The Timing Attacks They Are A-Changin' - Web-based and Browser-based Timing Attack Techniques
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore the evolving landscape of timing attacks in web security through this 42-minute conference talk from AppSecEU 2016 in Rome. Delve into various timing attack concepts, including the Drunkenness Timing Attack and its experimental results. Examine web-based timing attacks, their relationship to the Same-Origin Policy, and classic cross-site timing attacks. Investigate browser-based timing attacks, such as the Video Parsing Attack, Cache Storing Attack, and Age-discovery Attack. Learn about additional attack vectors, mitigation strategies, and engage in a Q&A session to deepen your understanding of this critical aspect of application security.
Syllabus
APPSEC EUROPE
TID TIMING ATTACKS
Timing Attack Concept
Drunkenness Timing Attack
The Experiment Part 2
Web-based Timing Attacks
Same-Origin Policy
Classic Cross-site Timing Attacks
Browser-based Timing Attacks
Video Parsing Attack
Cache Storing Attack
Age-discovery Attack
Moar Attacks
Mitigation
Conclusion
Questions?
Taught by
OWASP Foundation
Related Courses
Learn Admin Fundamentals in Marketing CloudSalesforce via Trailhead Basic Cryptography and Programming with Crypto API
University of Colorado System via Coursera User Authentication & Authorization in Express
Codecademy Introduction to Web Authentication
World Wide Web Consortium (W3C) via edX Escudo Digital: Ciberseguridad para Protección de Datos y Sistemas
Universidad Anáhuac via edX