Jakobsson et al., 2006 - Google Patents
Invasive browser sniffing and countermeasuresJakobsson et al., 2006
View PDF- Document ID
- 2737988858984644742
- Author
- Jakobsson M
- Stamm S
- Publication year
- Publication venue
- Proceedings of the 15th international conference on World Wide Web
External Links
Snippet
We describe the detrimental effects of browser cache/history sniffing in the context of phishing attacks, and detail an approach that neutralizes the threat by means of URL personalization; we report on an implementation performing such personalization on the fly …
- 230000001627 detrimental 0 abstract description 3
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/168—Implementing security features at a particular protocol layer above the transport layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
- H04L63/083—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using passwords
- H04L63/0838—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using passwords using one-time-passwords
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Jakobsson et al. | Invasive browser sniffing and countermeasures | |
| US12001504B2 (en) | Internet-based proxy service to modify internet responses | |
| US11245662B2 (en) | Registering for internet-based proxy services | |
| Jackson et al. | Protecting browser state from web privacy attacks | |
| US8930549B1 (en) | Method and apparatus for storing information in a browser storage area of a client device | |
| Bujlow et al. | Web tracking: Mechanisms, implications, and defenses | |
| US20090165124A1 (en) | Reducing cross-site scripting attacks by segregating http resources by subdomain | |
| Kaur et al. | Browser fingerprinting as user tracking technology | |
| Johns et al. | Eradicating {DNS} Rebinding with the Extended Same-origin Policy | |
| Al-Shehari et al. | An empirical study of web browsers’ resistance to traffic analysis and website fingerprinting attacks | |
| Wedman et al. | An analytical study of web application session management mechanisms and HTTP session hijacking attacks | |
| Vratonjic et al. | Integrity of the web content: The case of online advertising | |
| Jakobsson et al. | Web camouflage: Protecting your clients from browser-sniffing attacks | |
| Sinha et al. | CookieArmor: Safeguarding against cross‐site request forgery and session hijacking | |
| Ferreira et al. | Repositioning privacy concerns: Web servers controlling URL metadata | |
| Chu et al. | An investigation of hotlinking and its countermeasures | |
| Sentamilselvan et al. | Survey on cross site request forgery | |
| Sonowal et al. | Types of Phishing | |
| Jokinen | Personal Internet Privacy and Surveillance: Implementation and evasion of user tracking | |
| Verleg et al. | Cache Cookies: searching for hidden browser storage | |
| Mao et al. | A robust link-translating proxy server mirroring the whole web | |
| Alsmadi et al. | Web and Database Security | |
| Jackson | Improving browser security policies | |
| Singh et al. | Loop Holes in Cookies and Their Technical Solutions for Web Developers | |
| Vlajic et al. | Rethinking the Use of Resource Hints in HTML5: Is Faster Always Better!? |