Security, privacy, and usability in continuous authentication: A survey
AF Baig, S Eskeland - Sensors, 2021 - mdpi.com
Continuous authentication has been proposed as a possible approach for passive and
seamless user authentication, using sensor data comprising biometric, behavioral, and …
seamless user authentication, using sensor data comprising biometric, behavioral, and …
Hot Pixels: Frequency, Power, and Temperature Attacks on {GPUs} and Arm {SoCs}
The drive to create thinner, lighter, and more energy efficient devices has resulted in modern
SoCs being forced to balance a delicate tradeoff between power consumption, heat …
SoCs being forced to balance a delicate tradeoff between power consumption, heat …
The leaky web: Automated discovery of cross-site information leaks in browsers and the web
J Rautenstrauch, G Pellegrino… - 2023 IEEE Symposium …, 2023 - ieeexplore.ieee.org
When browsing the web, none of us want sites to infer which other sites we may have visited
before or are logged in to. However, attacker-controlled sites may infer this state through …
before or are logged in to. However, attacker-controlled sites may infer this state through …
[PDF][PDF] Tales of favicons and caches: Persistent tracking in modern browsers
The privacy threats of online tracking have garnered considerable attention in recent years
from researchers and practitioners. This has resulted in users becoming more …
from researchers and practitioners. This has resulted in users becoming more …
Sok: Exploring current and future research directions on xs-leaks through an extended formal model
T Van Goethem, G Franken, I Sanchez-Rola… - Proceedings of the …, 2022 - dl.acm.org
A web visit typically consists of the browser rendering a dynamically generated response
that is specifically tailored to the user. This generation of responses based on the currently …
that is specifically tailored to the user. This generation of responses based on the currently …
Timeless timing attacks: Exploiting concurrency to leak secrets over remote connections
T Van Goethem, C Pöpper, W Joosen… - 29th USENIX Security …, 2020 - usenix.org
To perform successful remote timing attacks, an adversary typically collects a series of
network timing measurements and subsequently performs statistical analysis to reveal a …
network timing measurements and subsequently performs statistical analysis to reveal a …
[PDF][PDF] Awakening the web's sleeper agents: Misusing service workers for privacy leakage
Service workers are a powerful technology supported by all major modern browsers that can
improve users' browsing experience by offering capabilities similar to those of native …
improve users' browsing experience by offering capabilities similar to those of native …
Replication: Why we still can't browse in peace: On the uniqueness and reidentifiability of web browsing histories
S Bird, I Segall, M Lopatka - … Symposium on Usable Privacy and Security …, 2020 - usenix.org
We examine the threat to individuals' privacy based on the feasibility of reidentifying users
through distinctive profiles of their browsing history visible to websites and third parties. This …
through distinctive profiles of their browsing history visible to websites and third parties. This …
Xsinator. com: From a formal model to the automatic evaluation of cross-site leaks in web browsers
Cross-Site Leaks (XS-Leaks) describe a client-side bug that allows an attacker to collect
side-channel information from a cross-origin HTTP resource. They are a significant threat to …
side-channel information from a cross-origin HTTP resource. They are a significant threat to …
Cross-origin state inference (COSI) attacks: Leaking web site states through xs-leaks
In a Cross-Origin State Inference (COSI) attack, an attacker convinces a victim into visiting
an attack web page, which leverages the cross-origin interaction features of the victim's web …
an attack web page, which leverages the cross-origin interaction features of the victim's web …