No boundaries: data exfiltration by third parties embedded on web pages
Proc. Priv. Enhancing Technol., pp. 220-238, 2020.
We investigate data exfiltration by third-party scripts directly embedded on web pages. Specifically, we study three attacks: misuse of browsers’ internal login managers, social data exfiltration, and whole-DOM exfiltration. Although the possibility of these attacks was well known, we provide the first empirical evidence based on measurem...More
Full Text (Upload PDF)
PPT (Upload PPT)