Not So Incognito: Exploiting Resource-Based Side Channels in JavaScript Engines

DSpace/Manakin Repository

Not So Incognito: Exploiting Resource-Based Side Channels in JavaScript Engines

Citable link to this page

 

 
Title: Not So Incognito: Exploiting Resource-Based Side Channels in JavaScript Engines
Author: Booth, Jo
Citation: Booth, Jo. 2015. Not So Incognito: Exploiting Resource-Based Side Channels in JavaScript Engines. Bachelor's thesis, Harvard College.
Access Status: Full text of the requested work is not available in DASH at this time (“dark deposit”). For more information on dark deposits, see our FAQ.
Full Text & Related Files:
Abstract: In this thesis, a resource-based side channel vulnerability is shown to exist in the JavaScript engines deployed in today's front-running internet browsers. A remote attack is constructed to exploit this vulnerability at a distance, and three distinct attacker models leveraging the side channel are presented. The platform independence of this attack is established, and the implications of the attack for web security are discussed. An implementation of the attack utilizing classification via machine learning techniques is presented and evaluated. Several mitigation strategies for eliminating the threat are then proposed.
Citable link to this page: http://nrs.harvard.edu/urn-3:HUL.InstRepos:17417578
Downloads of this work:

Show full Dublin Core record

This item appears in the following Collection(s)

 
 

Search DASH


Advanced Search
 
 

Submitters