Andrew Bortz

Learn More
Through a variety of means, including a range of browser cache methods and inspecting the color of a visited hyperlink, client-side browser state can be exploited to track users against their wishes. This tracking is possible because persistent, client-side browser state is not properly partitioned on per-site basis in current browsers. We address this(More)
Informally, a communication protocol is <i>sender k - anonymous</i> if it can guarantee that an adversary, trying to determine the sender of a particular message, can only narrow down its search to a set of k suspects. <i>Receiver k-anonymity</i> places a similar guarantee on the receiver: an adversary, at best, can only narrow down the possible receivers(More)
DNS rebinding attacks subvert the same-origin policy of browsers and convert them into open network proxies. We survey new DNS rebinding attacks that exploit the interaction between browsers and their plug-ins, such as Flash and Java. These attacks can be used to circumvent firewalls and are highly cost-effective for sending spam e-mail and defrauding(More)
Anonymous communication can, by its very nature, facilitate socially unacceptable behavior; such abuse of anonymity is a serious impediment to its widespread deployment. This paper studies two notions related to the prevention of abuse. The first is selective traceability, the property that a message’s sender can be traced with the help of an explicitly(More)
It is important for search and pay-per-click engines to penetration test their click fraud detection systems, in order to find potential vulnerabilities and correct them before fraudsters can exploit them. In this paper, we describe: (1) some goals and desirable qualities of a click fraud penetration testing system, based on our experience, and (2) our(More)