 It Leaks More Than You Think: Fingerprinting Users from Web Traffic AnalysisXujing Huang Acta Informatica Pragensia, 2015, vol. 2015, issue 3, 206-225 Abstract: We show how, in real-world web applications, confidential information about user identities can be leaked through "non-intuitive communications", in particular web traffic which appear to be not related to the user information. In fact, our experiments on Google users demonstrate that even Google accounts are vulnerable on traffic attacks against user identities, using packet sizes and directions. And this work shows this kind of non-intuitive communication can leak even more information about user identities than the traffic explicitly using confidential information. Our work highlights possible side-channel leakage through cookies and more generally discovers fingerprints in web traffic which can improve the probability of correctly guessing a user identity. Our analysis is motivated by Hidden Markov Model, distance metric and guessing probability to analyse and evaluate these side-channel vulnerabilities. Keywords: Side-channel leakages; User identities; Web applications; Google accounts (search for similar items in EconPapers) Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:prg:jnlaip:v:2015:y:2015:i:3:id:70:p:206-225 Ordering information: This journal article can be ordered from DOI: 10.18267/j.aip.70 Access Statistics for this article Acta Informatica Pragensia is currently edited by Editorial Office More articles in Acta Informatica Pragensia from Prague University of Economics and Business Contact information at EDIRC. |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.