AN EFFECTIVE APPROACH FOR PREVENTING INFERENCE ATTACKS IN CYBER SPACE
Keywords:
URL shortening service, privacy leak, inferenceAbstract
Web applications are now widely used for forecasting all kinds of information through a web page accessed via network . Its users habitually approach their websites by means of it's URL and unique domain name , all the sites in cyber space are provided with exclusive domain identity .In this context, URL shortening services are supervened that provide perpetual user easy and defended access, at first a short alias of a long URL for sharing it between trusted parties and also benefits easy remembrance and public click analytics mechanism of shortened URLs. The public click analytics is provided in an aggregated form to preserve the privacy of individual users. In this paper, we propose practical forestalling techniques to find inferring user's who clicks which shortened URLs on our web app. Unlike the conventional browser history stealing attacks, the forestalled attack demands private information without the knowledge of the user and will cause information security breach . Evaluation results show that this attack is more vulnerable when compared with the existing attacks thus we provide inference prevention mechanism for thwarting it .
References
A. Janc and L. Olejnik, “Web browser history detection as a real-world privacy threat,” in Proc. 15th Eur. Conf. Res. Comput. Secur., 2010, pp. 215–231.
S. Krishnan and F. Monrose, “Dns prefetching and its privacy implications: When good things go bad,” in Proc. 3rd USENIX Workshop Large-scale Exploits Emergent Threats, 2010, pp.10–10.
J. Lindamood, R. Heatherly, M. Kantarcioglu, and B. Thuraisingham, “Inferring private information using social network data,” in Proc. 18th Int. World Wide Web Conf. (WWW), 2009.
A. Mislove, B. Viswanath, K. P. Gummadi, and P. Druschel, “You are who you know: Inferring user profiles in online social networks,” in Proc. 3rd ACM Int. Conf. Web Search and Data Mining, 2010, pp. 251–260.
A. Narayanan and V. Shmatikov, “Robust de-anonymization of large sparse data set,” in Proc. IEEE Symp. Secur. Privacy, 2008,
J. Song, S. Lee, and J. Kim, “I know the shortened urls you clicked on twitter: Inference attack using public click analytics and twitter metadata,” in Proc. 22nd Int. World Wide Web Conf., 2013, pp. 1191– 1200.
Z. Weinberg, E. Y. Chen, P. R. Jayaraman, and C. Jackson, “I still know what you visited last summer: Leaking browsing history via user interaction and side channel attacks,” in Proc. IEEE Symp. Secur. Privacy, 2011, pp. 147–161.
G. Wondracek, T. Holz, E. Kirda, and C. Kruegel, “A practical attack to de-anonymize social network users,” in Proc. IEEE Symp. Secur. Privacy, 2010, pp. 223–238.
E. Zheleva and L. Getoor, “To join or not to join: The illusion of privacy in social networks with mixed public and private user profiles,” in Proc. 18th Int. World Wide Web Conf., 2009,
Additional Files
Published
How to Cite
Issue
Section
License
Copyright (c) 2021 International Education and Research Journal (IERJ)
This work is licensed under a Creative Commons Attribution 4.0 International License.