DC Field | Value | Language |
---|---|---|
dc.contributor.author | Lee, Jiyeon | ko |
dc.contributor.author | Kim, Hayeon | ko |
dc.contributor.author | Park,Junghwan | ko |
dc.contributor.author | Shin, Insik | ko |
dc.contributor.author | Son, Sooel | ko |
dc.date.accessioned | 2018-11-22T06:47:35Z | - |
dc.date.available | 2018-11-22T06:47:35Z | - |
dc.date.created | 2018-11-18 | - |
dc.date.created | 2018-11-18 | - |
dc.date.created | 2018-11-18 | - |
dc.date.created | 2018-11-18 | - |
dc.date.created | 2018-11-18 | - |
dc.date.issued | 2018-10-18 | - |
dc.identifier.citation | 25th ACM Conference on Computer and Communications Security, CCS 2018, pp.1731 - 1746 | - |
dc.identifier.uri | http://hdl.handle.net/10203/246773 | - |
dc.description.abstract | Progressive Web App (PWA) is a new generation of Web application designed to provide native app-like browsing experiences even when a browser is offline. PWAs make full use of new HTML5 features which include push notification, cache, and service worker to provide short-latency and rich Web browsing experiences. We conduct the first systematic study of the security and privacy aspects unique to PWAs. We identify security flaws in main browsers as well as design flaws in popular third-party push services, that exacerbate the phishing risk. We introduce a new sidechannel attack that infers the victim’s history of visited PWAs. The proposed attack exploits the offline browsing feature of PWAs using a cache. We demonstrate a cryptocurrency mining attack which abuses service workers. Defenses and recommendations to mitigate the identified security and privacy risks are suggested with in-depth understanding. | - |
dc.language | English | - |
dc.publisher | Association for Computing Machinery | - |
dc.title | Pride and Prejudice in Progressive Web Apps: Abusing Native App-like Features in Web Applications | - |
dc.type | Conference | - |
dc.identifier.wosid | 000461315900110 | - |
dc.identifier.scopusid | 2-s2.0-85056859807 | - |
dc.type.rims | CONF | - |
dc.citation.beginningpage | 1731 | - |
dc.citation.endingpage | 1746 | - |
dc.citation.publicationname | 25th ACM Conference on Computer and Communications Security, CCS 2018 | - |
dc.identifier.conferencecountry | CN | - |
dc.identifier.conferencelocation | Toronto, Canada | - |
dc.identifier.doi | 10.1145/3243734.3243867 | - |
dc.contributor.localauthor | Shin, Insik | - |
dc.contributor.localauthor | Son, Sooel | - |
dc.contributor.nonIdAuthor | Lee, Jiyeon | - |
dc.contributor.nonIdAuthor | Kim, Hayeon | - |
dc.contributor.nonIdAuthor | Park,Junghwan | - |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.