The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.06 - November/December (2007 vol.5)
pp: 16-24
Markus Jakobsson , Palo Alto Research Center
Sid Stamm , Indiana University
ABSTRACT
Browser cache and history are intended to be private, yet it's not difficult for malicious Web sites to "sniff" cache entries on visitors' computers and then use that information to more accurately deceive them. The authors' approach neutralizes the threat of URLs being discovered on client computers.
INDEX TERMS
browser, cache, countermeasure, history, phishing, privacy, server-side, sniff, security
CITATION
Markus Jakobsson, Sid Stamm, "Web Camouflage: Protecting Your Clients from Browser-Sniffing Attacks", IEEE Security & Privacy, vol.5, no. 6, pp. 16-24, November/December 2007, doi:10.1109/MSP.2007.182
REFERENCES
1. E.W. Felten and M.A. Schneider, "Timing Attacks on Web Privacy," Proc. 7th ACM Conf. Computer and Communication Security, S. Jajodia and P. Samarati, eds., ACM Press, 2000, pp. 25–32.
2. M. Jakobsson, T. Jagatic, and S. Stamm, "Phishing for Clues,"5 July 2005; www.browser-recon.info.
3. SecuriTeam, "Timing Attacks on Web Privacy,"20 Feb. 2002; www.securiteam.com/securityreviews5GP020A6LG.html .
4. A. Mindlin, "Seems Somebody Is Clicking on that Spam," The New York Times,3 July 2006; www.nytimes.com/2006/07/03/technology03drill.html?_r=1&oref=slogin .
5. M. Jakobsson, "The Human Factor in Phishing," Privacy &Security of Consumer Information '07; www.informatics.indiana.edu/markus/papers aci.pdf.
6. T. Jagatic et al., "Social Phishing," Comm. ACM, vol. 50, no. 10, October 2007, pp. 94–100.
7. C. Jackson et al., "Web Privacy Attacks on a Unified Same-Origin Browser," Proc. 15th Ann. World Wide Web Conf. (WWW 06), 2006; http://crypto.stanford.edu/sameoriginsameorigin.pdf .
8. M. Jakobsson, A. Juels, and J. Ratkiewicz, "Remote Harm-Diagnostics," www.ravenwhite.com/filesrhdpdf.
9. M. Jakobsson and S. Stamm, "Invasive Browser Sniffing and Countermeasures," Proc. 15th Ann. World Wide Web Conf. (WWW 06). 2006; www.stop-phishing.com.
429 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool