, , pp.2018-2019
, Tips for running an exit node, pp.2018-2019
, WebRTC Control, pp.2018-2022
, , pp.2018-2022, 2011.
, WebRTC via 'connect-src' ?, pp.2018-2022, 2013.
, , pp.2018-2022, 2014.
, WebRTC RTCDataChannel can be used for exfiltration, pp.2018-2022, 2016.
, , pp.2018-2022, 2013.
, The Joys of HTML5: Introducing the new HTML5 Hard Disk Filler API, pp.2018-2022, 2013.
, Puppetnets: Misusing Web Browsers As a Distributed Attack Infrastructure, ACM Trans. Inf. Syst. Secur, vol.12, issue.2, 2008.
, Antisocial Networks: Turning a Social Network into a Botnet, Proceedings of the 11th International Conference on Information Security, pp.146-160, 2008.
, Web Code Weakness allows Data Dump on PCs, pp.2018-2022, 2008.
, The PeerJS library, pp.2018-2022, 2012.
, Anonymous communication in the browser via onion-routing, 2015 10th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing, pp.260-267, 2015.
, Web Analytics Benchmarks Report, pp.2018-2022, 2013.
, , pp.2018-2022, 2017.
, Detection and Analysis of Drive-by-download Attacks and Malicious JavaScript Code, Proceedings of the 19th International Conference on World Wide Web, pp.281-290, 2010.
, Tor: The second-generation onion router, Proceedings of the 13th Conference on USENIX Security Symposium, vol.13, pp.21-21, 2004.
, Fingerprintability of WebRTC, Cornell University Library, pp.2018-2022, 2016.
, Evading Censorship with Browser-based Proxies, Proceedings of the 12th International Conference on Privacy Enhancing Technologies, pp.239-258
, , vol.12, 2012.
, , pp.2018-2022, 2013.
, Protecting the intranet against "javascript malware" and related attacks, LNCS, vol.4579, pp.40-59, 2007.
, 25 million flows later: Large-scale detection of dom-based xss, Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, pp.1193-1204, 2013.
, Ravan: JavaScript Distributed Computing System (BETA), pp.2018-2022, 2012.
, Wordpress plugin banned for crypto mining, pp.2018-2019
, You Are What You Include: Large-scale Evaluation of Remote Javascript Inclusions, Proceedings of the 2012 ACM Conference on Computer and Communications Security, pp.736-747, 2012.
, Can Save Us from a Rogue Cross-Origin Storage Browser Network! But for How Long?, Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy, pp.170-172, 2018.
, Local Storage on Steroids: Abusing Web Browsers for Hidden Content Storage and Distribution, Proceedings of the 14th International Conference on Security and Privacy in Communication Networks: SecureComm, 2018.
, Revised Selected Papers, chap. Why Web Servers Should Fear Their Clients, Security and Privacy in Communication Networks: 11th International Conference, pp.401-417, 2015.
, Cryptojacking: 2017 Year-End Review, pp.2018-2019
, Cujo: Efficient Detection and Prevention of Drive-by-download Attacks, Proceedings of the 26th Annual Computer Security Applications Conference, pp.31-39, 2010.
, , pp.2018-2022, 2016.
, YouTube shuts down hidden cryptojacking adverts, pp.2018-2019
, W3C: Same origin policy, pp.2018-2021
, CSP Is Dead, Long Live CSP! On the Insecurity of Whitelists and the Future of Content Security Policy, Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp.1376-1387, 2016.
, Why Is CSP Failing ? Trends and Challenges in CSP Adoption pp, pp.212-233, 2014.