Sciweavers

DIMVA
2009

Browser Fingerprinting from Coarse Traffic Summaries: Techniques and Implications

14 years 18 days ago
Browser Fingerprinting from Coarse Traffic Summaries: Techniques and Implications
We demonstrate that the browser implementation used at a host can be passively identified with significant precision and recall, using only coarse summaries of web traffic to and from that host. Our techniques utilize connection records containing only the source and destination addresses and ports, packet and byte counts, and the start and end times of each connection. We additionally provide two applications of browser identification. First, we show how to extend a network intrusion detection system to detect a broader range of malware. Second, we demonstrate the consequences of web browser identification to the deanonymization of web sites in flow records that have been anonymized.
Ting-Fang Yen, Xin Huang, Fabian Monrose, Michael
Added 09 Nov 2010
Updated 09 Nov 2010
Type Conference
Year 2009
Where DIMVA
Authors Ting-Fang Yen, Xin Huang, Fabian Monrose, Michael K. Reiter
Comments (0)