Website Fingerprinting Defenses at the Application Layer

Abstract Website Fingerprinting (WF) allows a passive network adversary to learn the websites that a client visits by analyzing traffic patterns that are unique to each website. It has been recently shown that these attacks are particularly effective against .onion sites, anonymous web servers hosted within the Tor network. Given the sensitive nature of the content of these services, the implications of WF on the Tor network are alarming. Prior work has only considered defenses at the client-side arguing that web servers lack of incentives to adopt countermeasures. Furthermore, most of these defenses have been designed to operate on the stream of network packets, making practical deployment difficult. In this paper, we propose two application-level defenses including the first server-side defense against WF, as .onion services have incentives to support it. The other defense is a lightweight client-side defense implemented as a browser add-on, improving ease of deployment over previous approaches. In our evaluations, the server-side defense is able to reduce WF accuracy on Tor .onion sites from 69.6% to 10% and the client-side defense reduces accuracy from 64% to 31.5%.

Download Full-text

A Python-WSGI and PHP-Apache Web Server Performance Analysis by Search Page Generator (SPG)

UKH Journal of Science and Engineering ◽

10.25079/ukhjse.v5n1y2021.pp132-138 ◽

2021 ◽

Vol 5 (1) ◽

pp. 132-138

Author(s):

Hataw Jalal Mohammed ◽

Kamaran Hama Ali Faraj

Keyword(s):

Computer Architecture ◽

Source Code ◽

Web Server ◽

The Other ◽

Web Database ◽

Web Servers ◽

Web Technologies ◽

Server Side ◽

The One ◽

The Web

The web servers (WSGI-Python) and (PHP-Apache) are in middleware tier architecture. Middleware architecture is between frontend tier and backend tier, otherwise it’s a connection between frontend tier and backend tier for three tier architecture. The ELearning systems are designed by two different dynamic web technologies. First is by Python-WSGI and the second is by Personal Home Page (PHP-Apache). The two websites were designed with different open source and cross platform web technologies programming language namely; Python and PHP in the same structure and weight will evaluate perform over two different operating systems (OSs): 1) Windows-16 and 2) Linux-Ubuntu 20.4. Both systems run over the same computer architecture (64bit) as a server side with a common backend MySQL web database for both of them. Nevertheless, the middleware for PHP is a cross Apache MySQL PHP Perl (XAMPP), but the middleware for Python is Pycharm and the web server gateway interface (WSGI). WSGI and Apache are both web servers and this paper will show which of them has a better response time (RT). On the one hand, the experimental results demonstrate that the Python-WSGI is even weightier in Mbyte than PHP-Apache, on the other hand Python is still faster and more accurate than PHP. The designed SPG is by handwriting codes: one time designed the SPG by PHP source code and the other time designed by Python source code. Both Python-WSGI and PHP-Apache results are targeted to compare by the least time in milliseconds and take in to account enhanced performance.

Download Full-text

ANALYZING CLIENT-SIDE ENCRYPTION IMPLEMENTED IN CRYPTDB

Cyberspace Jurnal Pendidikan Teknologi Informasi ◽

10.22373/cs.v2i1.2852 ◽

2018 ◽

Vol 2 (1) ◽

pp. 69

Author(s):

Mira Maisura

Keyword(s):

Data Security ◽

The Other ◽

Application Server ◽

Encryption Scheme ◽

Server Side ◽

Database Server ◽

Encryption And Decryption ◽

Client Side ◽

Outsourced Database

Client side encryption has become one of the choice for data security in outsourced database as it is believed to provide more security than the server side encryption. It allows users to protect their data and prohibit access to that data from unauthorized user. Here, key use for encryption and decryption are all belong and known only to the user. On the other words, data stored in the database are all in encrypted form. CryptDB, a new cryptographic technique, where the system acts as a proxy to protect the communication between the application server and database server, implementing the idea. The aim of this study is to look into more detail about the encryption scheme implemented in CryptDB in 2 different case study, using SEARCH command with the condition given. The result of the study will present how the statement change with the act of proxy, and the encryption scheme implemented here.

