Obfuscation for and against device fingerprinting Position Paper for Symposium on Obfuscation New York University, February 15, 2014
نویسنده
چکیده
Web-based device fingerprinting is the process of collecting information through the browser that is sufficient to perform device identification. Fonts, screen dimensions, language, timezone, plugins and user agent string are examples of properties that, if combined, may serve as globally unique identifier. Indeed, a 2010 study by Peter Eckersley (EFF) based on data collected from about half a million browsers demonstrated that web-based device fingerprinting may well be a feasible way to uniquely identify browsers [1]. This was in line with what Mayer found in 2009, which, to the best of our knowledge, was the first study that discussed web-based device fingerprinting [2].
منابع مشابه
ASIC design protection against reverse engineering during the fabrication process using automatic netlist obfuscation design flow
Fab-less business model in semiconductor industry has led to serious concerns about trustworthy hardware. In untrusted foundries and manufacturing companies, submitted layout may be analyzed and reverse engineered to steal the information of a design or insert malicious Trojans. Understanding the netlist topology is the ultimate goal of the reverse engineering process. In this paper, we propose...
متن کاملImplementing Cryptographic Program Obfuscation
Program obfuscation is the process of making a program “unintelligible” without changing the program’s underlying input/output behavior. Although there is a long line of work on heuristic techniques for obfuscation, such approaches do not provide any cryptographic guarantee on their effectiveness. A recent result by Garg et al. (FOCS 2013), however, shows that cryptographic program obfuscation ...
متن کاملRecent Results on Indistinguishability Obfuscation
In this research, the student will explain a candidate construction for indistinguishability obfuscation, based on a recent paper by Garg et al. (FOCS 2013). This is done by first describing the main building blocks, then how these are used to build indistinguishability obfuscation for NC, and expanded to P/poly. Security and alternative constructions are very briefly discussed.
متن کاملStatic Analysis of Executables to Detect Malicious Patterns
Malicious code detection is a crucial component of any defense mechanism. In this paper, we present a unique viewpoint on malicious code detection. We regard malicious code detection as an obfuscation-deobfuscation game between malicious code writers and researchers working on malicious code detection. Malicious code writers attempt to obfuscate the malicious code to subvert the malicious code ...
متن کاملObfuscation without the Vulnerabilities of Multilinear Maps
Indistinguishability obfuscation is a central primitive in cryptography. Security of existing multilinear maps constructions on which current obfuscation candidates are based is poorly understood. In a few words, multilinear maps allow for checking if an arbitrary bounded degree polynomial on hidden values evaluates to zero or not. All known attacks on multilinear maps depend on the information...
متن کامل