WebRTC: Your Privacy is at Risk

Andreas Reiter, Alexander Marsalek

Publikation: Beitrag in Buch/Bericht/KonferenzbandBeitrag in einem Konferenzband

Abstract

New web technologies are changing the way we interact with the web and with applications. They enable a whole new family of applications for desktop systems but also for mobile devices. The specification of HTML5 and related JavaScript APIs paved the way for rich applications backed by web technologies offering a comparable user experience to native interfaces. Web-based real-time communication (We- bRTC) is the next step towards the elimination of current browser limitations. It enables a direct browser-to-browser or device-to-device communication. In this paper, we are targeting the security and privacy implications imposed by this emerging technology. We developed several attacks on WebRTC, compromising user’s security and privacy, as well as the privacy of other devices in the same network. Our evaluation shows that even though WebRTC is based on a solid security basis, user’s privacy and communication se- curity can be compromised due to several design decisions. For each attack, mitigation strategies are defined where the operation and functionality ofWebRTC are still maintained and user’s privacy is protected.
Originalspracheenglisch
TitelProceedings of the Symposium on Applied Computing
Herausgeber (Verlag)Association of Computing Machinery
Seiten664-669
PublikationsstatusVeröffentlicht - 2017

Fingerprint Untersuchen Sie die Forschungsthemen von „WebRTC: Your Privacy is at Risk“. Zusammen bilden sie einen einzigartigen Fingerprint.

Dieses zitieren