Matches in ScholarlyData for { <https://w3id.org/scholarlydata/inproceedings/www2007/paper/main/555> ?p ?o. }
Showing items 1 to 9 of
9
with 100 items per page.
- 555 creator andrew-bortz.
- 555 creator dan-boneh.
- 555 type InProceedings.
- 555 label "Exposing Private Information by Timing Web Applications".
- 555 sameAs 555.
- 555 abstract "We show that the time web sites take to respond to HTTP requests can leak private information, using two different types of attacks. The first directly measures response times from a web site to expose private information such as validity of an username at a secured site or the number of private photos in a publicly viewable gallery. The second, called cross-site timing, enables a malicious web site to obtain information from the user's perspective at another site. For example, a malicious site can learn if the user is currently logged in at a victim site and, in some cases, the number of objects in the user's shopping cart. Our experiments suggest that these timing vulnerabilities are wide-spread. We explain in detail how and why these attacks work, and discuss methods for writing web application code that resists these attacks.".
- 555 hasAuthorList authorList.
- 555 isPartOf proceedings.
- 555 title "Exposing Private Information by Timing Web Applications".