I Know Where You ve Been:! Geo-Inference Attacks via the Browser Cache!



Similar documents
Microsoft Dynamics NAV 2015 Hardware and Server Requirements. Microsoft Dynamics NAV Windows Client Requirements

Getting a Grip on CDN Performance Why & How.

Release Notes for Websense Web Endpoint (32- and 64-bit OS)

1. Right click using your mouse on the desktop and select New Shortcut.

isupplygw Site Login Troubleshooting

Tidspunkt : : :59 (49 dag(e)) Operativsystem (OS) fordelt på browsere Total: Safari9 ios %

Scriptless Timing Attacks on Web Browser Privacy

System Requirements for Microsoft Dynamics NAV 2015

How To Install the Virtual Learning App

Setting up a Virtual Private Network (VPN) connection (Windows 7)

Performance Analysis of Web-browsing Speed in Smart Mobile Devices

Real Time Data Communication over Full Duplex Network Using Websocket

2X Cloud Portal v10.5

Interact Intranet Version 7. Technical Requirements. August Interact

Recruiting - Hiring Managers Guide for Users Updated on 14 May 2015

Browser Performance Tests We put the latest web browsers head-to-head to try to find out which one is best!

Browser Performance Tests We put the latest web browsers head-to-head to try to find out which one is best!

Setting up a Virtual Private Network (VPN) connection Windows 8

A Step-by-Step Patient Guide to Upload Medical Images to the Cleveland Clinic Neurological Institute

Repeater. BrowserStack Local. browserstack.com 1. BrowserStack Local makes a REST call using the user s access key to browserstack.

NETWRIX IDENTITY MANAGEMENT SUITE

System Requirements for Microsoft Dynamics NAV 2013 R2

PC Security & Housekeeping March 2015

Self Service - Personal Information Guide for Users Updated on 5 May 2015

Clearing Browser Cache/History

LabStats 5 System Requirements

ADA Applicant Business Process Guide

Infor Xtreme Browser References

System Requirements for Microsoft Dynamics NAV 2016

Proposal submitted by

System Requirements. Microsoft Dynamics NAV 2016

Recent Advances in Web Application Security

This document is provided to you by ABC E BUSINESS, Microsoft Dynamics Preferred partner. System Requirements NAV 2016

KUB Website Troubleshooting

Symantec Endpoint Protection

BROWSER SUPPORT FOR SCIQUEST PRODUCTS. June 2015

System Requirements for Microsoft Dynamics NAV 2016

OE Cloud Standard Terms of Service

WatchGuard Training. Introduction to WatchGuard Dimension

Microsoft Dynamics NAV

Support Portal User Guide. Version 3.0

System Requirements for Microsoft Dynamics NAV 2016

Hosted Security Quick Start Guide

Experian Secure Transport Service

Web Application Security

A digital Creative Company

How to Hack Millions of Routers. Craig Heffner, Seismic LLC

Usable Crypto: Introducing minilock. Nadim Kobeissi HOPE X, NYC, 2014

HTML5. Eoin Keary CTO BCC Risk Advisory.

Web Conferencing Version 8.3 Troubleshooting Guide

Hardwarekrav. 30 MB. Memory: 1 GB. Additional software Microsoft.NET Framework 4.0.

Qualification Programme (QP) Online Registration System. User Guide

How To Fix A Fault Notification On A Network Security Platform (Xc) (Xcus) (Network) (Networks) (Manual) (Manager) (Powerpoint) (Cisco) (Permanent

Optimal Browser Settings for Internet Explorer Running on Microsoft Windows

How To Set Up Ops Cser.Com (Pros) For A Pc Or Mac) With A Microsoft Powerbook (Proos) (Prosecco) (Powerbook) (Pros) And Powerbook.Com/

Cyclope Internet Filtering Proxy. - Installation Guide -

U.S. Mobile Benchmark Report

1 Main components... 3

MyNet FAQ s GETTING STARTED: Q: What is the MyNet website address? A:

