 |
Conference papers
Attacking suggest boxes in web applications over https using stochastic side-channel algorithms
Abstract : Web applications are subject to several types of attacks. In particular, side-channel attacks consist in performing a statistical analysis of the web traffic to gain sensitive information about a client. In this paper, we investigate how side-channel leaks can be used on search engines such as Google or Bing to retrieve the client’s search query. In contrast to previous works, due to payload randomization and compression, it is not always possible to uniquely map a search query to a web traffic signature and hence stochastic algorithms must be used. Finally, we present some methods to mitigate such side-channel leaks.
https://hal.telecom-paris.fr/hal-02288408
Contributor : Telecomparis Hal Connect in order to contact the contributor
Submitted on : Saturday, September 14, 2019 - 6:46:58 PM
Last modification on : Tuesday, October 19, 2021 - 11:16:44 AM
Contributor : Telecomparis Hal Connect in order to contact the contributor
Submitted on : Saturday, September 14, 2019 - 6:46:58 PM
Last modification on : Tuesday, October 19, 2021 - 11:16:44 AM