摘要: We describe a class of attacks that can compromise the privacy users’ Web-browsing histories. The allow malicious Web site to determine whether or not user has recently visited some other, unrelated page. page this information by measuring time user’s browser requires perform certain operations. Since browsers various forms caching, required for operations depends on browsing history; paper shows resulting variations convey enough privacy. This attack method also allows other types gathering sites, such as more invasive form “cookies”. we be carried out without victim’s knowledge, and most “anonymous browsing” tools fail prevent them. Other simple countermeasures these attacks. way reengineering
princeton.edu
acm.org
core.ac.uk
jhu.edu 
sci-hub.se 参考文章(4)
Henry Levy, Anna Karlin, Tashana Landray, Denise Pinnel, Alec Wolman, Neal Cardwell, Molly Brown, Geoff Voelker, Nitin Sharma, Organization-based analysis of web-object sharing and caching usenix symposium on internet technologies and systems. pp. 3- 3 ,(1999)
Eran Gabber, Phillip B. Gibbons, Yossi Matias, Alain Mayer, How to Make Personalized Web Browising Simple, Secure, and Anonymous financial cryptography. pp. 17- 32 ,(1997) , 10.1007/3-540-63594-7_64
Michael K. Reiter, Aviel D. Rubin, Crowds: anonymity for Web transactions ACM Transactions on Information and System Security. ,vol. 1, pp. 66- 92 ,(1998) , 10.1145/290163.290168
D.M. Martin, S. Rajagopalan, A.D. Rubin, Blocking Java applets at the firewall network and distributed system security symposium. pp. 16- 26 ,(1997) , 10.1109/NDSS.1997.579215