{Side-Channel} Attacks on Optane Persistent Memory
There is a constant evolution of technology for cloud environments, including the
development of new memory storage technology, such as persistent memory. The newly …
development of new memory storage technology, such as persistent memory. The newly …
Most websites don't need to vibrate: A cost-benefit approach to improving browser security
Modern web browsers have accrued an incredibly broad set of features since being
invented for hypermedia dissemination in 1990. Many of these features benefit users by …
invented for hypermedia dissemination in 1990. Many of these features benefit users by …
Sok: Exploring current and future research directions on xs-leaks through an extended formal model
T Van Goethem, G Franken, I Sanchez-Rola… - Proceedings of the …, 2022 - dl.acm.org
A web visit typically consists of the browser rendering a dynamically generated response
that is specifically tailored to the user. This generation of responses based on the currently …
that is specifically tailored to the user. This generation of responses based on the currently …
Pride and prejudice in progressive web apps: Abusing native app-like features in web applications
Progressive Web App (PWA) is a new generation of Web application designed to provide
native app-like browsing experiences even when a browser is offline. PWAs make full use of …
native app-like browsing experiences even when a browser is offline. PWAs make full use of …
Deterministic browser
Timing attacks have been a continuous threat to users' privacy in modern browsers. To
mitigate such attacks, existing approaches, such as Tor Browser and Fermata, add jitters to …
mitigate such attacks, existing approaches, such as Tor Browser and Fermata, add jitters to …
Rendered private: Making {GLSL} execution uniform to prevent {WebGL-based} browser fingerprinting
Browser fingerprinting, a substitute of cookies-based tracking, extracts a list of client-side
features and combines them as a unique identifier for the target browser. Among all these …
features and combines them as a unique identifier for the target browser. Among all these …
Operating channel validation: Preventing multi-channel man-in-the-middle attacks against protected Wi-Fi networks
We present a backwards compatible extension to the 802.11 standard to prevent multi-
channel man-in-the-middle attacks. This extension authenticates parameters that define the …
channel man-in-the-middle attacks. This extension authenticates parameters that define the …
Practical timing side-channel attacks on memory compression
Compression algorithms have side channels due to their data-dependent operations. So far,
only the compression-ratio side channel was exploited, eg, the compressed data size. In this …
only the compression-ratio side channel was exploited, eg, the compressed data size. In this …
Dbreach: Stealing from databases using compression side channels
M Hogan, Y Michalevsky… - 2023 IEEE Symposium …, 2023 - ieeexplore.ieee.org
We introduce new compression side-channel attacks against database storage engines that
simultaneously support compression of database pages and encryption at rest. Given only …
simultaneously support compression of database pages and encryption at rest. Given only …
Rendering contention channel made practical in web browsers
Browser rendering utilizes hardware resources shared within and across browsers to
display web contents, thus inevitably being vulnerable to side channel attacks. Prior works …
display web contents, thus inevitably being vulnerable to side channel attacks. Prior works …