{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,26]],"date-time":"2025-03-26T12:06:44Z","timestamp":1742990804327,"version":"3.40.3"},"publisher-location":"Cham","reference-count":27,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030350543"},{"type":"electronic","value":"9783030350550"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-35055-0_2","type":"book-chapter","created":{"date-parts":[[2019,11,12]],"date-time":"2019-11-12T19:05:21Z","timestamp":1573585521000},"page":"20-36","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["Rotten Cellar: Security and Privacy of the Browser Cache Revisited"],"prefix":"10.1007","author":[{"given":"Florian","family":"Dehling","sequence":"first","affiliation":[]},{"given":"Tobias","family":"Mengel","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7863-0622","authenticated-orcid":false,"given":"Luigi","family":"Lo Iacono","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,11,13]]},"reference":[{"unstructured":"Chrome APIs - Google Chrome. \nhttps:\/\/developer.chrome.com\/extensions\/api_index\n\n. Accessed 05 Sept 2019","key":"2_CR1"},{"unstructured":"chrome.webRequest - Google Chrome. \nhttps:\/\/developer.chrome.com\/extensions\/webRequest\n\n. Accessed 05 Sept 2019","key":"2_CR2"},{"unstructured":"Double-keyed HTTP cache Issue #904 whatwg\/fetch. \nhttps:\/\/github.com\/whatwg\/fetch\/issues\/904\n\n. Accessed 05 Sept 2019","key":"2_CR3"},{"unstructured":"Partition the HTTP Cache - Chrome Platform Status. \nhttps:\/\/www.chromestatus.com\/feature\/5730772021411840\n\n. Accessed Sept 05 2019","key":"2_CR4"},{"unstructured":"WebExtensions. \nhttps:\/\/developer.mozilla.org\/de\/docs\/Mozilla\/Add-ons\/WebExtensions\n\n. Accessed 05 Sept 2019","key":"2_CR5"},{"unstructured":"Firefox user 13863091: Cache it out. \nhttps:\/\/addons.mozilla.org\/en-US\/firefox\/addon\/cache-it-out\/\n\n. Accessed 05 Sept 2019","key":"2_CR6"},{"unstructured":"Akhawe, D., Braun, F., Marier, F., Weinberger, J.: Subresource Integrity. W3c Reccomendation, W3C (2016). \nhttps:\/\/www.w3.org\/TR\/SRI\/\n\n. Accessed 05 Sept 2019","key":"2_CR7"},{"key":"2_CR8","series-title":"IFIP Advances in Information and Communication Technology","doi-asserted-by":"publisher","first-page":"97","DOI":"10.1007\/978-3-319-18467-8_7","volume-title":"ICT Systems Security and Privacy Protection","author":"C Bansal","year":"2015","unstructured":"Bansal, C., Preibusch, S., Milic-Frayling, N.: Cache timing attacks revisited: efficient and repeatable browser history, OS and network sniffing. In: Federrath, H., Gollmann, D. (eds.) SEC 2015. IAICT, vol. 455, pp. 97\u2013111. Springer, Cham (2015). \nhttps:\/\/doi.org\/10.1007\/978-3-319-18467-8_7"},{"unstructured":"Digital, b.: Opera extension to disable browser cache, perfect for developers: biati-digital\/opera-disable-cache. \nhttps:\/\/github.com\/biati-digital\/Opera-disable-cache\n\n. Accessed 05 Sept 2019","key":"2_CR9"},{"doi-asserted-by":"publisher","unstructured":"Felten, E.W., Schneider, M.A.: Timing attacks on web privacy. In: Proceedings of the 7th ACM Conference on Computer and Communications Security, CCS 2000, Athens, Greece, pp. 25\u201332. ACM, New York (2000). \nhttps:\/\/doi.org\/10.1145\/352600.352606","key":"2_CR10","DOI":"10.1145\/352600.352606"},{"doi-asserted-by":"crossref","unstructured":"Fielding, M.N.R., Reschke, J.: RFC 7234: hypertext transfer protocol (HTTP\/1.1): caching. Technical report RFC 7234, IETF (2014)","key":"2_CR11","DOI":"10.17487\/rfc7234"},{"doi-asserted-by":"crossref","unstructured":"Fielding, R., et al.: RFC 2616: hypertext transfer protocol-(HTTP\/1.1). Technical report RFC 2616, IETF (1999)","key":"2_CR12","DOI":"10.17487\/rfc2616"},{"doi-asserted-by":"crossref","unstructured":"Fielding, R., Reschke, J.: RFC 7232: hypertext transfer protocol (HTTP\/1.1): conditional requests. Technical report RFC 7232, IETF (2014)","key":"2_CR13","DOI":"10.17487\/rfc7232"},{"unstructured":"Fleischer, G.: Implementing web tracking. In: Black Hat USA 2012 Conference Briefings, pp. 1\u201337 (2012)","key":"2_CR14"},{"key":"2_CR15","doi-asserted-by":"publisher","first-page":"62","DOI":"10.1016\/j.cose.2015.07.004","volume":"55","author":"Y Jia","year":"2015","unstructured":"Jia, Y., Chen, Y., Dong, X., Saxena, P., Mao, J., Liang, Z.: Man-in-the-browser-cache: persisting HTTPS attacks via browser cache poisoning. Comput. Secur. 55, 62\u201380 (2015). \nhttps:\/\/doi.org\/10.1016\/j.cose.2015.07.004","journal-title":"Comput. Secur."