peter Berlich , Marc Rennhard , Fabio Germann

With the advent of cloud computing and the Internet, the commercialized website becomes capable of providing more web services, such as software as a service (SaaS) or function as a service (FaaS), for great user experiences. Undoubtedly,…

Cryptography and Security · Computer Science 2022-09-27 Gordon King , Hans Wang

The use of TLS by malware poses new challenges to network threat detection because traditional pattern-matching techniques can no longer be applied to its messages. However, TLS also introduces a complex set of observable data features that…

Cryptography and Security · Computer Science 2016-07-07 Blake Anderson , Subharthi Paul , David McGrew

TLS stripping attacks expose sensitive web traffic by forcing secure HTTPS connections to fall back to unencrypted HTTP. At present, protection against these attacks relies on website operators explicitly opting into security by deploying…

Cryptography and Security · Computer Science 2026-05-29 Aaron van Diepen , Adrian Zapletal , Fernando Kuipers

Web-fraud is one of the most unpleasant features of today's Internet. Two well-known examples of fraudulent activities on the web are phishing and typosquatting. Their effects range from relatively benign (such as unwanted ads) to downright…

Cryptography and Security · Computer Science 2015-03-13 Mishari Al Mishari , Emiliano De Cristofaro , Karim El Defrawy , Gene Tsudik

Website fingerprinting attacks, which use statistical analysis on network traffic to compromise user privacy, have been shown to be effective even if the traffic is sent over anonymity-preserving networks such as Tor. The classical attack…

Cryptography and Security · Computer Science 2019-02-22 Anatoly Shusterman , Lachlan Kang , Yarden Haskal , Yosef Meltser , Prateek Mittal , Yossi Oren , Yuval Yarom

Website fingerprinting enables an attacker to infer which web page a client is browsing through encrypted or anonymized network connections. We present a new website fingerprinting technique based on random decision forests and evaluate…

Cryptography and Security · Computer Science 2016-02-22 Jamie Hayes , George Danezis
‹ Prev 1 2 3 10 Next ›