Learn More
We show that the time web sites take to respond to HTTP requests can leak private information, using two different types of attacks. The first, <i>direct timing</i>, directly measures response times from a web site to expose private information such as validity of an username at a secured site or the number of private photos in a publicly viewable gallery.(More)
Through a variety of means, including a range of browser cache methods and inspecting the color of a visited hyperlink, client-side browser state can be exploited to track users against their wishes. This tracking is possible because persistent, client-side browser state is not properly partitioned on per-site basis in current browsers. We address this(More)
Informally, a communication protocol is <i>sender k - anonymous</i> if it can guarantee that an adversary, trying to determine the sender of a particular message, can only narrow down its search to a set of k suspects. <i>Receiver k-anonymity</i> places a similar guarantee on the receiver: an adversary, at best, can only narrow down the possible receivers(More)
DNS rebinding attacks subvert the same-origin policy of browsers and convert them into open network proxies. We survey new DNS rebinding attacks that exploit the interaction between browsers and their plug-ins, such as Flash and Java. These attacks can be used to circumvent firewalls and are highly cost-effective for sending spam e-mail and defrauding(More)
Anonymous communication can, by its very nature, facilitate socially unacceptable behavior ; such abuse of anonymity is a serious impediment to its widespread deployment. This paper studies two notions related to the prevention of abuse. The first is selective traceability, the property that a message's sender can be traced with the help of an explicitly(More)
  • 1