},{"issue":"1","key":"2_CR16","doi-asserted-by":"publisher","first-page":"44","DOI":"10.1109\/MIC.2014.103","volume":"19","author":"Y Jia","year":"2015","unstructured":"Jia, Y., Dong, X., Liang, Z., Saxena, P.: I know where you\u2019ve been: geo-inference attacks via the browser cache. IEEE Internet Comput. 19(1), 44\u201353 (2015). \nhttps:\/\/doi.org\/10.1109\/MIC.2014.103","journal-title":"IEEE Internet Comput."},{"doi-asserted-by":"publisher","unstructured":"Juels, A., Jakobsson, M., Jagatic, T.N.: Cache cookies for browser authentication. In: 2006 IEEE Symposium on Security and Privacy (S P 2006), pp. 5\u2013305, May 2006. \nhttps:\/\/doi.org\/10.1109\/SP.2006.8","key":"2_CR17","DOI":"10.1109\/SP.2006.8"},{"unstructured":"Khachatryan, A.: Power cache. \nhttps:\/\/chrome.google.com\/webstore\/detail\/power-cache\/famkodflhompmapangljedfdcfeligih?hl=de\n\n. Accessed 05 Sept 2019","key":"2_CR18"},{"unstructured":"Kuppan, L.: Attacking with HTML5 (2010). \nhttps:\/\/media.blackhat.com\/bh-ad-10\/Kuppan\/Blackhat-AD-2010-Kuppan-Attacking-with-HTML5-wp.pdf\n\n. Accessed 05 Sept 2019","key":"2_CR19"},{"doi-asserted-by":"publisher","unstructured":"Le Pochat, V., Van Goethem, T., Tajalizadehkhoob, S., Korczynski, M., Joosen, W.: Tranco: a research-oriented top sites ranking hardened against manipulation. In: Proceedings 2019 Network and Distributed System Security Symposium, San Diego, CA. Internet Society (2019). \nhttps:\/\/doi.org\/10.14722\/ndss.2019.23386","key":"2_CR20","DOI":"10.14722\/ndss.2019.23386"},{"unstructured":"Mathur, T.: Super-cache. \nhttps:\/\/chrome.google.com\/webstore\/detail\/super-cache\/fglobbnbihckpkodmeefhagijjcjnbeh?hl=de\n\n. Accessed 05 Sept 2019","key":"2_CR21"},{"doi-asserted-by":"publisher","unstructured":"Nguyen, H.V., Lo Iacono, L., Federrath, H.: Systematic analysis of web browser caches. In: Proceedings of the 2nd International Conference on Web Studies, WS.2 2018, Paris, France, pp. 64\u201371. ACM, New York (2018). \nhttps:\/\/doi.org\/10.1145\/3240431.3240443","key":"2_CR22","DOI":"10.1145\/3240431.3240443"},{"unstructured":"Odvarko, J., Jain, A., Davies, A.: HTTP Archive (HAR) format (2019). \nhttps:\/\/w3c.github.io\/web-performance\/specs\/HAR\/Overview.html\n\n Accessed 05 Sept 2019","key":"2_CR23"},{"unstructured":"Oluwaseye: No cache. \nhttps:\/\/chrome.google.com\/webstore\/detail\/no-cache\/hckocmggmdfdnjjomghmhllibmdobdll\n\n. Accessed 05 Sept 2019","key":"2_CR24"},{"unstructured":"Reimer, M.: Toggle cache. \nhttps:\/\/addons.mozilla.org\/de\/firefox\/addon\/togglecache\/?src=search\n\n. Accessed 05 Sept 2019","key":"2_CR25"},{"unstructured":"Saltzman, R., Sharabani, A.: Active man in the middle attacks. OWASP AU (2009). \nhttp:\/\/www.security-science.com\/pdf\/active-man-in-the-middle.pdf\n\n. Accessed 05 Sept 2019","key":"2_CR26"},{"unstructured":"Whitten, A., Tygar, J.D.: Why Johnny can\u2019t encrypt: a usability evaluation of PGP 5.0. In: Proceedings of the 8th Conference on USENIX Security Symposium, vol. 8, SSYM 1999, Washington, D.C., pp. 14\u201314. USENIX Association, Berkeley (1999). \nhttp:\/\/dl.acm.org\/citation.cfm?id=1251421.1251435","key":"2_CR27"}],"container-title":["Lecture Notes in Computer Science","Secure IT Systems"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-35055-0_2","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,12,4]],"date-time":"2019-12-04T06:04:39Z","timestamp":1575439479000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-35055-0_2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030350543","9783030350550"],"references-count":27,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-35055-0_2","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"13 November 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"NordSec","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Nordic Conference on Secure IT Systems","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Aalborg","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Denmark","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18 November 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20 November 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"24","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"nordsec2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/nordsec2019.cs.aau.dk\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"32","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"17","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"53% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2.9","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}