Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Browser Fingerprinting using Combinatorial Sequence Testing

Published

Author(s)

Bernhard Garn, Dimitris Simos, Stefan Zimmer, David R. Kuhn, Raghu N. Kacker

Abstract

In this paper, we propose an approach for browser fingerprinting using their behavior during the TLS 1.2 handshake with a server. Using combinatorial methods, we created test sets consisting of TLS server-side messages as sequences that are sent to the client as server responses during the TLS handshake. We created an appropriate abstract model of the TLS handshake protocol and used it to map browser behavior to a feature vector and use them to derive a distinguisher. We evaluate our approach with a case study showing that combinatorial properties have an impact on browsers' behavior.
Conference Dates
April 2-3, 2019
Conference Location
Nashville, TN
Conference Title
Hot Topics in the Science of Security

Keywords

combinatorial testing, security testing, browser fingerprinting
Created April 1, 2019, Updated September 11, 2019