WebRTC: Your Privacy is at Risk

Andreas Reiter, Alexander Marsalek

Publikation: Beitrag in Buch/Bericht/KonferenzbandBeitrag in einem KonferenzbandBegutachtung


New web technologies are changing the way we interact with the web and with applications. They enable a whole new family of applications for desktop systems but also for mobile devices. The specification of HTML5 and related JavaScript APIs paved the way for rich applications backed by web technologies offering a comparable user experience to native interfaces. Web-based real-time communication (We- bRTC) is the next step towards the elimination of current browser limitations. It enables a direct browser-to-browser or device-to-device communication. In this paper, we are targeting the security and privacy implications imposed by this emerging technology. We developed several attacks on WebRTC, compromising user’s security and privacy, as well as the privacy of other devices in the same network. Our evaluation shows that even though WebRTC is based on a solid security basis, user’s privacy and communication se- curity can be compromised due to several design decisions. For each attack, mitigation strategies are defined where the operation and functionality ofWebRTC are still maintained and user’s privacy is protected.
TitelProceedings of the Symposium on Applied Computing
Herausgeber (Verlag)Association of Computing Machinery
PublikationsstatusVeröffentlicht - 2017


Untersuchen Sie die Forschungsthemen von „WebRTC: Your Privacy is at Risk“. Zusammen bilden sie einen einzigartigen Fingerprint.

Dieses zitieren