User privacy enhancement in modern web applications
Authors
Advisors
Issue Date
Type
Keywords
Citation
Abstract
It has been shown recently that a vast majority of modern web applications are prone to compromising privacy of online activity of their users due to the applications' vulnerability to analysis of unique network traffic patterns generated by them for user input actions. Such vulnerability usually results from popular convenience features, like autosuggestion and auto-completion. We present a configurable method for achieving a desired level of user privacy in such applications. Our method, based on padding packets with dummy content, incurs no data utility expense, and effectively thwarts attacks that employ background information about input action probabilities. We present an algorithm that makes intelligent, minimal-cost padding decisions during the application development phase. In comparison with a recent existing technique, our method provides privacy at the expense of provably lower run-time network bandwidth overhead.