Publicaties
Gekozen filters:
Gekozen filters:
The CNAME of the Game: Large-scale Analysis of DNS-based Tracking Evasion KU Leuven
Online tracking is a whack-a-mole game between trackers who build and monetize behavioral user profiles through intrusive data collection, and anti-tracking mechanisms, deployed as a browser extension, built-in to the browser, or as a DNS resolver. As a response to pervasive and opaque online tracking, more and more users adopt anti-tracking tools to preserve their privacy. Consequently, as the information that trackers can gather on users is ...
IoT Inspector: Crowdsourcing Labeled Network Traffic from Smart Home Devices at Scale KU Leuven
The proliferation of smart home devices has created new opportunities for empirical research in ubiquitous computing, ranging from security and privacy to personal health. Yet, data from smart home deployments are hard to come by, and existing empirical studies of smart home devices typically involve only a small number of devices in lab settings. To contribute to data-driven smart home research, we crowdsource the largest known dataset of ...
Web-based attacks to discover and control local IoT devices KU Leuven
© 2018 Association for Computing Machinery. In this paper, we present two web-based attacks against local IoT devices that any malicious web page or third-party script can perform, even when the devices are behind NATs. In our attack scenario, a victim visits the attacker's website, which contains a malicious script that communicates with IoT devices on the local network that have open HTTP servers. We show how the malicious script can ...
Online Tracking Technologies and Web Privacy KU Leuven
In my PhD thesis, I would like to study the problem of online privacy with a focus on Web and mobile applications. Key research questions to be addressed by my study are the following: How can we formalize and quantify web tracking? What are the threats presented against privacy by different tracking techniques such as browser fingerprinting and cookie based tracking? What kind of privacy enhancing technologies (PET) can be used to ensure ...
How Unique is Your .onion? An Analysis of the Fingerprintability of Tor Onion Services KU Leuven
© 2017 author(s). Recent studies have shown that Tor onion (hidden) service websites are particularly vulnerable to website ingerprinting attacks due to their limited number and sensitive nature. In this work we present a multi-level feature analysis of onion site ingerprintability, considering three state-of-the-art website ingerprinting methods and 482 Tor onion services, making this the largest analysis of this kind completed on onion ...
Shopping for privacy: Purchase details leaked to PayPal KU Leuven
© 2015 Elsevier B.V. We present a new form of online tracking: explicit, yet unnecessary leakage of personal information and detailed shopping habits from online merchants to payment providers. In contrast to the widely debated tracking of Web browsing, online shops make it impossible for their customers to avoid this dissemination of their data. We record and analyse leakage patterns for the 881 most popular US Web shops sampled from actual Web ...
Leaky Birds: Exploiting Mobile Application Traffic for Surveillance KU Leuven
© International Financial Cryptography Association 2017. Over the last decade, mobile devices and mobile applications have become pervasive in their usage. Although many privacy risks associated with mobile applications have been investigated, prior work mainly focuses on the collection of user information by application developers and advertisers. Inspired by the Snowden revelations, we study the ways mobile applications enable mass ...