HTTPOS: Sealing Information Leaks with Browser-side Obfuscation of Encrypted Flows
نویسندگان
چکیده
Leakage of private information from web applications— even when the traffic is encrypted—is a major security threat to many applications that use HTTP for data delivery. This paper considers the problem of inferring from encrypted HTTP traffic the web sites or web pages visited by a user. Existing browser-side approaches to this problem cannot defend against more advanced attacks, and serverside approaches usually require modifications to web entities, such as browsers, servers, or web objects. In this paper, we propose a novel browser-side system, namely HTTPOS, to prevent information leaks and offer much better scalability and flexibility. HTTPOS provides a comprehensive and configurable suite of traffic transformation techniques for a browser to defeat traffic analysis without requiring any server-side modifications. Extensive evaluation of HTTPOS on live web traffic shows that it can successfully prevent the state-of-the-art attacks from inferring private information from encrypted HTTP flows.
منابع مشابه
Veil: Private Browsing Semantics Without Browser-side Assistance
All popular web browsers offer a “private browsing mode.” After a private session terminates, the browser is supposed to remove client-side evidence that the session occurred. Unfortunately, browsers still leak information through the file system, the browser cache, the DNS cache, and on-disk reflections of RAM such as the swap file. Veil is a new deployment framework that allows web developers...
متن کاملUnintentional and Hidden Information Leaks in Networked Software Applications
Side channels are vulnerabilities that can be attacked by observing the behaviour of applications and by inferring sensitive information just from this behaviour. Because side channel vulnerabilities appear in such a large spectrum of contexts, there does not seem to be a generic way to prevent all side channel attacks once and for all. A practical approach is to research for new side channels ...
متن کاملQuantifying Side-Channel Information Leakage from Web Applications
Recent research has shown that many popular web applications are vulnerable to side-channel attacks on encrypted streams of network data produced by the interaction of a user with an application. As a result, private user data is susceptible to being recovered by a side-channel adversary. A recent focus has been on the development of tools for the detection and quantification of side-channel in...
متن کاملASIC design protection against reverse engineering during the fabrication process using automatic netlist obfuscation design flow
Fab-less business model in semiconductor industry has led to serious concerns about trustworthy hardware. In untrusted foundries and manufacturing companies, submitted layout may be analyzed and reverse engineered to steal the information of a design or insert malicious Trojans. Understanding the netlist topology is the ultimate goal of the reverse engineering process. In this paper, we propose...
متن کاملAn Efficient Retrieval of Encrypted Data In Cloud Computing
The arrival of cloud computing the new pattern for data outsourcing and high quality data service is great flexibility and economic saving. However fear about the sensitive information on cloud to be protecting the data privacy problems sensitive information has to be encrypted before outsourcing, which creates the effective data utilization services a very big challenging task. Symmetric Searc...
متن کامل