Dark Knowledge
Contributing
-
Found an interesting paper you think might fit? Feel free to open an issue or PR!
-
If anyone has time, would be awesome to get PRs adding context to meta.json
| Year | Title | Topics | Authors | |
|---|---|---|---|---|
| 2023 | A Two-Step TLS-Based Browser fingerprinting approach using combinatorial sequences | Fingerprint, TLS, Combinatorics | Bernhard Garn, Stefan Zauner, Dimitris E. Simos, Manuel Leithner, Richard Kuhn, Raghu Kacker | |
| 2022 | SMS PVA - An Underground Service Enabling Threat Actors to Register Bulk Fake Accounts | |||
| 2022 | Phish in Sheeps Clothing Exploring Pitfalls of Browser Fingerprinting | |||
| 2022 | DRAWNAPART - A Device Identification Technique based on Remote GPU Fingerprinting | |||
| 2022 | Browser-based CPU Fingerprinting | CPU Fingerprinting, Timing Attacks | Leon Trampert, Christian Rossow, Michael Schwarz | |
| 2022 | AudioContext Browser Fingerprinting | AudioContext, ML, Device Verification, Device Identification | Josef Frola | |
| 2021 | Your Phone is My Proxy - Detecting and Understanding Mobile Proxy Networks | |||
| 2021 | TypeNet - Deep Learning Keystrong Biometrics | |||
| 2021 | The CNAME of the Game - Large-scale Analysis of DNS-based Tracking Evasion | DNS | Yana Dimova | |
| 2021 | Tales of FAVICONS and Caches - Persistent Tracking in Modern Browsers | |||
| 2021 | On Reliability of JA3 Hashes for Fingerprinting Mobile Applications | |||
| 2021 | OS Fingerprinting and Tethering Detection in Mobile Networks | |||
| 2021 | ML-CB - Machine Learning Canvas Block | |||
| 2021 | JARM Randomizer - Evading JARM Fingerprinting | |||
| 2021 | JA3cury - A New Approach to TLS Fingerprinting by Merging Fingerprinting Methods | |||
| 2021 | Fingerprinting in Style - Detecting Browser Extensions via Injected Style Sheets | Fingerprint, Extensions | Pierre Laperdrix | |
| 2020 | Web Runner 2049 - Evaluating Third-Party Anti-Bot Services | |||
| 2020 | Web Browser Privacy - What Do Browsers Say When They Phone Home | |||
| 2020 | Web Applications Security and Privacy | |||
| 2020 | Using TLS Fingerprints for OS Identification in Encrypted Traffic | |||
| 2020 | Using Generative Adversarial Networks to Break and Protect Text CAPTCHAs | |||
| 2020 | Timeless Timing Attacks - Exploiting Concurrency to Leak Secrets over Remote Connections | |||
| 2020 | Taming the Shape Shifter - Detecting Anti-Fingerprinting Browsers | |||
| 2020 | TLS Fingerprinting Techniques | |||
| 2020 | SenCAPTCHA - A Mobile-First CAPTCHA Using Orientation Sensors | |||
| 2020 | Remote physical device fingerprinting | |||
| 2020 | Poking a Hole in the Wall - Censorship-Resistant Internet Communications by Parasitizing on WebRTC | |||
| 2020 | Neither Denied nor Exposed Fixing WebRTC | |||
| 2020 | Leveraging Frequency Analysis for Deep Fake Image Recognition | |||
| 2020 | Inside The Black Box - A Glimpse Of Googleโs Internal Data Free-For-All | |||
| 2020 | Guess Who - Large-Scale Data-Centric Study of the Adequacy of Browser Fingerprints for Web Authentication | |||
| 2020 | Fingerprinting the Fingerprinters - Learning to Detect Browser Fingerprinting Behaviors | |||
| 2020 | Fingerprinting With Atomic Counters in Upcoming Web Graphics Compute APIs | |||
| 2020 | FPSelect - Low-Cost Browser Fingerprints for Mitigating Dictionary Attacks against Web Authentication Mechanisms | |||
| 2020 | FP-Crawlers - Studying the Resilience of Browser Fingerprinting to Block Crawlers | |||
| 2020 | EssentialFP - Exposing the Essence of Browser Fingerprinting | |||
