English
Related papers

Related papers: Quantifying User Password Exposure to Third-Party …

200 papers

This article provides a quantitative analysis of privacy-compromising mechanisms on 1 million popular websites. Findings indicate that nearly 9 in 10 websites leak user data to parties of which the user is likely unaware; more than 6 in 10…

Cryptography and Security · Computer Science 2015-11-03 Timothy Libert

As Internet users have become more savvy about the potential for their Internet communication to be observed, the use of network traffic encryption technologies (e.g., HTTPS/TLS) is on the rise. However, even when encryption is enabled,…

Cryptography and Security · Computer Science 2020-07-09 Nguyen Phong Hoang , Arian Akhavan Niaki , Nikita Borisov , Phillipa Gill , Michalis Polychronakis

Domain fronting is a network communication technique that involves leveraging (or abusing) content delivery networks (CDNs) to disguise the final destination of network packets by presenting them as if they were intended for a different…

Cryptography and Security · Computer Science 2024-09-02 Karthika Subramani , Roberto Perdisci , Pierros Skafidas

The recent October 2016 DDoS attack on Dyn served as a wakeup call to the security community as many popular and independent webservices (e.g., Twitter, Spotify) were impacted. This incident raises a larger question on the fragility of…

Networking and Internet Architecture · Computer Science 2018-06-25 Aqsa Kashaf , Carolina Zarate , Hanrou Wang , Yuvraj Agarwal , Vyas Sekar

We examine the issue of password length leakage via encrypted traffic i.e., bicycle attacks. We aim to quantify both the prevalence of password length leakage bugs as well as the potential harm to users. In an observational study, we find…

Cryptography and Security · Computer Science 2020-02-06 Benjamin Harsha , Robert Morton , Jeremiah Blocki , John Springer , Melissa Dark

A large number of URLs are made public by various platforms for security analysis, archiving, and paste sharing -- such as VirusTotal, URLScan.io, Hybrid Analysis, the Wayback Machine, and RedHunt. These services may unintentionally expose…

Cryptography and Security · Computer Science 2026-02-26 Tarek Ramadan , AbdelRahman Abdou , Mohammad Mannan , Amr Youssef

There is a growing concern about consolidation trends in Internet services, with, for instance, a large fraction of popular websites depending on a handful of third-party service providers. In this paper, we report on a large-scale study of…

Networking and Internet Architecture · Computer Science 2021-11-29 Rashna Kumar , Sana Asif , Elise Lee , Fabi'an E. Bustamante

Public key infrastructure (PKI) is a certificate-based technology that helps in authenticating systems identities. HTTPS/TLS relies mainly on PKI to minimize fraud over the Internet. Nowadays, websites utilize CDNs to improve user…

Cryptography and Security · Computer Science 2022-07-20 Hisham Galal , Mohammad Mannan , Amr Youssef

Leaked passwords from data breaches can pose a serious threat to users if the password is reused elsewhere. With more online services getting breached today, there is still a lack of large-scale quantitative understanding of the risks of…

Cryptography and Security · Computer Science 2017-06-09 Chun Wang , Steve T. K. Jan , Hang Hu , Gang Wang

The design of secure and usable access schemes to personal data represent a major challenge of online social networks (OSNs). State of the art requires prior interaction to grant access. Sharing with users who are not subscribed or…

Social and Information Networks · Computer Science 2013-09-17 Frederik Armknecht , Manuel Hauptmann , Stefanie Roos , Thorsten Strufe

Enterprise Networks are growing in scale and complexity, with heterogeneous connected assets needing to be secured in different ways. Nevertheless, virtually all connected assets use the Domain Name System (DNS) for address resolution, and…

Cryptography and Security · Computer Science 2022-05-19 Jawad Ahmed

Content Delivery Networks (CDNs) offer a protection layer for enhancing the security of websites. However, a significant security flaw named Absence of Domain Verification (DVA) has become emerging recently. Although this threat is…

Cryptography and Security · Computer Science 2024-09-04 Ziyu Lin , Zhiwei Lin , Run Guo , Jianjun Chen , Mingming Zhang , Ximeng Liu , Tianhao Yang , Zhuoran Cao , Robert H. Deng

Using a total of 4,774 hospitals categorized as government, non-profit, and proprietary hospitals, this study provides the first measurement-based analysis of hospitals' websites and connects the findings with data breaches through a…

Cryptography and Security · Computer Science 2023-04-27 Mohammed Alkinoon , Abdulrahman Alabduljabbar , Hattan Althebeiti , Rhongho Jang , DaeHun Nyang , David Mohaisen

To prevent credential stuffing attacks, industry best practice now proactively checks if user credentials are present in known data breaches. Recently, some web services, such as HaveIBeenPwned (HIBP) and Google Password Checkup (GPC), have…

Cryptography and Security · Computer Science 2019-09-05 Lucy Li , Bijeeta Pal , Junade Ali , Nick Sullivan , Rahul Chatterjee , Thomas Ristenpart

Online social networks are used frequently by many people: Staying in contact with friends and sharing experiences with them is very important. However, users are increasingly concerned that their data will end up in the hands of strangers…

Cryptography and Security · Computer Science 2020-10-09 Fabian Schillinger , Christian Schindelhauer

As an emerging service for in-browser content delivery, peer-assisted delivery network (PDN) is reported to offload up to 95\% of bandwidth consumption for video streaming, significantly reducing the cost incurred by traditional CDN…

Cryptography and Security · Computer Science 2025-06-23 Siyuan Tang , Eihal Alowaisheq , Xianghang Mi , Yi Chen , XiaoFeng Wang , Yanzhi Dou

Although the security benefits of domain name encryption technologies such as DNS over TLS (DoT), DNS over HTTPS (DoH), and Encrypted Client Hello (ECH) are clear, their positive impact on user privacy is weakened by--the still exposed--IP…

Cryptography and Security · Computer Science 2021-06-17 Nguyen Phong Hoang , Arian Akhavan Niaki , Phillipa Gill , Michalis Polychronakis

To encourage users to use stronger and more secure passwords, modern web browsers offer users password management services, allowing users to save previously entered passwords locally onto their hard drives. We present Lupin, a tool that…

Cryptography and Security · Computer Science 2013-09-06 Raul Gonzalez , Eric Y. Chen , Collin Jackson

DNS over TLS (DoT) and DNS over HTTPS (DoH) encrypt DNS to guard user privacy by hiding DNS resolutions from passive adversaries. Yet, past attacks have shown that encrypted DNS is still sensitive to traffic analysis. As a consequence, RFC…

Cryptography and Security · Computer Science 2019-07-03 Jonas Bushart , Christian Rossow

This paper explores tracking and privacy risks on pornography websites. Our analysis of 22,484 pornography websites indicated that 93% leak user data to a third party. Tracking on these sites is highly concentrated by a handful of major…

Computers and Society · Computer Science 2019-07-16 Elena Maris , Timothy Libert , Jennifer Henrichsen
‹ Prev 1 2 3 10 Next ›