I Know Where You've Been: Geo-Inference Attacks via the Browser Cache

To provide more relevant content and better responsiveness, many websites customize their services according to users' geolocations. However, if geo-oriented websites leave location-sensitive content in the browser cache, other sites can sniff that content via side channels. The authors' case studies demonstrate the reliability and power of geo-inference attacks, which can measure the timing of browser cache queries and track a victim's country, city, and neighborhood. Existing defenses cannot effectively prevent such attacks, and additional support is required for a better defense deployment.

[1]  David Brumley,et al.  Remote timing attacks are practical , 2003, Comput. Networks.

[2]  Steve Uhlig,et al.  IP geolocation databases: unreliable? , 2011, CCRV.

[3]  Lukasz Olejnik,et al.  Web Browser History Detection as a Real-World Privacy Threat , 2010, ESORICS.

[4]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[5]  Ling Liu,et al.  Protecting Location Privacy with Personalized k-Anonymity: Architecture and Algorithms , 2008, IEEE Transactions on Mobile Computing.

[6]  Dan Boneh,et al.  Exposing private information by timing web applications , 2007, WWW '07.

[7]  Collin Jackson,et al.  Cross-origin pixel stealing: timing attacks using CSS filters , 2013, CCS.

[8]  David Wetherall,et al.  Towards IP geolocation using delay and topology measurements , 2006, IMC '06.

[9]  Lars Kulik,et al.  A Formal Model of Obfuscation and Negotiation for Location Privacy , 2005, Pervasive.

[10]  손진수,et al.  가상사설망 ( Virtual Private Network ) 서비스란 , 1993 .

[11]  Markus Jakobsson,et al.  Invasive browser sniffing and countermeasures , 2006, WWW '06.

[12]  Frank Stajano,et al.  Mix zones: user privacy in location-aware services , 2004, IEEE Annual Conference on Pervasive Computing and Communications Workshops, 2004. Proceedings of the Second.

[13]  Christopher Krügel,et al.  A Practical Attack to De-anonymize Social Network Users , 2010, 2010 IEEE Symposium on Security and Privacy.

[14]  Onur Aciiçmez,et al.  Improving Brumley and Boneh timing attack on unprotected SSL implementations , 2005, CCS '05.

[15]  David Wetherall,et al.  Detecting and Defending Against Third-Party Tracking on the Web , 2012, NSDI.

[16]  Dawn Xiaodong Song,et al.  Towards a Formal Foundation of Web Security , 2010, 2010 23rd IEEE Computer Security Foundations Symposium.

[17]  Dan Boneh,et al.  Protecting browser state from web privacy attacks , 2006, WWW '06.

[18]  Dan Boneh,et al.  An Analysis of Private Browsing Modes in Modern Browsers , 2010, USENIX Security Symposium.

[19]  Mahesh Balakrishnan,et al.  Where's that phone?: geolocating IP addresses on 3G networks , 2009, IMC '09.

[20]  Zachary Weinberg,et al.  I Still Know What You Visited Last Summer: Leaking Browsing History via User Interaction and Side Channel Attacks , 2011, 2011 IEEE Symposium on Security and Privacy.

[21]  Artur Janc,et al.  Feasibility and Real-World Implications of Web Browser History Detection , 2010 .

[22]  Sorin Lerner,et al.  An empirical study of privacy-violating information flows in JavaScript web applications , 2010, CCS '10.

[23]  Edward W. Felten,et al.  Timing attacks on Web privacy , 2000, CCS.