ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Invasive browser sniffing and countermeasures
Full text PdfPdf (615 KB)
Source International World Wide Web Conference archive
Proceedings of the 15th international conference on World Wide Web table of contents
Edinburgh, Scotland
SESSION: Security, privacy & ethics table of contents
Pages: 523 - 532  
Year of Publication: 2006
ISBN:1-59593-323-9
Authors
Markus Jakobsson  Indiana University, Bloomington, IN
Sid Stamm  Indiana University, Bloomington, IN
Sponsors
SIGWEB: ACM Special Interest Group on Hypertext, Hypermedia, and Web
ACM: Association for Computing Machinery
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 10,   Downloads (12 Months): 82,   Citation Count: 3
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1135777.1135854
What is a DOI?

ABSTRACT

We describe the detrimental effects of browser cache/history sniffing in the context of phishing attacks, and detail an approach that neutralizes the threat by means of URL personalization; we report on an implementation performing such personalization on the fly, and analyze the costs of and security properties of our proposed solution.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
C. Jackson, A. Bortz, D. Boneh, J. C. Mitchell, "Web Privacy Attacks on a Unified Same-Origin Browser," in submission.
2
Edward W. Felten , Michael A. Schneider, Timing attacks on Web privacy, Proceedings of the 7th ACM conference on Computer and communications security, p.25-32, November 01-04, 2000, Athens, Greece  [doi>10.1145/352600.352606]
 
3
T. Jagatic, N. Johnson, M. Jakobsson, F. Menczer: Social Phishing. 2006
 
4
M. Jakobsson, T. Jagatic, S. Stamm, "Phishing for Clues," tt www.browser-recon.info
 
5
M. Jakobsson "Modeling and Preventing Phishing Attacks." Phishing Panel in Financial Cryptography '05. 2005.
 
6
B. Grow, "Spear-Phishers are Sneaking in." BusinessWeek, July 11 2005. No. 3942, P. 13
 
7
M. Jakobsson and S. Myers, "Phishing and Counter-Measures: Understanding the Increasing Problem of Electronic Identity Theft." Wiley-Interscience (July 7, 2006), ISBN 0-4717-8245-9.
 
8
www.securiteam.com/securityreviews/5GP020A6LG.html
 
9
www.robotstxt.org/

CITED BY  3
Tom N. Jagatic , Nathaniel A. Johnson , Markus Jakobsson , Filippo Menczer, Social phishing, Communications of the ACM, v.50 n.10, p.94-100, October 2007
Markus Jakobsson , Sid Stamm, Web Camouflage: Protecting Your Clients from Browser-Sniffing Attacks, IEEE Security and Privacy, v.5 n.6, p.16-24, November 2007
Markus Jakobsson , Steven Myers, Delayed password disclosure, ACM SIGACT News, v.38 n.3, September 2007

INDEX TERMS

Primary Classification:
  H. Information Systems
  H.4 INFORMATION SYSTEMS APPLICATIONS
      H.4.3 Communications Applications
          Subjects: Information browsers


General Terms:
Human Factors, Security


Keywords:
browser cache, cascading style sheets, personalization, phishing, sniffing

Collaborative Colleagues:
Markus Jakobsson: colleagues
Sid Stamm: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player