English
Related papers

Related papers: Data Exfiltration by Hotjar Revisited

200 papers

HTTP client hints are a set of standardized HTTP request headers designed to modernize and potentially replace the traditional user agent string. While the user agent string exposes a wide range of information about the client's browser and…

Cryptography and Security · Computer Science 2024-05-24 Stephan Wiefling , Marian Hönscheid , Luigi Lo Iacono

User tracking on the Internet can come in various forms, e.g., via cookies or by fingerprinting web browsers. A technique that got less attention so far is user tracking based on TLS and specifically based on the TLS session resumption…

Cryptography and Security · Computer Science 2019-03-01 Erik Sy , Christian Burkert , Hannes Federrath , Mathias Fischer

The web is used daily by billions. Even so, users are not protected from many threats by default. This position paper builds on previous web privacy and security research and introduces JShelter, a webextension that fights to return the…

Cryptography and Security · Computer Science 2023-05-08 Libor Polčák , Marek Saloň , Giorgio Maone , Radek Hranický , Michael McMahon

In the standard web browser programming model, third-party scripts included in an application execute with the same privilege as the application's own code. This leaves the application's confidential data vulnerable to theft and leakage by…

Cryptography and Security · Computer Science 2023-05-09 Abhishek Bichhawat , Vineet Rajani , Jinank Jain , Deepak Garg , Christian Hammer

Given the importance of privacy, many Internet protocols are nowadays designed with privacy in mind (e.g., using TLS for confidentiality). Foreseeing all privacy issues at the time of protocol design is, however, challenging and may become…

Networking and Internet Architecture · Computer Science 2022-09-21 Olivier van der Toorn , Raffaele Sommese , Anna Sperotto , Roland van Rijswijk-Deij , Mattijs Jonker

We examine the properties of all HTTP requests generated by a thousand undergraduates over a span of two months. Preserving user identity in the data set allows us to discover novel properties of Web traffic that directly affect models of…

Human-Computer Interaction · Computer Science 2010-03-30 Mark Meiss , John Duncan , Bruno Gonçalves , José J. Ramasco , Filippo Menczer

During the past few years, mostly as a result of the GDPR and the CCPA, websites have started to present users with cookie consent banners. These banners are web forms where the users can state their preference and declare which cookies…

Computers and Society · Computer Science 2022-02-11 Emmanouil Papadogiannakis , Panagiotis Papadopoulos , Nicolas Kourtellis , Evangelos P. Markatos

A dominant regulatory model for web privacy is "notice and choice". In this model, users are notified of data collection and provided with options to control it. To examine the efficacy of this approach, this study presents the first…

Computers and Society · Computer Science 2018-05-04 Timothy Libert

People are becoming increasingly concerned with their online privacy, especially with how advertising companies track them across websites (a practice called cross-site tracking), as reconstructing a user's browser history can reveal…

Cryptography and Security · Computer Science 2023-11-22 Alisha Ukani

Upon replay, JavaScript on archived web pages can generate recurring HTTP requests that lead to unnecessary traffic to the web archive. In one example, an archived page averaged more than 1000 requests per minute. These requests are not…

Networking and Internet Architecture · Computer Science 2022-12-02 Kritika Garg , Himarsha R. Jayanetti , Sawood Alam , Michele C. Weigle , Michael L. Nelson

Retargeting ads are increasingly prevalent on the Internet as their effectiveness has been shown to outperform conventional targeted ads. Retargeting ads are not only based on users' interests, but also on their intents, i.e. commercial…

Cryptography and Security · Computer Science 2014-04-18 Minh-Dung Tran , Gergely Acs , Claude Castelluccia

Modern websites extensively rely on JavaScript to implement both functionality and tracking. Existing privacy enhancing content blocking tools struggle against mixed scripts, which simultaneously implement both functionality and tracking,…

Cryptography and Security · Computer Science 2024-05-29 Abdul Haddi Amjad , Shaoor Munir , Zubair Shafiq , Muhammad Ali Gulzar

Websites are constantly adapting the methods used, and intensity with which they track online visitors. However, the wide-range enforcement of GDPR since one year ago (May 2018) forced websites serving EU-based online visitors to eliminate…

Cryptography and Security · Computer Science 2020-06-03 Konstantinos Solomos , Panagiotis Ilia , Sotiris Ioannidis , Nicolas Kourtellis

TLS stripping attacks expose sensitive web traffic by forcing secure HTTPS connections to fall back to unencrypted HTTP. At present, protection against these attacks relies on website operators explicitly opting into security by deploying…

Cryptography and Security · Computer Science 2026-05-29 Aaron van Diepen , Adrian Zapletal , Fernando Kuipers

Understanding user behavior is essential for improving digital experiences, optimizing business conversions, and mitigating threats like account takeovers, fraud, and bot attacks. Most platforms separate product analytics and security,…

Cryptography and Security · Computer Science 2026-02-02 Md Zahurul Haque , Md. Hafizur Rahman , Yeahyea Sarker

Session management is a fundamental component of web applications: despite the apparent simplicity, correctly implementing web sessions is extremely tricky, as witnessed by the large number of existing attacks. This motivated the design of…

Cryptography and Security · Computer Science 2020-06-03 Stefano Calzavara , Riccardo Focardi , Niklas Grimm , Matteo Maffei , Mauro Tempesta

In the current connected world - Websites, Mobile Apps, IoT Devices collect a large volume of users' personally identifiable activity data. These collected data is used for varied purposes of analytics, marketing, personalization of…

Cryptography and Security · Computer Science 2022-01-06 Subhadip Mitra

Third-party tracking is common on almost all commercially operated websites. Prior work has studied in detail the extent of third-party tracking on the web, detection of third-party trackers, and defending against third-party tracking.…

Computers and Society · Computer Science 2019-11-18 Matius Chairani , Mathieu Chevalley , Abderrahmane Lazraq , Sruti Bhagavatula

As the amount of personal information stored at remote service providers increases, so does the danger of data theft. When connections to remote services are made in the clear and authenticated sessions are kept using HTTP cookies, data…

Cryptography and Security · Computer Science 2015-03-13 Claude Castelluccia , Emiliano De Cristofaro , Daniele Perito

Preserving privacy is an undeniable benefit to users online. However, this benefit (unfortunately) also extends to those who conduct cyber attacks and other types of malfeasance. In this work, we consider the scenario in which Privacy…

Cryptography and Security · Computer Science 2023-10-05 Taylor Henderson , Eric Osterweil , Pavan Kumar Dinesh , Robert Simon
‹ Prev 1 2 3 10 Next ›