Tranco: A research-oriented top sites ranking hardened against manipulation
VL Pochat, T Van Goethem… - arXiv preprint arXiv …, 2018 - arxiv.org
In order to evaluate the prevalence of security and privacy practices on a representative
sample of the Web, researchers rely on website popularity rankings such as the Alexa list …
sample of the Web, researchers rely on website popularity rankings such as the Alexa list …
A long way to the top: Significance, structure, and stability of internet top lists
A broad range of research areas including Internet measurement, privacy, and network
security rely on lists of target domains to be analysed; researchers make use of target lists …
security rely on lists of target domains to be analysed; researchers make use of target lists …
The cookie hunter: Automated black-box auditing for web authentication and authorization flaws
In this paper, we focus on authentication and authorization flaws in web apps that enable
partial or full access to user accounts. Specifically, we develop a novel fully automated black …
partial or full access to user accounts. Specifically, we develop a novel fully automated black …
Outguard: Detecting in-browser covert cryptocurrency mining in the wild
In-browser cryptojacking is a form of resource abuse that leverages end-users' machines to
mine cryptocurrency without obtaining the users' consent. In this paper, we design …
mine cryptocurrency without obtaining the users' consent. In this paper, we design …
On landing and internal web pages: The strange case of jekyll and hyde in web performance measurement
There is a rich body of literature on measuring and optimizing nearly every aspect of the
web, including characterizing the structure and content of web pages, devising new …
web, including characterizing the structure and content of web pages, devising new …
Signing in four public software package registries: Quantity, quality, and influencing factors
TR Schorlemmer, KG Kalu, L Chigges… - … IEEE Symposium on …, 2024 - ieeexplore.ieee.org
Many software applications incorporate open-source third-party packages distributed by
public package registries. Guaranteeing authorship along this supply chain is a challenge …
public package registries. Guaranteeing authorship along this supply chain is a challenge …
Analyzing third party service dependencies in modern web services: Have we learned from the mirai-dyn incident?
Many websites rely on third parties for services (eg, DNS, CDN, etc.). However, it also
exposes them to shared risks from attacks (eg, Mirai DDoS attack [24]) or cascading failures …
exposes them to shared risks from attacks (eg, Mirai DDoS attack [24]) or cascading failures …
The chain of implicit trust: An analysis of the web third-party resources loading
The Web is a tangled mass of interconnected services, where websites import a range of
external resources from various third-party domains. The latter can also load resources …
external resources from various third-party domains. The latter can also load resources …
Journey to the center of the cookie ecosystem: Unraveling actors' roles and relationships
I Sanchez-Rola, M Dell'Amico… - … IEEE Symposium on …, 2021 - ieeexplore.ieee.org
Web pages have been steadily increasing in complexity over time, including code snippets
from several distinct origins and organizations. While this may be a known phenomenon, its …
from several distinct origins and organizations. While this may be a known phenomenon, its …
Who's hosting the block party? studying third-party blockage of csp and sri
The Web has grown into the most widely used application platform for our daily lives. First-
party Web applications thrive due to many different third parties they rely on to provide …
party Web applications thrive due to many different third parties they rely on to provide …