RingCentral for Desk. Admin Guide

New Online Banking Guide for FIRST time Login

ADOBE FLASH PLAYER Local Settings Manager

TxEIS Browser Settings

SuperGIS Server 3 High Availability Test Report

Update logo and logo link on A Master. Update Date and Product on B Master

MaaS360 Mobile Enterprise Gateway

Cost Analysis of Cloud and Traditional Legal Practice Management Software

Troubleshooting steps for Oracle Financials and Markview. Jan 2015

Sage 200 Online. System Requirements and Prerequisites

Downloading and Installing Interactive Reporting (Hyperion) Web Client

AppSec USA 2014 Denver, Colorado Security Header Injection Module (SHIM)

Symantec Endpoint Protection

MaaS360 Mobile Enterprise Gateway

Adobe Flash Player and Adobe AIR security

Installation and usage of SSL certificates: Your guide to getting it right

System Requirements for Microsoft Dynamics NAV 2016

Setting up Client Browsers Oracle FLEXCUBE Universal Banking Release [May] [2011]

Minimum Requirements for Web Based Applications

MAXA-COOKIE-MANAGER - USER MANUAL - SW-Release V 5.0 / Document Rev. 1.1

User Installation Guide

Hardware & Software Specification i2itracks/popiq

Mac OS X. Staff members using NEIU issued laptops and computers on Active Directory can access NEIU resources that are available on the wired network.

Junos Pulse VPN Client Installation

ACORD. Lync 2013 Web-app Install Guide

SAFE-T RSACCESS REPLACEMENT FOR MICROSOFT FOREFRONT UNIFIED ACCESS GATEWAY (UAG)

1. Do I need to upgrade my Broadband at Home modem firmware?

Checking Browser Settings, and Basic System Requirements for QuestionPoint

Five Tips to Reduce Risk From Modern Web Threats

Remote Access. Remote Access Start-up Guide. Non Cheshire East Council PC s/laptops. Page 0

Sophistication of attacks will keep improving, especially APT and zero-day exploits

TYLER JUNIOR COLLEGE School of Continuing Studies 1530 SSW Loop 323 Tyler, TX

STOPPING LAYER 7 ATTACKS with F5 ASM. Sven Müller Security Solution Architect

Web Browsing Examples. How Web Browsing and HTTP Works

Windows (7, 8, or Vista) or Mac OS X (10.9 or later) 1 GB RAM (2 GB recommended) 20 MB free disk space

What's New in BlackBerry Enterprise Server 5.0 SP4 for Novell GroupWise

The Microsoft JPEG Vulnerability and the Six New Content Security Requirements

Akamai CDN, IPv6 and DNS security. Christian Kaufmann Akamai Technologies DENOG 5 14 th November 2013

8x8 Virtual Office Click2Pop for eagent Setup Guide

No refunds can be issued after the start date published in your Financial Award document

Transcription:

I Know Where You ve Been:! Geo-Inference Attacks via the Browser Cache! Yaoqi Jia, Xinshu Dong, Zhenkai Liang, Prateek Saxena! School of Computing, National University of Singapore! Advanced Digital Sciences Center!

Geo-location in Browsers! Benefits Threats 1!

May I Access Your Geo-location?! 2!

Sources of Users Geo-locations! Browser 3!

Problem Statement!? Browser Can we infer the user s geolocation from his browser? 4!

Site-Related States in Browser! Browser! 5!

Browser Cache Saves Loading Time! 1 st : 1360ms 2 nd : 320ms 3 rd : 350ms Browser Cache! 6!

Browser Cache Abused: Timing Channels of Leakage! Felten and Shneider, CCS 00 Browser cache is shared across all sites Browser Cache! 7!

Our Contributions!! Geo-inference attacks via the browser cache!! Infer a user s country, city or even neighborhood!! Prevalence of geo-inference attacks!! Five mainstream browsers and TorBrowser!! Top 55 Alexa and 11 map websites!! Pros & cons of potential solutions! 8!

Outline!! Problem Statement!! Case Studies!! Evaluation!! Discussion! 9!

Case Studies!! Can we infer a user s country?!!! Can we infer a user s city?!!! Can we infer a user s neighborhood?! 10!

