資源描述:
《JavaScript Engine FingerprintingJavaScript引擎》由會(huì)員上傳分享��,免費(fèi)在線閱讀�,更多相關(guān)內(nèi)容在學(xué)術(shù)論文-天天文庫��。
1��、FastandReliableBrowserIdenti?cationwithJavaScriptEngineFingerprintingMartinMulazzani�,PhilippReschly,MarkusHuber�,ManuelLeithner�,SebastianSchrittwieser�andEdgarWeippl��SBAResearchVienna,AustriayFHCampusWienVienna,AustriaAbstract—Webbrowsersarecrucialsoftwa
2���、recomponentsWhiletoday’sbrowsersinterpretawebsite’scodeinintoday’susageoftheInternet,butthereliabledetectionsimilarways(basedonstandards),theactualimplementationsofwhetheraclientisusingaspeci?cbrowsercanstillbeofthesestandardsdiffer.Thisdiversityofbrowsersh
3、asconsideredanontrivialproblem.Reliablebrowseridenti?cationalwayscausedheadachesforWebdevelopers,asthesameiscrucialforonlinesecurityandprivacye.g.,regardingdrive-bydownloadsandusertracking,andcanbeusedtoenhancethewebsitecanvaryacrossdifferentbrowserswithres
4����、pecttouser’ssecurity.SofartheUserAgentstringisoftenusedtofunctionalityorappearance,requiringadditionaltestingandidentifyagivenbrowser,butitisaself-reportedstringprovideddebuggingofawebsite’scodeinordertoensurecorrectbytheclientandcanbechangedarbitrarily.fun
5�、ctionalityinrelevantbrowsers.However,thiscanalsohavesevereimplicationsonprivacyandsecurity.InthisInthispaperweproposeanewmethodforidentifyingwebbrowsersbasedontheunderlyingJavascriptengine,whichcanpaper,weproposeanovelconceptforbrowseridenti?cation,beexecut
6����、edontheclientsidewithinafractionofasecond.Ourwhichexploitsexactlytheseimperfectimplementationsofmethodisthreeordersofmagnitudefasterthanpreviousworkstandardsinthedifferentbrowsers.OurworkwasoriginallyonJavascriptengine?ngerprinting,andcanbeimplementedwithmo
7、tivatedbythesecurityscannernmap,whichusesTCP/IPwellbelowafewhundredlinesofcode.Weshowthefeasibilityofstack?ngerprintingtodeterminetheoperatingsystemofaourmethodwithasurveyanddiscusstheconsequencesforuserprivacyandbrowsersecurity.Furthermore,wecollecteddataf
8��、orremotehost.Inaverysimilarway,weusethebrowser’smorethan150browserandoperatingsystemcombinations,andunderlyingJavaScriptengineforbrowseridenti?cation.presentalgorithmstomakebrowseridenti?cationasfastas