Download Full-text

Mitigation of Application Layer DDoS Flood Attack Against Web Servers

Journal of Information Security and Cybercrimes Research ◽

10.26735/16587790.2019.002 ◽

2019 ◽

Vol 2 (1) ◽

Cited By ~ 1

Author(s):

Ahamed Aljuhani ◽

Talal Alharbi ◽

Bradley Taylor

Keyword(s):

Application Layer ◽

Web Servers

Download Full-text

DYNAMIC REST SERVICES ORCHESTRATION USING THE KNOWLEDGE BASE

Visnyk Universytetu “Ukraina” ◽

10.36994/2707-4110-2019-1-22-26 ◽

2019 ◽

Author(s):

Kostyantyn Kharchenko

Keyword(s):

Knowledge Base ◽

Service Oriented Architecture ◽

Main Idea ◽

The Real ◽

Server Side ◽

Service Oriented ◽

Services Orchestration ◽

Client Side ◽

Abstract Operation ◽

Microservice Architecture

The approach to organizing the automated calculations’ execution process using the web services (in particular, REST-services) is reviewed. The given solution will simplify the procedure of introduction of the new functionality in applied systems built according to the service-oriented architecture and microservice architecture principles. The main idea of the proposed solution is in maximum division of the server-side logic development and the client-side logic, when clients are used to set the abstract computation goals without any dependencies to existing applied services. It is proposed to rely on the centralized scheme to organize the computations (named as orchestration) and to put to the knowledge base the set of rules used to build (in multiple steps) the concrete computational scenario from the abstract goal. It is proposed to include the computing task’s execution subsystem to the software architecture of the applied system. This subsystem is composed of the service which is processing the incoming requests for execution, the service registry and the orchestration service. The clients send requests to the execution subsystem without any references to the real-world services to be called. The service registry searches the knowledge base for the corresponding input request template, then the abstract operation description search for the request template is performed. Each abstract operation may already have its implementation in the form of workflow composed of invocations of the real applied services’ operations. In case of absence of the corresponding workflow in the database, this workflow implementation could be synthesized dynamically according to the input and output data and the functionality description of the abstract operation and registered applied services. The workflows are executed by the orchestrator service. Thus, adding some new functions to the client side can be possible without any changes at the server side. And vice versa, adding new services can impact the execution of the calculations without updating the clients.

Download Full-text

Optimized watershed delineation library for server-side and client-side web applications

Open Geospatial Data Software and Standards ◽

10.1186/s40965-019-0068-9 ◽

2019 ◽

Vol 4 (1) ◽

Cited By ~ 3

Author(s):

Muhammed Sit ◽

Yusuf Sermet ◽

Ibrahim Demir

Keyword(s):

Web Applications ◽

Server Side ◽

Watershed Delineation ◽

Client Side

Download Full-text

CADDAC: Multi-Client Collaborative Shape Design System with Server-based Geometry Kernel

Journal of Computing and Information Science in Engineering ◽

10.1115/1.1582882 ◽

2003 ◽

Vol 3 (2) ◽

pp. 170-173 ◽

Cited By ~ 21

Author(s):

Karthik Ramani, ◽

Abhishek Agrawal, and ◽

Mahendra Babu ◽

Christoph Hoffmann

Keyword(s):

Global Economy ◽

Design System ◽

Shape Design ◽

Server Side ◽

Collaborative Product Design ◽

Flexible Architecture ◽

Computationally Intensive ◽

New Feature ◽

Rendering Pipeline ◽

Client Side

New and efficient paradigms for web-based collaborative product design in a global economy will be driven by increased outsourcing, increased competition, and pressures to reduce product development time. We have developed a three-tier (client-server-database) architecture based collaborative shape design system, Computer Aided Distributed Design and Collaboration (CADDAC). CADDAC has a centralized geometry kernel and constraint solver. The server-side provides support for solid modeling, constraint solving operations, data management, and synchronization of clients. The client-side performs real-time creation, modification, and deletion of geometry over the network. In order to keep the clients thin, many computationally intensive operations are performed at the server. Only the graphics rendering pipeline operations are performed at the client-side. A key contribution of this work is a flexible architecture that decouples Application Data (Model), Controllers, Viewers, and Collaboration. This decoupling allows new feature development to be modular and easy to develop and manage.

Download Full-text

The Framework Design of E-Box Multimedia System

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.739.628 ◽

2013 ◽

Vol 739 ◽

pp. 628-631

Author(s):

Xiao Meng Chen ◽

Wei Chang Feng

Keyword(s):

Remote Control ◽

Multimedia System ◽

The Internet ◽

Tv Viewing ◽

Server Side ◽

Framework Design ◽

E Box ◽

Video And Audio ◽

The Rich ◽

Client Side

E-Box multimedia system is developed for the rich audio and video resource on the Internet and on its server side, it can automatically search and integration of network video and audio resources, and send to the client side for the user in real-time broadcast TV viewing, full use of remote control operation, Simply its a very easy to use multimedia system. This article introduces its infrastructure, main technical ideas and you can also see some details about server side and client side.

