Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
CCS
2015
ACM
2015
ACM
The Clock is Still Ticking: Timing Attacks in the Modern Web
Web-based timing attacks have been known for over a decade, and it has been shown that, under optimal network conditions, an adversary can use such an attack to obtain information on the state of a user in a cross-origin website. In recent years, desktop computers have given way to laptops and mobile devices, which are mostly connected over a wireless or mobile network. These connections often do not meet the optimal conditions that are required to reliably perform cross-site timing attacks. In this paper, we show that modern browsers expose new side-channels that can be used to acquire accurate timing measurements, regardless of network conditions. Using several real-world examples, we introduce four novel web-based timing attacks against modern browsers and describe how an attacker can use them to obtain personal information based on a user’s state on a cross-origin website. We evaluate our proposed attacks and demonstrate that they significantly outperform current attacks in term...
Real-time Traffic| Added | 17 Apr 2016 |
| Updated | 17 Apr 2016 |
| Type | Journal |
| Year | 2015 |
| Where | CCS |
| Authors | Tom van Goethem, Wouter Joosen, Nick Nikiforakis |
Comments (0)
Researcher Info
|
