论文信息 - XSS-FP: Browser Fingerprinting using HTML Parser Quirks

XSS-FP: Browser Fingerprinting using HTML Parser Quirks

There are many scenarios in which inferring the type of a client browser is desirable, for instance to fight against session stealing. This is known as browser fingerprinting. This paper presents and evaluates a novel fingerprinting technique to determine the exact nature (browser type and version, eg Firefox 15) of a web-browser, exploiting HTML parser quirks exercised through XSS. Our experiments show that the exact version of a web browser can be determined with 71\% of accuracy, and that only 6 tests are sufficient to quickly determine the exact family a web browser belongs to.

[1] J. Ross Quinlan,et al. C4.5: Programs for Machine Learning , 1992 .

[2] R. Lippmann,et al. Passive Operating System Identification From TCP / IP Packet Headers * , 2003 .

[3] Ian H. Witten,et al. The WEKA data mining software: an update , 2009, SKDD.

[4] Xin Huang,et al. Browser Fingerprinting from Coarse Traffic Summaries: Techniques and Implications , 2009, DIMVA.

[5] Christopher Krügel,et al. Defending Browsers against Drive-by Downloads: Mitigating Heap-Spraying Code Injection Attacks , 2009, DIMVA.

[6] Niels Provos,et al. A Virtual Honeypot Framework , 2004, USENIX Security Symposium.

[7] Jose Nazario,et al. PhoneyC: A Virtual Client Honeypot , 2009, LEET.

[8] Reza R. Adhami,et al. Fingerprinting for security , 2001 .

[9] Peter Eckersley,et al. How Unique Is Your Web Browser? , 2010, Privacy Enhancing Technologies.

[10] Lloyd G. Greenwald,et al. Toward Undetected Operating System Fingerprinting , 2007, WOOT.

[11] Christopher Krügel,et al. Dynamic Analysis of Malicious Code , 2006, Journal in Computer Virology.

[12] Ian Welch,et al. HoneyC - The low-interaction client honeypot , 2006 .

[13] Hovav Shacham,et al. Fingerprinting Information in JavaScript Implementations , 2011 .