| 2020 | Donโt count me out - On the relevance of IP addresses in the tracking ecosystem | |||
| 2020 | Deobfuscation, Unpacking, And Decoding of Obfuscated Malicious JavaScript For Machine Learning Models Detection Performance Improvement | |||
| 2020 | Combining Behavioural Biometrics and Session Context Analytics to Enhance Risk Based Static Authentication in Web Applications | |||
| 2020 | Clash of the Trackers - Measuring the Evolution of the Online Tracking Ecosystem | |||
| 2020 | Characterizing Anomalies in Malware-Generated HTTP Traffic | |||
| 2020 | Carnus - Exploring the Privacy Threats of Browser Extension Fingerprinting | |||
| 2020 | Browser Fingerprint Standardization Using Rule Based Algorithm and Multi-Class Entropy | |||
| 2020 | BeCAPTCHA-Mouse - Synthetic Mouse Trajectories and Improved Bot Detection | |||
| 2020 | Awakening the Webโs Sleeper Agents - Misusing Service Workers for Privacy Leakage | |||
| 2020 | Accurate TLS Fingerprinting using Destination Context and Knowledge Bases | |||
| 2020 | 3d Red Pill - A Guest-to-Host Escape on QEMUKVM Virtio Devices | |||
| 2019 | VisibleV8 - In-browser Monitoring of JavaScript in the Wild | |||
| 2019 | Tracking Versus Security - Investigating the Two Facets of Browser Fingerprinting | |||
| 2019 | The Generation and Use of TLS Fingerprints | |||
| 2019 | Talon - An Automated Framework for Cross-Device Tracking Detection | |||
| 2019 | SoK - In Search of Lost Time - A Review of JavaScript Timers in Browsers | |||
| 2019 | Resident Evil - Understanding Residential IP Proxy as a Dark Service | |||
| 2019 | Rendered Private - Making GLSL Execution Uniform to Prevent WebGL-based Browser Fingerprinting | |||
| 2019 | Preventing Browser Fingerprinting by Randomizing Canvas | |||
| 2019 | Passive OS Fingerprinting by DNS Traffic Analysis | |||
| 2019 | Morelian Analysis for Browsers - Making Web Authentication Stronger with Canvas Fingerprinting | |||
| 2019 | Monsters in the Middleboxes - Building Tools for Detecting HTTPS Interception | |||
| 2019 | Leveraging WebAssembly for Numerical JavaScript Code Virtualization | |||
| 2019 | JavaScript Template Attacks - Automatically Inferring Host Information for Targeted Exploits | |||
| 2019 | Improving the Testing Efficiency of Selenium-based Load Tests | |||
| 2019 | Hacking Google reCAPTCHA v3 using Reinforcement Learning | |||
| 2019 | From IP ID To Device ID and KASLR Bypass | |||
| 2019 | Fourier Spectrum Discrepancies in Deep Network Generated Images | |||
| 2019 | Even Turing Should Sometimes Not Be Able To Tell - Mimicking Humanoid Usage Behavior for Exploratory Studies of Online Services | |||
| 2019 | Browser Fingerprinting - Exploring Device Diversity to Augment Authentication and Build Client-Side Countermeasures | |||
| 2019 | Browser Fingerprinting - A Survey | |||
| 2019 | Analyzing and Improving the Image Quality of StyleGAN | |||
| 2019 | An Investigation on Information Leakage of DNS over TLS | |||
| 2019 | After You, Please - Browser Extensions Order Attacks and Countermeasures | |||
| 2018 | Who Left Open the Cookie Jar - A Comprehensive Evaluation of Third-Party Cookie Policies | |||
| 2018 | Who Changed my Browser Settings | |||
| 2018 | Rendered Insecure - GPU Side Channel Attacks are Practical | |||
| 2018 | Pride and Prejudice in Progressive Web Apps - Abusing Native App-like Features in Web Applications | |||
| 2018 | JavaScript Zero - Real JavaScript and Zero Side-Channel Attacks | |||
