by Erwan Abgrall, Yves Le Traon, Martin Monperrus, Sylvain Gombault, Mario Heiderich and Alain Ribault
Abstract: There are many scenarios in which inferring the type of a client browser is desirable, for instance to fight against session stealing. This is known as browser fingerprinting. This paper presents and evaluates a novel fingerprinting technique to determine the exact nature (browser type and version, eg Firefox 15) of a web-browser, exploiting HTML parser quirks exercised through XSS. Our experiments show that the exact version of a web browser can be determined with 71% of accuracy, and that only 6 tests are sufficient to quickly determine the exact family a web browser belongs to.
View PDFCitations: [citations]
Cite it:
Erwan Abgrall, Yves Le Traon, Martin Monperrus, Sylvain Gombault, Mario Heiderich and Alain Ribault, "XSS-FP: Browser Fingerprinting using HTML Parser Quirks", Technical report, arXiv 1211.4812, 2012.
XSS-FP: Browser Fingerprinting using HTML Parser Quirks
http://arxiv.org/pdf/1211.4812
http://arxiv.org/pdf/1211.4812
[XSS-FP: Browser Fingerprinting using HTML Parser Quirks](http://arxiv.org/pdf/1211.4812)
\href{http://arxiv.org/pdf/1211.4812}{XSS-FP: Browser Fingerprinting using HTML Parser Quirks} % \cite{1211.4812}
Bibtex Entry:
@techreport{1211.4812,
title = {XSS-FP: Browser Fingerprinting using HTML Parser Quirks},
year = {2012},
author = {Erwan Abgrall and Yves Le Traon and Martin Monperrus and Sylvain Gombault and Mario Heiderich and Alain Ribault},
url = {http://arxiv.org/pdf/1211.4812},
number = {1211.4812},
institution = {arXiv},
}
Powered by bibtexbrowser