English
Related papers

Related papers: DOMtegrity: Ensuring Web Page Integrity against Ma…

200 papers

The FIDO2 protocol aims to strengthen or replace password authentication using public-key cryptography. FIDO2 has primarily focused on defending against attacks from afar by remote attackers that compromise a password or attempt to phish…

Cryptography and Security · Computer Science 2023-08-08 Tarun Kumar Yadav , Kent Seamons

The same-origin policy is a fundamental part of the Web. Despite the restrictions imposed by the policy, embedding of third-party JavaScript code is allowed and commonly used. Nothing is guaranteed about the integrity of such code. To…

Cryptography and Security · Computer Science 2018-09-18 Jukka Ruohonen , Joonas Salovaara , Ville Leppänen

Password-based authentication faces various security and usability issues. Password managers help alleviate some of these issues by enabling users to manage their passwords effectively. However, malicious client-side scripts and browser…

Cryptography and Security · Computer Science 2024-02-12 Anuj Gautam , Tarun Kumar Yadav , Kent Seamons , Scott Ruoti

Password managers provide significant security benefits to users. However, malicious client-side scripts and browser extensions can steal passwords after the manager has autofilled them into the web page. In this paper, we extend prior work…

Cryptography and Security · Computer Science 2025-10-16 Anuj Gautam , Tarun Yadav , Garrett Smith , Kent Seamons , Scott Ruoti

With the increasing need for inclusive and user-friendly technology, web accessibility is crucial to ensuring equal access to online content for individuals with disabilities, including visual, auditory, cognitive, or motor impairments.…

Human-Computer Interaction · Computer Science 2024-02-13 Calista Huang , Alyssa Ma , Suchir Vyasamudri , Eugenie Puype , Sayem Kamal , Juan Belza Garcia , Salar Cheema , Michael Lutz

With the rise of attacks on online accounts in the past years, more and more services offer two-factor authentication for their users. Having factors out of two of the three categories something you know, something you have and something…

Cryptography and Security · Computer Science 2022-07-07 Timon Hackenjos , Benedikt Wagner , Julian Herr , Jochen Rill , Marek Wehmer , Niklas Goerke , Ingmar Baumgart

Browser extensions are third party programs, tightly integrated to browsers, where they execute with elevated privileges in order to provide users with additional functionalities. Unlike web applications, extensions are not subject to the…

Cryptography and Security · Computer Science 2019-01-14 Dolière Francis Somé

Over the past three decades, computers have managed to make their way into a majority of households. Due to this enormous transition, the surge in the internets popularity was inevitable. Just like everything else, whatever has a pro also…

Cryptography and Security · Computer Science 2024-09-02 C. Amuthadevi , Sparsh Srivastava , Raghav Khatoria , Varun Sangwan

The digital age requires strong security measures to protect online activities. Two-Factor Authentication (2FA) has emerged as a critical solution. However, its implementation presents significant challenges, particularly in terms of…

Cryptography and Security · Computer Science 2025-02-18 Alexander Lengert

Searching accounts for one of the most frequently performed computations over the Internet as well as one of the most important applications of outsourced computing, producing results that critically affect users' decision-making behaviors.…

We present new analytic techniques for inferring HTTP semantics from passive observations of HTTPS that can infer the value of important fields including the status-code, Content-Type, and Server, and the presence or absence of several…

Cryptography and Security · Computer Science 2018-05-30 Blake Anderson , Andrew Chi , Scott Dunlop , David McGrew

The Domain Name System Security Extensions (DNSSEC) are critical for preventing DNS spoofing, yet its specifications contain ambiguities and vulnerabilities that elude traditional "break-and-fix" approaches. A holistic, foundational…

Cryptography and Security · Computer Science 2025-12-15 Qifan Zhang , Zilin Shen , Imtiaz Karim , Elisa Bertino , Zhou Li

With web applications becoming a preferred method of presenting graphical user interfaces to users, software vulnerabilities affecting web applications are becoming more and more prevalent and devastating. Some of these vulnerabilities,…

Cryptography and Security · Computer Science 2019-08-14 Michael Flanders

Real-time, online-editing web apps provide free and convenient services for collaboratively editing, sharing and storing files. The benefits of these web applications do not come for free: not only do service providers have full access to…

Cryptography and Security · Computer Science 2019-11-19 Yihao Hu , Ari Trachtenberg , Prakash Ishwar

Nowadays, cyberattacks are growing exponentially, causing havoc to Internet users. In particular, authentication attacks constitute the major attack vector where intruders impersonate legitimate users to maliciously access systems or…

Cryptography and Security · Computer Science 2025-06-18 Ang Kok Wee , Eyasu Getahun Chekole , Jianying Zhou

Digital fingerprints have brought great convenience and benefits to many online businesses. However, they pose a significant threat to the privacy and security of ordinary users. In this paper, we investigate the effectiveness of current…

Cryptography and Security · Computer Science 2025-02-21 Kaitong Lin , Huazhu Cao , Amin Milani Fard

Users regularly enter sensitive data, such as passwords, credit card numbers, or tax information, into the browser window. While modern browsers provide powerful client-side privacy measures to protect this data, none of these defenses…

Digital repositories, either digital preservation systems or archival systems, periodically check the integrity of stored objects to assure users of their correctness. To do so, prior solutions calculate integrity metadata and require the…

Databases · Computer Science 2014-09-26 Nikos Chondros , Mema Roussopoulos

Although the security benefits of domain name encryption technologies such as DNS over TLS (DoT), DNS over HTTPS (DoH), and Encrypted Client Hello (ECH) are clear, their positive impact on user privacy is weakened by--the still exposed--IP…

Cryptography and Security · Computer Science 2021-06-17 Nguyen Phong Hoang , Arian Akhavan Niaki , Phillipa Gill , Michalis Polychronakis

This paper introduces a Machine Learning-Driven website Platform and Browser Extension designed to quickly enhance online security by providing real-time risk scoring and fraud detection for website legitimacy verification and consumer…

Cryptography and Security · Computer Science 2024-11-04 Md Kamrul Hasan Chy , Obed Nana Buadi