Volltext-Downloads (blau) und Frontdoor-Views (grau)

Rotten Cellar: Security and Privacy of the Browser Cache Revisited

  • Web browsers use HTTP caches to reduce the amount of data to be transferred over the network and allow Web pages to load faster. Content such as scripts, images, and style sheets, which are static most of the time or shared across multiple websites, are stored and loaded locally when recurring requests ask for cached resources. This behaviour can be exploited if the cache is based on a naive implementation. This paper summarises possible attacks on the browser cache and shows through extensive experiments that even modern web browsers still do not provide enough safeguards to protect their users. Moreover, the available built-in as well as addable cache controls offer rather limited functionality in terms of protection and ease of use. Due to the volatile and inhomogeneous APIs for controlling the cache in modern browsers, the development of enhanced user-centric cache controls remains -until further notice- in the hands of browser manufacturers.

Volltext Dateien herunterladen

Metadaten exportieren

Weitere Dienste

Teilen auf Twitter Suche bei Google Scholar


Verfasserangaben:Florian Dehling, Tobias Mengel, Luigi Lo Iacono
Angaben zur Erstveröffentlichung:24th Nordic Conference on Secure IT Systems (NordSec 2019), Aalborg, Denmark, November 18–20, 2019, Proceedings, Lecture Notes in Computer Science, vol. 11875
Datum des Hochladens:30.10.2019
GND-Schlagwort:Browser; Privatheit; Security+-Zertifikat
Freies Schlagwort / Tag:Browser Cache; Privacy; Security
Fakultäten und Zentrale Einrichtungen:Informations-, Medien- und Elektrotechnik (F07) / Fakultät 07 / Institut für Medien- und Phototechnik
CCS-Klassifikation:C. Computer Systems Organization / C.2 COMPUTER-COMMUNICATION NETWORKS / C.2.0 General / Security and protection (e.g., firewalls) (REVISED)
DDC-Sachgruppen:000 Allgemeines, Informatik, Informationswissenschaft
Open Access:Open Access
Lizenz (Deutsch):License LogoEs gilt das UrhG