English
Related papers

Related papers: Security Header Fields in HTTP Clients

200 papers

Web communication has become an indispensable characteristic of mobile apps. However, it is not clear what data the apps transmit, to whom, and what consequences such transmissions have. We analyzed the web communications found in mobile…

Cryptography and Security · Computer Science 2020-06-03 Pascal Gadient , Mohammad Ghafari , Marc-Andrea Tarnutzer , Oscar Nierstrasz

[Background] Web communication is universal in cyberspace, and security risks in this domain are devastating. [Aims] We analyzed the prevalence of six security smells in mobile app servers, and we investigated the consequence of these…

Cryptography and Security · Computer Science 2021-08-17 Pascal Gadient , Marc-Andrea Tarnutzer , Oscar Nierstrasz , Mohammad Ghafari

Mobile applications (apps) have become an essential part of everyday life, offering convenient access to services such as banking, healthcare, and shopping. With these apps handling sensitive personal and financial data, ensuring their…

Cryptography and Security · Computer Science 2024-08-20 Anthony Peruma , Timothy Huo , Ana Catarina Araújo , Jake Imanaka , Rick Kazman

The widespread use of smartphones and tablets has made society heavily reliant on mobile applications (apps) for accessing various resources and services. These apps often handle sensitive personal, financial, and health data, making app…

Cryptography and Security · Computer Science 2024-09-17 Timothy Huo , Ana Catarina Araújo , Jake Imanaka , Anthony Peruma , Rick Kazman

The ubiquity of mobile applications has increased dramatically in recent years, opening up new opportunities for cyber attackers and heightening security concerns in the mobile ecosystem. As a result, researchers and practitioners have…

Cryptography and Security · Computer Science 2025-04-22 Irdin Pekaric , Clemens Sauerwein , Simon Laichner , Ruth Breu

HTTP client hints are a set of standardized HTTP request headers designed to modernize and potentially replace the traditional user agent string. While the user agent string exposes a wide range of information about the client's browser and…

Cryptography and Security · Computer Science 2024-05-24 Stephan Wiefling , Marian Hönscheid , Luigi Lo Iacono

The surge in website attacks, including Denial of Service (DoS), Cross-Site Scripting (XSS), and Clickjacking, underscores the critical need for robust HTTPS implementation-a practice that, alarmingly, remains inadequately adopted.…

Cryptography and Security · Computer Science 2024-10-22 Urvashi Kishnani , Sanchari Das

Modern web applications rely heavily on client-side API calls to fetch data, render content, and communicate with backend services. However, the quality of these network interactions (redundant requests, missing cache headers, oversized…

Software Engineering · Computer Science 2026-02-19 Ali Hassaan Mughal , Muhammad Bilal , Noor Fatima

We present new analytic techniques for inferring HTTP semantics from passive observations of HTTPS that can infer the value of important fields including the status-code, Content-Type, and Server, and the presence or absence of several…

Cryptography and Security · Computer Science 2018-05-30 Blake Anderson , Andrew Chi , Scott Dunlop , David McGrew

Network latency in mobile software has a large impact on user experience, with potentially severe economic consequences. Prefetching and caching have been shown effective in reducing the latencies in browser-based systems. However, those…

Software Engineering · Computer Science 2018-10-23 Yixue Zhao , Paul Wat , Marcelo Schmitt Laser , Nenad Medvidovic

The World Wide Web's connectivity is greatly attributed to the HTTP protocol, with HTTP messages offering informative header fields that appeal to disciplines like web security and privacy, especially concerning web tracking. Despite…

Cryptography and Security · Computer Science 2025-02-28 Wolf Rieder , Philip Raschke , Thomas Cory

Securing the communication between a web server and a browser is a fundamental task of securing the World Wide Web. Websites today rely heavily on HTTPS to set up secure connections. In recent years, several incidents undermined this trust…

Cryptography and Security · Computer Science 2021-05-13 Thomas Sutter , Kevin Lapagna , Peter Berlich , Marc Rennhard , Fabio Germann

This paper presents a measurement study of information leakage and SSL vulnerabilities in popular Android apps. We perform static and dynamic analysis on 100 apps, downloaded at least 10M times, that request full network access. Our…

Cryptography and Security · Computer Science 2015-05-05 Lucky Onwuzurike , Emiliano De Cristofaro

Revelations of large scale electronic surveillance and data mining by governments and corporations have fueled increased adoption of HTTPS. We present a traffic analysis attack against over 6000 webpages spanning the HTTPS deployments of 10…

Cryptography and Security · Computer Science 2014-03-04 Brad Miller , Ling Huang , A. D. Joseph , J. D. Tygar

With the popularity of mobile devices, such as smartphones, tablets, users prefer visiting Web pages on mobile devices. Meanwhile, HTTP(S) plays as the major protocol to deliver Web contents, and has served the Web well for more than 15…

Networking and Internet Architecture · Computer Science 2017-12-04 Yi Liu

HTTPS is quickly rising alongside the need of Internet users to benefit from security and privacy when accessing the Web, and it becomes the predominant application protocol on the Internet. This migration towards a secure Web using HTTPS…

Cryptography and Security · Computer Science 2020-08-20 Wazen M. Shbair , Thibault Cholez , Jerome Francois , Isabelle Chrisment

Upon replay, JavaScript on archived web pages can generate recurring HTTP requests that lead to unnecessary traffic to the web archive. In one example, an archived page averaged more than 1000 requests per minute. These requests are not…

Networking and Internet Architecture · Computer Science 2022-12-02 Kritika Garg , Himarsha R. Jayanetti , Sawood Alam , Michele C. Weigle , Michael L. Nelson

If two or more identical HTTPS clients, located at different geographic locations (regions), make an HTTPS request to the same domain (e.g. example.com), on the same day, will they receive the same HTTPS security guarantees in response? Our…

Cryptography and Security · Computer Science 2020-10-21 Eman Salem Alashwali , Pawel Szalachowski , Andrew Martin

The exponential growth in smartphone adoption is contributing to the availability of vast amounts of human behavioral data. This data enables the development of increasingly accurate data-driven user models that facilitate the delivery of…

Human-Computer Interaction · Computer Science 2018-01-30 Souneil Park , Aleksandar Matic , Kamini Garg , Nuria Oliver

Due to the frequent encountering of web URLs in various application scenarios (e.g., chatting and email reading), many mobile apps build their in-app browsing interfaces (IABIs) to provide a seamless user experience. Although this achieves…

Cryptography and Security · Computer Science 2022-09-07 Zicheng Zhang , Daoyuan Wu , Lixiang Li , Debin Gao
‹ Prev 1 2 3 10 Next ›