Protecting browser state from web privacy attacks

Proceedings of the 15th International Conference on World Wide Web

Volumn , Issue , 2006, Pages 737-744

  Jackson, Collin ^a   Bortz, Andrew ^a   Boneh, Dan ^a   Mitchell, John C ^a  

^a STANFORD UNIVERSITY   (United States)

Author keywords

Phishing; Privacy; Web browser design; Web spoofing

Indexed keywords

CROSS-DOMAIN TRACKING; DEGREES OF COOPERATION; WEB PRIVACY ATTACKS; WEB SPOOFING; CROSS-DOMAIN; PHISHING; PRIVACY; WEB FEATURES; WEB PRIVACY;

BUFFER STORAGE; DATA PRIVACY; PHILOSOPHICAL ASPECTS; USER INTERFACES; WEBSITES;

WEB BROWSERS; WORLD WIDE WEB;

EID: 34250634485     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1135777.1135884     Document Type: Conference Paper

References (11)

1. A. Clover. Css visited pages disclosure, 2002. http:// seclists.org/lists/bugtraq/2002/Feb/0271.html.
2. W. W. W. Consortium. P3P public overview, 2005. http://www.w3.org/P3P/.
3. E. W. Felten and M. A. Schneider. Timing attacks on web privacy. In ACM Conference on Computer and Communications Security, pages 25-32, 2000.
4. M. Jakobsson, T. Jagatic, and S. Stamm. Phishing for clues: Inferring context using cascading style sheets and browser history, 2005. http://www.browser-recon.info/.
5. M. Jakobsson and A. Juels. The positive face of cache cookies, 2005.
6. M. Jakobsson and S. Stamm. Invasive browser sniffing and countermeasures. Manuscript, 2005.
7. D. Kristol and L. Montulli. RFC 2109: HTTP state management mechanism, Feb. 1997.
8. Mozilla.org. Bugzilla bug 147777, 2002. https://bugzilla.mozilla.org/ show_bug.cgi?id=147777.
9. J. Nielsen. Change the color of visited links, 2004. http://www.useit. com/alertbox/20040503.html.
10. J. Ruderman. The same origin policy, 2001. http://www.mozilla.org/ projects/security/components/same-origin.html.
11. A. Wolman, G. Voelker, N. Sharma, N. Cardwell, M. Brown, T. Landray, D. Pinnel, A. Karlin, and H. Levy. Organization-based analysis of web-object sharing and caching. In Proceedings of Second USENIX Symposium on Internet Technologies and Systems, pages 25-36, 1999.