Download Full-text

A Home Multimedia Control Centers of Improved Design

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.338.796 ◽

2011 ◽

Vol 338 ◽

pp. 796-799

Author(s):

Wei Chang Feng

Keyword(s):

Remote Control ◽

Real Time ◽

Multimedia System ◽

The Internet ◽

Tv Viewing ◽

Server Side ◽

Video And Audio ◽

The Rich ◽

Improved Design ◽

Client Side

E-Yuan multimedia system is developed for the rich audio and video resource on the Internet and on its server side, it can automatically search and integration of network video and audio resources, and send to the client side for the user in real-time broadcast TV viewing, full use of remote control operation, Simply it’s a very easy to use multimedia system. This article introduces its infrastructure, main technical ideas and you can also see some details about server side and client side. At the same time, the improvement on how to collect and integrate video resources is comprehensively elaborated.

Download Full-text

Reducing distributed denial of service (DDoS) attacks using client puzzle mechanism

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i1.1.9473 ◽

2017 ◽

Vol 7 (1.1) ◽

pp. 230

Author(s):

C. Vasan Sai Krishna ◽

Y. Bhuvana ◽

P. Pavan Kumar ◽

R. Murugan

Keyword(s):

Denial Of Service ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Dos Attack ◽

Computing Power ◽

Server Side ◽

Ddos Attack ◽

Client Machine ◽

Client Side

In a typical DoS attack, the attacker tries to bring the server down. In this case, the attacker sends a lot of bogus queries to the server to consume its computing power and bandwidth. As the server’s bandwidth and computing power are always greater than attacker’s client machine, He seeks help from a group of connected computers. DDoS attack involves a lot of client machines which are hijacked by the attacker (together called as botnet). As the server handles all these requests sent by the attacker, all its resources get consumed and it cannot provide services. In this project, we are more concerned about reducing the computing power on the server side by giving the client a puzzle to solve. To prevent such attacks, we use client puzzle mechanism. In this mechanism, we introduce a client-side puzzle which demands the machine to perform tasks that require more resources (computation power). The client’s request is not directly sent to the server. Moreover, there will be an Intermediate Server to monitor all the requests that are being sent to the main server. Before the client’s request is sent to the server, it must solve a puzzle and send the answer. Intermediate Server is used to validate the answer and give access to the client or block the client from accessing the server.

Download Full-text

On distributed concern delivery in user interface design

Computer Science and Information Systems ◽

10.2298/csis141202021c ◽

2015 ◽

Vol 12 (2) ◽

pp. 655-681 ◽

Cited By ~ 14

Author(s):

Tomas Cerny ◽

Miroslav Macik ◽

Michael Donahoo ◽

Jan Janousek

Keyword(s):

User Interface ◽

Interface Design ◽

Web Application ◽

Significant Information ◽

Server Side ◽

Ui Design ◽

Potential Benefits ◽

And Performance ◽

Client Side

Increasing demands on user interface (UI) usability, adaptability, and dynamic behavior drives ever-growing development and maintenance complexity. Traditional UI design techniques result in complex descriptions for data presentations with significant information restatement. In addition, multiple concerns in UI development leads to descriptions that exhibit concern tangling, which results in high fragment replication. Concern-separating approaches address these issues; however, they fail to maintain the separation of concerns for execution tasks like rendering or UI delivery to clients. During the rendering process at the server side, the separation collapses into entangled concerns that are provided to clients. Such client-side entanglement may seem inconsequential since the clients are simply displaying what is sent to them; however, such entanglement compromises client performance as it results in problems such as replication, fragment granularity ill-suited for effective caching, etc. This paper considers advantages brought by concern-separation from both perspectives. It proposes extension to the aspect-oriented UI design with distributed concern delivery (DCD) for client-server applications. Such an extension lessens the serverside involvement in UI assembly and reduces the fragment replication in provided UI descriptions. The server provides clients with individual UI concerns, and they become partially responsible for the UI assembly. This change increases client-side concern reuse and extends caching opportunities, reducing the volume of transmitted information between client and server to improve UI responsiveness and performance. The underlying aspect-oriented UI design automates the server-side derivation of concerns related to data presentations adapted to runtime context, security, conditions, etc. Evaluation of the approach is considered in a case study applying DCD to an existing, production web application. Our results demonstrate decreased volumes of UI descriptions assembled by the server-side and extended client-side caching abilities, reducing required data/fragment transmission, which improves UI responsiveness. Furthermore, we evaluate the potential benefits of DCD integration implications in selected UI frameworks.

Download Full-text