Web browsers use HTTP caches to reduce the amount of data to be transferred over the network and allow Web pages to load faster. Content such as scripts, images, and style sheets, which are static most of the time or shared across multiple websites, are stored and loaded locally when recurring requests ask for cached resources. This behaviour can be exploited if the cache is based on a naive implementation. This paper summarises possible attacks on the browser cache and shows through extensive experiments that even modern web browsers still do not provide enough safeguards to protect their users. Moreover, the available built-in as well as addable cache controls offer rather limited functionality in terms of protection and ease of use. Due ...
The web browser is one of the most security critical software components today. It is used to intera...
In this paper, we address an unsolved problem in the real world: how to ensure the integrity of the ...
This thesis puts the focus on security problems related to web applications and web browsers by anal...
Web browsers rely on caching for improving perfor-mance and for reducing bandwidth use. Cache poison...
Like conventional cookies, cache cookies are data ob-jects that servers store in Web browsers. Cache...
Part 2: Web SecurityInternational audienceCache Timing Attacks (CTAs) have been shown to leak Web br...
Analysing security assumptions taken for the WebRTC and postMessage APIs led us to find a novel atta...
Abstract—Like conventional cookies, cache cookies are data objects that servers store in Web browser...
In recent years as the internet has evolved and there have been major advances in technology, demand...
Website fingerprinting attacks use statistical analysis on network traffic to compromise user privac...
Website fingerprinting attacks, which use statistical analysis on network traffic to compromise user...
We present a micro-architectural side-channel attack that runs entirely in the browser. In contrast ...
Many browser cache attacks have been proposed in the literature to sniff the user’s browsing history...
Over the past 20 years web browsers have changed considerably from being a simple text display to no...
We show how malicious web content can extract cryptographic secret keys from the user\u27s computer....
The web browser is one of the most security critical software components today. It is used to intera...
In this paper, we address an unsolved problem in the real world: how to ensure the integrity of the ...
This thesis puts the focus on security problems related to web applications and web browsers by anal...
Web browsers rely on caching for improving perfor-mance and for reducing bandwidth use. Cache poison...
Like conventional cookies, cache cookies are data ob-jects that servers store in Web browsers. Cache...
Part 2: Web SecurityInternational audienceCache Timing Attacks (CTAs) have been shown to leak Web br...
Analysing security assumptions taken for the WebRTC and postMessage APIs led us to find a novel atta...
Abstract—Like conventional cookies, cache cookies are data objects that servers store in Web browser...
In recent years as the internet has evolved and there have been major advances in technology, demand...
Website fingerprinting attacks use statistical analysis on network traffic to compromise user privac...
Website fingerprinting attacks, which use statistical analysis on network traffic to compromise user...
We present a micro-architectural side-channel attack that runs entirely in the browser. In contrast ...
Many browser cache attacks have been proposed in the literature to sniff the user’s browsing history...
Over the past 20 years web browsers have changed considerably from being a simple text display to no...
We show how malicious web content can extract cryptographic secret keys from the user\u27s computer....
The web browser is one of the most security critical software components today. It is used to intera...
In this paper, we address an unsolved problem in the real world: how to ensure the integrity of the ...
This thesis puts the focus on security problems related to web applications and web browsers by anal...