Learn More
Informally, a communication protocol is <i>sender k - anonymous</i> if it can guarantee that an adversary, trying to determine the sender of a particular message, can only narrow down its search to a set of k suspects. <i>Receiver k-anonymity</i> places a similar guarantee on the receiver: an adversary, at best, can only narrow down the possible receivers(More)
We show that the time web sites take to respond to HTTP requests can leak private information, using two different types of attacks. The first, <i>direct timing</i>, directly measures response times from a web site to expose private information such as validity of an username at a secured site or the number of private photos in a publicly viewable gallery.(More)
Through a variety of means, including a range of browser cache methods and inspecting the color of a visited hyperlink, client-side browser state can be exploited to track users against their wishes. This tracking is possible because persistent, client-side browser state is not properly partitioned on per-site basis in current browsers. We address this(More)
Anonymous communication can, by its very nature, facilitate socially unacceptable behavior ; such abuse of anonymity is a serious impediment to its widespread deployment. This paper studies two notions related to the prevention of abuse. The first is selective traceability, the property that a message's sender can be traced with the help of an explicitly(More)
DNS rebinding attacks subvert the same-origin policy of browsers and convert them into open network proxies. We survey new DNS rebinding attacks that exploit the interaction between browsers and their plug-ins, such as Flash and Java. These attacks can be used to circumvent firewalls and are highly cost-effective for sending spam e-mail and defrauding(More)
  • 1