Toward Exposing Timing-Based Probing Attacks in Web Applications

Timing attacks in web applications have been known for over a decade. Recently, new attacks have been reported to exploit timing techniques to probe sensitive information from web applications. In this paper, we present a tool to detect timing-based probing attacks in web applications. The main idea of our approach is to monitor the browser behaviors and identify anomalous timing behaviors. We prototyped our approach in the Google Chrome browser, and demonstrated its effectiveness.

[1]  Carla E. Brodley,et al.  IP covert timing channels: design and detection , 2004, CCS '04.

[2]  Marc Joye,et al.  Low-cost solutions for preventing simple side-channel analysis: side-channel atomicity , 2004, IEEE Transactions on Computers.

[3]  Dakshi Agrawal,et al.  The EM Side-Channel(s) , 2002, CHES.

[4]  Collin Jackson,et al.  Cross-origin pixel stealing: timing attacks using CSS filters , 2013, CCS.

[5]  Zhenkai Liang,et al.  I Know Where You've Been: Geo-Inference Attacks via the Browser Cache , 2015, IEEE Internet Computing.

[6]  Jong Kim,et al.  Identifying Cross-origin Resource Status Using Application Cache , 2015, NDSS.

[7]  Rui Wang,et al.  Side-Channel Leaks in Web Applications: A Reality Today, a Challenge Tomorrow , 2010, 2010 IEEE Symposium on Security and Privacy.

[8]  Gernot Heiser,et al.  Last-Level Cache Side-Channel Attacks are Practical , 2015, 2015 IEEE Symposium on Security and Privacy.

[9]  Gorka Irazoqui Apecechea,et al.  S$A: A Shared Cache Attack That Works across Cores and Defies VM Sandboxing -- and Its Application to AES , 2015, 2015 IEEE Symposium on Security and Privacy.

[10]  Natasa Milic-Frayling,et al.  Cache Timing Attacks Revisited: Efficient and Repeatable Browser History, OS and Network Sniffing , 2015, SEC.

[11]  Angelos D. Keromytis,et al.  The Spy in the Sandbox: Practical Cache Attacks in JavaScript and their Implications , 2015, CCS.

[12]  Dan Boneh,et al.  Protecting browser state from web privacy attacks , 2006, WWW '06.

[13]  Zachary Weinberg,et al.  I Still Know What You Visited Last Summer: Leaking Browsing History via User Interaction and Side Channel Attacks , 2011, 2011 IEEE Symposium on Security and Privacy.

[14]  Edward W. Felten,et al.  Timing attacks on Web privacy , 2000, CCS.