Dark Knowledge

😈📚 A curated library of research papers and presentations for counter-detection and web privacy enthusiasts.

Year	Title	Topics	Authors
2023	A Two-Step TLS-Based Browser fingerprinting approach using combinatorial sequences	Fingerprint, TLS, Combinatorics	Bernhard Garn, Stefan Zauner, Dimitris E. Simos, Manuel Leithner, Richard Kuhn, Raghu Kacker
2022	AudioContext Browser Fingerprinting	AudioContext, ML, Device Verification, Device Identification	Josef Frola
2022	Browser-based CPU Fingerprinting	CPU Fingerprinting, Timing Attacks	Leon Trampert, Christian Rossow, Michael Schwarz
2022	DRAWNAPART - A Device Identification Technique based on Remote GPU Fingerprinting
2022	Phish in Sheeps Clothing Exploring Pitfalls of Browser Fingerprinting
2022	SMS PVA - An Underground Service Enabling Threat Actors to Register Bulk Fake Accounts
2021	Device Fingerprinting with Peripheral Timestamps
2021	Fingerprinting in Style - Detecting Browser Extensions via Injected Style Sheets
2021	JA3cury - A New Approach to TLS Fingerprinting by Merging Fingerprinting Methods
2021	JARM Randomizer - Evading JARM Fingerprinting
2021	ML-CB - Machine Learning Canvas Block
2021	On Reliability of JA3 Hashes for Fingerprinting Mobile Applications
2021	OS Fingerprinting and Tethering Detection in Mobile Networks
2021	Tales of FAVICONS and Caches - Persistent Tracking in Modern Browsers
2021	The CNAME of the Game - Large-scale Analysis of DNS-based Tracking Evasion	DNS	Yana Dimova
2021	TypeNet - Deep Learning Keystrong Biometrics
2021	Your Phone is My Proxy - Detecting and Understanding Mobile Proxy Networks
2020	3d Red Pill - A Guest-to-Host Escape on QEMUKVM Virtio Devices
2020	Accurate TLS Fingerprinting using Destination Context and Knowledge Bases
2020	Awakening the Web’s Sleeper Agents - Misusing Service Workers for Privacy Leakage
2020	BeCAPTCHA-Mouse - Synthetic Mouse Trajectories and Improved Bot Detection
2020	Browser Fingerprint Standardization Using Rule Based Algorithm and Multi-Class Entropy
2020	Carnus - Exploring the Privacy Threats of Browser Extension Fingerprinting
2020	Characterizing Anomalies in Malware-Generated HTTP Traffic
2020	Clash of the Trackers - Measuring the Evolution of the Online Tracking Ecosystem
2020	Combining Behavioural Biometrics and Session Context Analytics to Enhance Risk Based Static Authentication in Web Applications
2020	Deobfuscation, Unpacking, And Decoding of Obfuscated Malicious JavaScript For Machine Learning Models Detection Performance Improvement
2020	Don’t count me out - On the relevance of IP addresses in the tracking ecosystem
2020	EssentialFP - Exposing the Essence of Browser Fingerprinting
2020	Fingerprinting the Fingerprinters - Learning to Detect Browser Fingerprinting Behaviors
2020	Fingerprinting With Atomic Counters in Upcoming Web Graphics Compute APIs
2020	FP-Crawlers - Studying the Resilience of Browser Fingerprinting to Block Crawlers
2020	FPSelect - Low-Cost Browser Fingerprints for Mitigating Dictionary Attacks against Web Authentication Mechanisms
2020	Guess Who - Large-Scale Data-Centric Study of the Adequacy of Browser Fingerprints for Web Authentication
2020	Inside The Black Box - A Glimpse Of Google’s Internal Data Free-For-All
2020	Leveraging Frequency Analysis for Deep Fake Image Recognition
2020	Neither Denied nor Exposed Fixing WebRTC
2020	Poking a Hole in the Wall - Censorship-Resistant Internet Communications by Parasitizing on WebRTC
2020	Remote physical device fingerprinting
2020	SenCAPTCHA - A Mobile-First CAPTCHA Using Orientation Sensors
2020	Taming the Shape Shifter - Detecting Anti-Fingerprinting Browsers
2020	Timeless Timing Attacks - Exploiting Concurrency to Leak Secrets over Remote Connections
2020	TLS Fingerprinting Techniques
2020	Using Generative Adversarial Networks to Break and Protect Text CAPTCHAs
2020	Using TLS Fingerprints for OS Identification in Encrypted Traffic
2020	Web Applications Security and Privacy
2020	Web Browser Privacy - What Do Browsers Say When They Phone Home
2020	Web Runner 2049 - Evaluating Third-Party Anti-Bot Services
2019	After You, Please - Browser Extensions Order Attacks and Countermeasures
2019	An Investigation on Information Leakage of DNS over TLS
2019	Analyzing and Improving the Image Quality of StyleGAN
2019	Browser Fingerprinting - A Survey
2019	Browser Fingerprinting - Exploring Device Diversity to Augment Authentication and Build Client-Side Countermeasures
2019	Even Turing Should Sometimes Not Be Able To Tell - Mimicking Humanoid Usage Behavior for Exploratory Studies of Online Services
2019	Fourier Spectrum Discrepancies in Deep Network Generated Images
