What can you learn from an IP?
ANRW(2019)
摘要
The Internet was not designed with security in mind. A number of recent protocols such as Encrypted DNS, HTTPS, etc. target encrypting critical parts of the web architecture, which can otherwise be exploited by eavesdroppers to infer users' data. But encryption may not necessarily guarantee privacy, especially when it comes to metadata. Emerging standards can protect the contents of both DNS queries and the TLS SNI extensions; however, it might still be possible to determine which websites users are visiting by simply looking at the destination IP addresses on the traffic originating from users' devices. We perform a measurement study to determine the anonymity provided by IP addresses resulting from the multiple sub-queries that are made as a consequence of accessing a particular web page. We show that, in most cases, an adversary can use the IP addresses during a page load as a form of a fingerprint to infer the original site identity.
更多查看译文
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络