English
Related papers

Related papers: After You, Please: Browser Extensions Order Attack…

200 papers

Thanks to HTML5, users can now view videos on Web browsers without installing plug-ins or relying on specific devices. In 2017, W3C published Encrypted Media Extensions (EME) as the first official Web standard for Digital Rights Management…

Cryptography and Security · Computer Science 2023-08-11 Gwendal Patat , Mohamed Sabt , Pierre-Alain Fouque

The power of digital platforms is at the center of major ongoing policy and regulatory efforts. To advance existing debates, we designed and executed an experiment to measure the performative power of online search providers. Instantiated…

Computers and Society · Computer Science 2024-11-01 Celestine Mendler-Dünner , Gabriele Carovano , Moritz Hardt

Browser fingerprinting is an invasive and opaque stateless tracking technique. Browser vendors, academics, and standards bodies have long struggled to provide meaningful protections against browser fingerprinting that are both accurate and…

Cryptography and Security · Computer Science 2020-08-12 Umar Iqbal , Steven Englehardt , Zubair Shafiq

In this paper we argue that policies are an increasing concern for organizations that are operating a web site. Examples of policies that are relevant in the domain of the web address issues such as privacy of personal data, accessibility…

Computers and Society · Computer Science 2008-07-31 Holger M. Kienle , Hausi A. Müller

The trend towards mobile devices usage has put more than ever the Web as a ubiquitous platform where users perform all kind of tasks. In some cases, users access the Web with 'native' mobile applications developed for well-known sites, such…

Human-Computer Interaction · Computer Science 2019-06-05 Gabriela Bosetti , Sergio Firmenich , Silvia Gordillo , Gustavo Rossi , Marco Winckler

Autonomous browsing agents powered by large language models (LLMs) are increasingly used to automate web-based tasks. However, their reliance on dynamic content, tool execution, and user-provided data exposes them to a broad attack surface.…

Cryptography and Security · Computer Science 2025-05-20 Mykyta Mudryi , Markiyan Chaklosh , Grzegorz Wójcik

We present a simple yet potentially devastating and hard-to-detect threat, called Gummy Browsers, whereby the browser fingerprinting information can be collected and spoofed without the victim's awareness, thereby compromising the privacy…

Cryptography and Security · Computer Science 2021-10-20 Zengrui Liu , Prakash Shrestha , Nitesh Saxena

As third-party cookies are being phased out or restricted by major browsers, first-party cookies are increasingly repurposed for tracking. Prior work has shown that third-party scripts embedded in the main frame can access and exfiltrate…

Cryptography and Security · Computer Science 2025-10-02 Pouneh Nikkhah Bahrami , Aurore Fass , Zubair Shafiq

We study the well-known coded caching problem in an online learning framework, wherein requests arrive sequentially, and an online policy can update the cache contents based on the history of requests seen thus far. We introduce a caching…

Information Theory · Computer Science 2024-09-20 Anupam Nayak , Kota Srinivas Reddy , Nikhil Karamchandani

Attack-awareness recognizes self-awareness for security systems regarding the occurring attacks. More frequent and intense attacks on cloud and network infrastructures are pushing security systems to the limit. With the end of Moore's Law,…

Networking and Internet Architecture · Computer Science 2020-05-19 Lukas Iffländer , Nishant Rawtani , Lukas Beierlieb , Nicolas Fella , Klaus-Dieter Lange , Samuel Kounev

Many cybersecurity breaches occur due to users not following good cybersecurity practices, chief among them being regulations for applying software patches to operating systems, updating applications, and maintaining strong passwords. We…

Multiagent Systems · Computer Science 2020-03-26 Nirav Ajmeri , Shubham Goyal , Munindar P. Singh

Internet users are more likely to ignore Internet content verification and more likely to share the content. When it comes to Islamic content, it is crucial to share and spread fake or inaccurate content. Even if the verification process of…

Computers and Society · Computer Science 2017-01-26 Maged M. Eljazzar , Mostafa Abdulhamid , Mahmoud Mouneer , Ayman Salama

The new information and communication technology providers collect increasing amounts of personal data, a lot of which is user generated. Unless use policies are privacy-friendly, this leaves users vulnerable to privacy risks such as…

Computers and Society · Computer Science 2020-05-20 Jana Korunovska , Bernadette Kamleitner , Sarah Spiekermann

Third party apps that work on top of personal cloud services such as Google Drive and Dropbox, require access to the user's data in order to provide some functionality. Through detailed analysis of a hundred popular Google Drive apps from…

Computers and Society · Computer Science 2016-08-22 Hamza Harkous , Rameez Rahman , Bojan Karlas , Karl Aberer

Browsers use security policies to block malicious behaviors. Cross-Origin Read Blocking (CORB) is a browser security policy for preventing side-channel attacks such as Spectre. We propose a web browser security policy fuzzer called CorbFuzz…

Cryptography and Security · Computer Science 2021-09-02 Chaofan Shou , Ismet Burak Kadron , Qi Su , Tevfik Bultan

Large language models (LLMs) are increasingly being integrated into web browsers to create agentic browsing systems that execute actions on behalf of the user. Prior work considering the security of agentic browsers focuses exclusively on…

Cryptography and Security · Computer Science 2026-05-08 Sohom Datta , Alex Nahapetyan , William Enck , Alexandros Kapravelos

Event-driven programming (EDP) is the prevalent paradigm for graphical user interfaces, web clients, and it is rapidly gaining importance for server-side and network programming. Central components of EDP are {\em event loops}, which act as…

Cryptography and Security · Computer Science 2017-06-29 Pepe Vila , Boris Köpf

In this paper we present three attacks on private internal networks behind a NAT and a corresponding new protection mechanism, Internal Network Policy, to mitigate a wide range of attacks that penetrate internal networks behind a NAT. In…

Cryptography and Security · Computer Science 2019-10-04 Yehuda Afek , Anat Bremler-Barr , Alon Noy

Most modern web browsers today sacrifice optimal TLS security for backward compatibility. They apply coarse-grained TLS configurations that support (by default) legacy versions of the protocol that have known design weaknesses, and weak…

Cryptography and Security · Computer Science 2018-09-18 Eman Salem Alashwali , Kasper Rasmussen

Web browsers provide a user-friendly means of navigating the web. Users rely on their web browser to provide information about the websites they are visiting, such as the security state. Browsers also provide a user interface (UI) with…

Digital Libraries · Computer Science 2021-04-28 Abigail Mabe