How to Infer a User s Country?! Google has 191 regional sites, and one site represents one country or region. Measure image load time of Google s logo from Google s 191 regional sites 11!

Measuring Image Load Time! Before Loading img.onload Fires var image = document.createelement(`img'); image.setattribute(`starttime', (new Date().getTime())); image.onload = function() { var endtime = new Date().getTime(); var loadtime = endtime - parseint(this.getattribute(`starttime')); }... 12!

How to Infer a User s City?! Measure page load time of Craigslist s 712 city sites, determine which page is cached 13!

Measuring Page Load Time! Before Loading iframe.onload Fires var page = document.createelement(`iframe'); page.setattribute(`starttime', (new Date()).getTime()); page.onload = function () { var endtime = (new Date()).getTime(); var loadtime = ( endtime - parseint(this.getattribute(`starttime'))); }... 14!

How to Infer a User s Neighborhood?! Measure the image load time of map tiles of the user s city from Google Maps, determine which tiles are cached 15!

Evaluation! Questions to be answered:!! (Prevalence) How many browsers and websites are susceptible to geo-inference attacks?!! (Reliability) How big is the time difference between resources load time without cache and that with cache?! 16!

Evaluation Setup!! Websites: 191 Google s regional sites, 100 Craigslist s city sites, and 4,646 map tiles of New York City from Google Maps.!! Browsers: Five mainstream browsers, i.e., Chrome, Firefox, Safari, Opera and IE, as well as TorBrowser (version 3.5.2.1) on both desktop and available mobile platforms.!! Locations: US, UK, Australia, Singapore, and Japan, via VPN service Hotspot Shield.! 17!

Websites with Location-Related! Resources in Browser Cache! Total 11 map service sites! 62% of 55 top Alexa global sites! 18!

Browsers Susceptible to! Geo-Inference Attacks! Mainstream Browsers! Desktop Platforms! Mobile Platforms! 19!

Reliability (Time Difference)! 2000" 1800" 1600" 1400" 1200" 1000" 800" 600" 400" 200" 0" 1" 3" 5" 7" 9" 11" 13" 15" 17" 19" 21" 23" 25" 27" 29" 31" 33" 35" 37" 39" 41" 43" 45" 47" 49" 51" 53" 55" 57" 59" 61" 63" 65" 67" 69" 71" 73" 75" 77" 79" 81" 83" 85" 87" 89" 91" 93" 95" 97" 99" Without"Cache" With"Cache" The huge difference between the page load time (in millisecond) of 100 Craigslist sites without cache (> 1000 ms) and with cache ( 220 ms) indicates geo-inference attacks with Craigslist 20!

Discussion of Defense Solutions!! Private Browsing Mode and TorBrowser!! Randomizing timing measurements!! Segregating browser cache! 21!

Private Browsing Mode! Private Browsing Mode! Clear browser cache after closing window.!! Disable disk cache, enable memory cache.! is not the Cure!! It cannot prevent one site from inferring geo-location of another site!! Confirmed by experiments.! Browser Cache!! TorBrowser is VPN + Private Browsing Mode! 22!

Randomizing Timing Measurements!! Add noise into timing measurement mechanisms.!! Intricate engineering effort.! Browser Cache! 23!

Segregating Browser Cache!! Deploy Same-Origin Policy on browser cache. [Jackson et al. WWW 06]!! High performance overhead measured in our experiment! Browser Cache! 24!

To Cache or Not To Cache?!! No cache for location-sensitive resources.!! Cache-Control: no-cache HTTP response header!! Identifying location-sensitive resource!! Developer assistance!! Automated tool to detect location-sensitive resources! 25!

Conclusion!! Geo-inference attacks via the browser cache!! All five mainstream browsers and TorBrowser, as well as 11 map service sites and 62% of Alexa Top 100 websites, are susceptible to such attacks.!! Discussion of existing and potential defenses.!! Calling for actions! 26!

Yaoqi Jia! E-mail: jiayaoqi@comp.nus.edu.sg! 27!

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information