| 2018 | Hiding in The Crowd - An Analysis of the Effectiveness of Browser Fingerprinting At Large Scale | |||
| 2018 | Fingerprinting Mobile Browsers | |||
| 2018 | FP-STALKER - Tracking Browser Fingerprint Evolutions | |||
| 2018 | Evaluating Server-Side Internet Proxy Detection Methods | |||
| 2018 | Detecting Social Spamming on Facebook Platform | |||
| 2018 | Clock Around the Clock - Time-Based Device Fingerprinting | |||
| 2018 | Browser Fingerprinting - Exploring Device Diversity to Augment Authentification and Build Client-Side Countermeasures | |||
| 2017 | Tracking You through DNS Traffic - Linking User Sessions by Clustering with Dirichlet Mixture Model | |||
| 2017 | The Security Impact of HTTPS Interception | |||
| 2017 | The All Seeing Eye - Web to App Intercommunication for Session Fingerprinting in Android | |||
| 2017 | Most Websites Donโt Need to Vibrate - A CostโBenefit Approach to Improving Browser Security | |||
| 2017 | FpRandom - Randomizing Core Browser Objects to Break Advanced Device Fingerprinting Techniques | |||
| 2017 | Fantastic Timers and Where to Find Them - High-Resolution Microarchitectural Attacks in JavaScript | |||
| 2017 | Deterministic Browser | |||
| 2017 | DECANTeR - DEteCtion of Anomalous outbouNd HTTP TRaffic by Passive Application Fingerprinting | |||
| 2017 | (Cross-)Browser Fingerprinting via OS and Hardware Level Features | |||
| 2016 | Web browser fingerprinting a framework for measuring the web browser | |||
| 2016 | Tunneling for Transparency A Large-Scale Analysis of End-to-End Violations in the Internet | |||
| 2016 | Trusted Browsers For Uncertain Times | |||
| 2016 | The Security of WebRTC | |||
| 2016 | Picasso - Lightweight Device Class Fingerprinting For Web Clients | |||
| 2016 | Iโm not a human - Breaking the Google reCAPTCHA | |||
| 2016 | I Am Robot - (Deep) Learning to Break Semantic Image CAPTCHAs | |||
| 2016 | Cloud Fingerprinting - Using Clock Skews To Determine Co-Location of Virtual Machines | |||
| 2016 | Browser Fingerprinting - Hraska | |||
| 2016 | Beauty and the Beast - Diverting Modern Web Browsers To Build Unique Browser Fingerprints | |||
| 2016 | A 1-million-site Measurement and Analysis | |||
| 2015 | You Are How You Query - Deriving Behavioral Fingerprints From DNS Traffic | |||
| 2015 | Tick Tock - Building Browser Red Pills from Timing Side Channels | |||
| 2015 | The Clock is Still Ticking - Timing Attacks in the Modern Web | |||
| 2015 | Network-based HTTPS Client Identification Using SSL TLS Fingerprinting | |||
| 2015 | Mitigating browser fingerprint tracking | |||
| 2015 | FpGuard - Detection and Prevention of Browser Fingerprinting | |||
| 2015 | Deterministically Deterring Timing Attacks in Deterland | |||
| 2014 | The Web Never Forgets - Persistent Tracking Mechanisms in The Wild | |||
| 2014 | Mobile Device Identification Via Sensor Fingerprinting | |||
| 2014 | Markov Chain Fingerprinting to Classify Encrypted Traffic | |||
| 2013 | WebGL Programming Guide | |||
| 2013 | Mitigating Access-Driven Timing Channels in Clouds using StopWatch | |||
| 2013 | Cookieless Monster - Exploring the Ecosystem of Web-based Device Fingerprinting | |||
| 2012 | Pixel Perfect - Fingerprinting Canvas in HTML5 | |||
| 2012 | Combining Mouse and Keystroke Dynamics Biometrics for Risk Based Authentication in Web Environments | |||
| 2010 | On the Reliability of Wireless Fingerprinting using Clock Skews | |||
| 2009 | Cache Missing For Fun and Profit | |||
| 2008 | An Improved Clock-skew Measurement Technique for Revealing Hidden Services |