2019	From IP ID To Device ID and KASLR Bypass
2019	Hacking Google reCAPTCHA v3 using Reinforcement Learning
2019	Improving the Testing Efficiency of Selenium-based Load Tests
2019	JavaScript Template Attacks - Automatically Inferring Host Information for Targeted Exploits
2019	Leveraging WebAssembly for Numerical JavaScript Code Virtualization
2019	Monsters in the Middleboxes - Building Tools for Detecting HTTPS Interception
2019	Morelian Analysis for Browsers - Making Web Authentication Stronger with Canvas Fingerprinting
2019	Passive OS Fingerprinting by DNS Traffic Analysis
2019	Preventing Browser Fingerprinting by Randomizing Canvas
2019	Rendered Private - Making GLSL Execution Uniform to Prevent WebGL-based Browser Fingerprinting
2019	Resident Evil - Understanding Residential IP Proxy as a Dark Service
2019	SoK - In Search of Lost Time - A Review of JavaScript Timers in Browsers
2019	Talon - An Automated Framework for Cross-Device Tracking Detection
2019	The Generation and Use of TLS Fingerprints
2019	Tracking Versus Security - Investigating the Two Facets of Browser Fingerprinting
2019	VisibleV8 - In-browser Monitoring of JavaScript in the Wild
2018	Browser Fingerprinting - Exploring Device Diversity to Augment Authentification and Build Client-Side Countermeasures
2018	Clock Around the Clock - Time-Based Device Fingerprinting
2018	Detecting Social Spamming on Facebook Platform
2018	Evaluating Server-Side Internet Proxy Detection Methods
2018	Fingerprinting Mobile Browsers
2018	FP-STALKER - Tracking Browser Fingerprint Evolutions
2018	Hiding in The Crowd - An Analysis of the Effectiveness of Browser Fingerprinting At Large Scale
2018	JavaScript Zero - Real JavaScript and Zero Side-Channel Attacks
2018	Pride and Prejudice in Progressive Web Apps - Abusing Native App-like Features in Web Applications
2018	Rendered Insecure - GPU Side Channel Attacks are Practical
2018	Who Changed my Browser Settings
2018	Who Left Open the Cookie Jar - A Comprehensive Evaluation of Third-Party Cookie Policies
2017	(Cross-)Browser Fingerprinting via OS and Hardware Level Features
2017	DECANTeR - DEteCtion of Anomalous outbouNd HTTP TRaffic by Passive Application Fingerprinting
2017	Deterministic Browser
2017	Fantastic Timers and Where to Find Them - High-Resolution Microarchitectural Attacks in JavaScript
2017	FpRandom - Randomizing Core Browser Objects to Break Advanced Device Fingerprinting Techniques
2017	Most Websites Don’t Need to Vibrate - A Cost–Benefit Approach to Improving Browser Security
2017	The All Seeing Eye - Web to App Intercommunication for Session Fingerprinting in Android
2017	The Security Impact of HTTPS Interception
2017	Tracking You through DNS Traffic - Linking User Sessions by Clustering with Dirichlet Mixture Model
2016	A 1-million-site Measurement and Analysis
2016	Beauty and the Beast - Diverting Modern Web Browsers To Build Unique Browser Fingerprints
2016	Browser Fingerprinting - Hraska
2016	Cloud Fingerprinting - Using Clock Skews To Determine Co-Location of Virtual Machines
2016	I Am Robot - (Deep) Learning to Break Semantic Image CAPTCHAs
2016	I’m not a human - Breaking the Google reCAPTCHA
2016	Picasso - Lightweight Device Class Fingerprinting For Web Clients
2016	The Security of WebRTC
2016	Trusted Browsers For Uncertain Times
2016	Tunneling for Transparency A Large-Scale Analysis of End-to-End Violations in the Internet
2016	Web browser fingerprinting a framework for measuring the web browser
2015	Deterministically Deterring Timing Attacks in Deterland
2015	FpGuard - Detection and Prevention of Browser Fingerprinting
2015	Mitigating browser fingerprint tracking
2015	Network-based HTTPS Client Identification Using SSL TLS Fingerprinting
2015	The Clock is Still Ticking - Timing Attacks in the Modern Web
2015	Tick Tock - Building Browser Red Pills from Timing Side Channels
2015	You Are How You Query - Deriving Behavioral Fingerprints From DNS Traffic
2014	Markov Chain Fingerprinting to Classify Encrypted Traffic
2014	Mobile Device Identification Via Sensor Fingerprinting
2014	The Web Never Forgets - Persistent Tracking Mechanisms in The Wild
2013	Cookieless Monster - Exploring the Ecosystem of Web-based Device Fingerprinting
2013	Mitigating Access-Driven Timing Channels in Clouds using StopWatch
2013	WebGL Programming Guide
2012	Combining Mouse and Keystroke Dynamics Biometrics for Risk Based Authentication in Web Environments
2012	Pixel Perfect - Fingerprinting Canvas in HTML5
2010	On the Reliability of Wireless Fingerprinting using Clock Skews
2009	Cache Missing For Fun and Profit
2008	An Improved Clock-skew Measurement Technique for Revealing Hidden Services