English
Related papers

Related papers: Tricking Johnny into Granting Web Permissions

200 papers

As AI agents attempt to autonomously act on users' behalf, they raise transparency and control issues. We argue that permission-based access control is indispensable in providing meaningful control to the users, but conventional permission…

Cryptography and Security · Computer Science 2025-11-25 Yuhao Wu , Ke Yang , Franziska Roesner , Tadayoshi Kohno , Ning Zhang , Umar Iqbal

Owing to the increase in 'certified' phishing websites, there is a steady increase in the number of phishing cases and general susceptibility to phishing. Trust mechanisms (e.g., HTTPS Lock Indicators, SSL Certificates) that help…

With the popularity of mobile devices, such as smartphones, tablets, users prefer visiting Web pages on mobile devices. Meanwhile, HTTP(S) plays as the major protocol to deliver Web contents, and has served the Web well for more than 15…

Networking and Internet Architecture · Computer Science 2017-12-04 Yi Liu

The GDPR requires websites to facilitate the right to revoke consent from Web users. While numerous studies measured compliance of consent with the various consent requirements, no prior work has studied consent revocation on the Web.…

Cryptography and Security · Computer Science 2025-05-26 Gayatri Priyadarsini Kancherla , Nataliia Bielova , Cristiana Santos , Abhishek Bichhawat

Autonomous UI agents powered by AI have tremendous potential to boost human productivity by automating routine tasks such as filing taxes and paying bills. However, a major challenge in unlocking their full potential is security, which is…

Cryptography and Security · Computer Science 2025-05-20 Ivan Evtimov , Arman Zharmagambetov , Aaron Grattafiori , Chuan Guo , Kamalika Chaudhuri

Network latency in mobile software has a large impact on user experience, with potentially severe economic consequences. Prefetching and caching have been shown effective in reducing the latencies in browser-based systems. However, those…

Software Engineering · Computer Science 2018-10-23 Yixue Zhao , Paul Wat , Marcelo Schmitt Laser , Nenad Medvidovic

The increased use of digital devices and applications has led to a rise in phishing attacks. We develop a serious game to raise awareness about phishing attacks and help people avoid these threats in a risk-free learning environment. This…

Cryptography and Security · Computer Science 2025-01-22 Argianto Rahartomo , Ahmed Tareq Ali Ghaleb , Mohammad Ghafari

Android is among the popular platforms running on millions of smart devices, like smartphones and tablets, whose widespread adoption is seen as an opportunity for spreading malware. Adding malicious payloads to cracked applications, often…

Cryptography and Security · Computer Science 2019-03-13 Konstantinos-Panagiotis Grammatikakis , Angela Ioannou , Stavros Shiaeles , Nicholas Kolokotronis

Nowadays, the development of Web applications supporting distributed user interfaces (DUI) is straightforward. However, it is still hard to find Web sites supporting this kind of user interaction. Although studies on this field have…

Human-Computer Interaction · Computer Science 2019-06-05 Sergio Firmenich , Gabriela Bosetti , Gustavo Rossi , Marco Winckler , José María Corletto

While JavaScript established itself as a cornerstone of the modern web, it also constitutes a major tracking and security vector, thus raising critical privacy and security concerns. In this context, some browser extensions propose to…

Cryptography and Security · Computer Science 2023-01-26 Romain Fouquet , Pierre Laperdrix , Romain Rouvoy

The web is experiencing an explosive growth in the last years. New technologies are introduced at a very fast-pace with the aim of narrowing the gap between web-based applications and traditional desktop applications. The results are web…

Cryptography and Security · Computer Science 2015-07-14 Alfredo De Santis , Giancarlo De Maio , Umberto Ferraro Petrillo

While companies increasingly rely on data, especially when it comes to targeted advertising, adapting content to users, selling data and training machine learning models, the collection of data raises privacy concerns. One way of collecting…

Human-Computer Interaction · Computer Science 2026-05-15 Liv Hilde Sjøflot , Tobias A. Opsahl

Text phish messages, referred to as Smishing is a type of social engineering attack where fake text messages are created, and used to lure users into responding to those messages. These messages aim to obtain user credentials, install…

Cryptography and Security · Computer Science 2022-12-29 Muhammad Lutfor Rahman , Daniel Timko , Hamid Wali , Ajaya Neupane

In response to the ePrivacy Directive and the consent requirements introduced by the GDPR, websites began deploying consent banners to obtain user permission for data collection and processing. However, due to shared third-party services…

Networking and Internet Architecture · Computer Science 2025-07-21 Ali Rasaii , Ha Dao , Anja Feldmann , Mohammadmahdi Javid , Oliver Gasser , Devashish Gosain

Privacy policies govern how personal data is collected, used, and shared. Yet, in most privacy-policy consent flows, agreement is operationalized as a single click at the end of a long, opaque policy document. Recent privacy-law scholarship…

Human-Computer Interaction · Computer Science 2026-04-28 Qian Ma , Aditya Majumdar , Sarah Rajtmajer , Brett Frischmann

With the fast development of large language models (LLMs), LLM-driven Web Agents (Web Agents for short) have obtained tons of attention due to their superior capability where LLMs serve as the core part of making decisions like the human…

Cryptography and Security · Computer Science 2024-02-28 Fangzhou Wu , Shutong Wu , Yulong Cao , Chaowei Xiao

The European Union's General Data Protection Regulation (GDPR) requires websites to ask for consent to the use of cookies for \emph{specific purposes}. This enlarges the relevant design space for consent dialogs. Websites could try to…

Human-Computer Interaction · Computer Science 2020-03-04 Dominique Machuletz , Rainer Böhme

Browser Extensions (often called plugins or addons) are small pieces of code that let developers add additional functionality to the browser. However, with extensions comes a security price: the user must trust the developer. We look at…

Cryptography and Security · Computer Science 2014-03-14 Abhay Rana , Rushil Nagda

Browser fingerprinting is a relatively new method of uniquely identifying browsers that can be used to track web users. In some ways it is more privacy-threatening than tracking via cookies, as users have no direct control over it. A number…

Cryptography and Security · Computer Science 2019-05-24 Nasser Mohammed Al-Fannah , Wanpeng Li , Chris J Mitchell

Through a combination of experimental and simulation results, we illustrate that passive recommendations encoded in typical computer user-interfaces (UIs) can subdue users' natural proclivity to access diverse information sources. Inspired…

Human-Computer Interaction · Computer Science 2018-12-18 Homanga Bharadhwaj , Nisheeth Srivastava