English
Related papers

Related papers: Browser Security Posture Analysis: A Client-Side S…

200 papers

Autonomous browsing agents powered by large language models (LLMs) are increasingly used to automate web-based tasks. However, their reliance on dynamic content, tool execution, and user-provided data exposes them to a broad attack surface.…

Cryptography and Security · Computer Science 2025-05-20 Mykyta Mudryi , Markiyan Chaklosh , Grzegorz Wójcik

In this work, we perform a comprehensive analysis of the security of text input fields in web browsers. We find that browsers' coarse-grained permission model violates two security design principles: least privilege and complete mediation.…

Cryptography and Security · Computer Science 2023-09-01 Asmit Nayak , Rishabh Khandelwal , Kassem Fawaz

Timing attacks have been a continuous threat to users' privacy in modern browsers. To mitigate such attacks, existing approaches, such as Tor Browser and Fermata, add jitters to the browser clock so that an attacker cannot accurately…

Cryptography and Security · Computer Science 2017-08-24 Yinzhi Cao , Zhanhao Chen , Song Li , Shujiang Wu

The integration of Large Language Models (LLMs) into browser extensions has revolutionized web browsing, enabling sophisticated functionalities like content summarization, intelligent translation, and context-aware writing assistance.…

Software Engineering · Computer Science 2025-07-09 Xuanqi Gao , Juan Zhai , Shiqing Ma , Siyi Xie , Chao Shen

Modern single page web applications require client-side executions of application logic, including critical functionality such as client-side cryptography. Existing mechanisms such as TLS and Subresource Integrity secure the communication…

Cryptography and Security · Computer Science 2024-10-23 Echo Meißner , Frank Kargl , Benjamin Erb

The most common attacks against web sessions are reviewed in this paper, for example, some attacks against web browsers' honest users attempting to create session with trusted web browser application legally. We have assessed with four…

Software Engineering · Computer Science 2023-10-18 Md. Imtiaz Habib , Abdullah Al Maruf , Md. Jobair Ahmed Nabil

Harm to the privacy of users through data leakage is not an unknown issue, however, it has not been studied in the context of the crash reporting system. Automatic Crash Reporting Systems (ACRS) are used by applications to report…

Cryptography and Security · Computer Science 2018-08-07 Kiavash Satvat , Nitesh Saxena

With the rapid development of Internet technologies, web systems have become essential infrastructures for modern information exchange and business operations. However, alongside their expansion, numerous security vulnerabilities have…

Cryptography and Security · Computer Science 2026-02-03 Yonghao Ni , Zhongwen Li , Xiaoqi Li

Web application (WA) expands its usages to provide more and more services and it has become one of the most essential communication channels between service providers and the users. To augment the users experience many web applications are…

Cryptography and Security · Computer Science 2009-08-31 Suman Saha

Serverless computing has rapidly emerged as a prominent cloud paradigm, enabling developers to focus solely on application logic without the burden of managing servers or underlying infrastructure. Public serverless repositories have become…

Cryptography and Security · Computer Science 2025-10-21 Eduard Marin , Jinwoo Kim , Alessio Pavoni , Mauro Conti , Roberto Di Pietro

Evaluating aligned large language models' (LLMs) ability to recognize and reject unsafe user requests is crucial for safe, policy-compliant deployments. Existing evaluation efforts, however, face three limitations that we address with…

Given that security threats and privacy breaches are com- monplace today, it is an important problem for one to know whether their device(s) are in a "good state of security", or is there a set of high- risk vulnerabilities that need to be…

Cryptography and Security · Computer Science 2017-04-12 Ashish Kundu , Chinmay Kundu , Karan K. Budhraja

Web-based behavior-manipulation attacks (BMAs) - such as scareware, fake software downloads, tech support scams, etc. - are a class of social engineering (SE) attacks that exploit human decision-making vulnerabilities. These attacks remain…

Cryptography and Security · Computer Science 2025-10-22 Spencer King , Irfan Ozen , Karthika Subramani , Saranyan Senthivel , Phani Vadrevu , Roberto Perdisci

Code obfuscation is widely adopted in modern software development to protect intellectual property and hinder reverse engineering, but it also provides attackers with a powerful means to conceal malicious logic inside otherwise legitimate…

Cryptography and Security · Computer Science 2026-04-02 Francesco Pagano , Lorenzo Pisu , Leonardo Regano , Davide Maiorca , Alessio Merlo , Giorgio Giacinto

Over the past three decades, computers have managed to make their way into a majority of households. Due to this enormous transition, the surge in the internets popularity was inevitable. Just like everything else, whatever has a pro also…

Cryptography and Security · Computer Science 2024-09-02 C. Amuthadevi , Sparsh Srivastava , Raghav Khatoria , Varun Sangwan

This paper introduces a Machine Learning-Driven website Platform and Browser Extension designed to quickly enhance online security by providing real-time risk scoring and fraud detection for website legitimacy verification and consumer…

Cryptography and Security · Computer Science 2024-11-04 Md Kamrul Hasan Chy , Obed Nana Buadi

In this paper, we address an unsolved problem in the real world: how to ensure the integrity of the web content in a browser in the presence of malicious browser extensions? The problem of exposing confidential user credentials to malicious…

Cryptography and Security · Computer Science 2019-05-31 Ehsan Toreini , Maryam Mehrnezhad , Siamak F. Shahandashti , Feng Hao

Large language models increasingly rely on explicit chain-of-thought reasoning to solve complex tasks, yet the safety of the reasoning process itself remains largely unaddressed. Existing work focuses predominantly on content safety (i.e.,…

Artificial Intelligence · Computer Science 2026-05-07 Xunguang Wang , Yuguang Zhou , Qingyue Wang , Zongjie Li , Ruixuan Huang , Zhenlan Ji , Pingchuan Ma , Shuai Wang

Serverless computing is an emerging cloud paradigm with serverless functions at its core. While serverless environments enable software developers to focus on developing applications without the need to actively manage the underlying…

Cryptography and Security · Computer Science 2024-08-06 Danielle Lavi , Oleg Brodt , Dudu Mimran , Yuval Elovici , Asaf Shabtai

Web applications are becoming truly pervasive in all kinds of business models and organizations. Today, most critical systems such as those related to health care, banking, or even emergency response, are relying on these applications. They…

Cryptography and Security · Computer Science 2009-06-01 Joaquin Garcia-Alfaro , Guillermo Navarro-Arribas