Current events: Identifying webpages by tapping the electrical outlet
作者: Shane S. Clark , Hossen Mustafa , Benjamin Ransford , Jacob Sorber , Kevin Fu
DOI: 10.1007/978-3-642-40203-6_39
关键词:
摘要: Computers plugged into power outlets leak identifiable information by drawing variable amounts of when performing different tasks. This work examines the extent to which this side channel leaks private about web browsing an observer taking measurements at outlet. Using direct AC consumption with instrumented outlet, we construct a classifier that correctly identifies unlabeled traces webpage activity from set 51 candidates 99% precision and recall. The rejects samples 441 pages outside corpus false-positive rate less than 2%. It is also robust number variations in loading conditions, including encryption. When trained on two computers same webpage, labels further either computer. We identify several reasons for consistently recognizable consumption, system calls, propose countermeasures limit leakage information. Characterizing may help lead practical protect user privacy untrustworthy infrastructure.
springer.com
sharps.org 参考文章(41)
Ioannis Katakis, Grigorios Tsoumakas, Multi-Label Classification. Database Technologies: Concepts, Methodologies, Tools, and Applications. pp. 309- 319 ,(2009)
Timo Kasper, David Oswald, Christof Paar, EM Side-Channel Attacks on Commercial Contactless Smartcards Using Low-Cost Equipment Information Security Applications. pp. 79- 93 ,(2009) , 10.1007/978-3-642-10838-9_7
Fabian Monrose, Charles V. Wright, Lucas Ballard, Gerald M. Masson, Language identification of encrypted VoIP traffic: Alejandra y Roberto or Alice and Bob? usenix security symposium. pp. 4- ,(2007)
David Mazières, Eric Freudenthal, Michael J. Freedman, Democratizing content publication with coral networked systems design and implementation. pp. 18- 18 ,(2004)
Benjamin Ransford, Kevin Fu, Shane S. Clark, Potentia est scientia: security and privacy implications of energy-proportional computing usenix conference on hot topics in security. pp. 3- 3 ,(2012)
Gregory D. Abowd, Aruna Seneviratne, John Krumm, Thomas Strang, Ubicomp 2007: Ubiquitous Computing ,(2008)
Markus G. Kuhn, Security limits for compromising emanations cryptographic hardware and embedded systems. pp. 265- 279 ,(2005) , 10.1007/11545262_20
Fabian Monrose, Srinivas Krishnan, DNS prefetching and its privacy implications: when good things go bad usenix conference on large scale exploits and emergent threats. pp. 10- 10 ,(2010)
Liming Lu, Ee-Chien Chang, Mun Choon Chan, Website fingerprinting and identification using ordered feature sequences european symposium on research in computer security. pp. 199- 214 ,(2010) , 10.1007/978-3-642-15497-3_13
Markus G. Kuhn, Electromagnetic eavesdropping risks of flat-panel displays privacy enhancing technologies. pp. 88- 107 ,(2004) , 10.1007/11423409_7