Attacking Suggest Boxes in Web Applications Over HTTPS Using Side-Channel Stochastic Algorithms

Schaub, Alexander; Schneider, Emmanuel; Hollender, Alexandros; Calasans, Vinicius; Jolie, Laurent; Touillon, Robin; Heuser, Annelie; Guilley, Sylvain; Rioul, Olivier

doi:10.1007/978-3-319-17127-2_8

Cited by 8 publications

(3 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Thus to find a string of size n, the attacker needs to send 26 n automated search requests. Later, Schaub et al study how to use stochastic algorithm to deal with variable packet lengths considering that Google has supported variable packet lengths for a given query with payload randomization and Gzip compression since 2012 [58]. For a given length, they create a prefix tree to represent the set of all possible words based on a chosen dictionary and preform hierarchical matching based on the observed size of responded packets.…”

Section: A Related Work: Broader Discussionmentioning

confidence: 99%

“…Since then, Google has adopted the use of variable-length packets for a given search query with payload randomization and compression. In [58], a stochastic algorithm is adopted to infer the keywords-for a given word length, a prefix tree is created to represent the set of all possible words based on a chosen dictionary and hierarchical matching is conducted based on the observed length of subsequent response packets.…”

Section: Problem Formulationmentioning

confidence: 99%

See 1 more Smart Citation

Fingerprinting Search Keywords over HTTPS at Scale

Yan,

Alan,

Kaur

2020

Preprint

View full text Add to dashboard Cite

The possibility of fingerprinting the search keywords issued by a user on popular web search engines is a significant threat to user privacy. This threat has received surprisingly little attention in the network traffic analysis literature. In this work, we consider the problem of keyword fingerprinting of HTTPS traffic-we study the impact of several factors, including client platform diversity, choice of search engine, feature sets as well as classification frameworks. We conduct both closedworld and open-world evaluations using nearly 4 million search queries collected over a period of three months. Our analysis reveals several insights into the threat of keyword fingerprinting in modern HTTPS traffic.

show abstract

Section: A Related Work: Broader Discussionmentioning

confidence: 99%

Section: Problem Formulationmentioning

confidence: 99%

Fingerprinting Search Keywords over HTTPS at Scale

Yan,

Alan,

Kaur

2020

Preprint

View full text Add to dashboard Cite

show abstract

“…Chen et al [11] showed that financial information, health profiles, and search queries were leaked over HTTPS and WPA by packet inspection. Schaub et al [34] and Sharma et al [35] also presented a black-box tool for side channel weakness quantification using the Fisher criterion. Backes et al [3] adopted a formal approach, enabling information flow analysis to detect side channel attacks.…”

Section: Side Channel Attacks and Defenses On Encrypted Network Trafficmentioning

confidence: 99%

Fingerprinting Keywords in Search Queries over Tor

Hopper

2017

Proceedings on Privacy Enhancing Technologies

View full text Add to dashboard Cite

Search engine queries contain a great deal of private and potentially compromising information about users. One technique to prevent search engines from identifying the source of a query, and Internet service providers (ISPs) from identifying the contents of queries is to query the search engine over an anonymous network such as Tor. In this paper, we study the extent to which Website Fingerprinting can be extended to fingerprint individual queries or keywords to web applications, a task we call Keyword Fingerprinting (KF). We show that by augmenting traffic analysis using a two-stage approach with new task-specific feature sets, a passive network adversary can in many cases defeat the use of Tor to protect search engine queries. We explore three popular search engines, Google, Bing, and Duckduckgo, and several machine learning techniques with various experimental scenarios. Our experimental results show that KF can identify Google queries containing one of 300 targeted keywords with recall of 80% and precision of 91%, while identifying the specific monitored keyword among 300 search keywords with accuracy 48%. We also further investigate the factors that contribute to keyword fingerprintability to understand how search engines and users might protect against KF.

show abstract