YoVDO

The Timing Attacks They Are A-Changin' - Web-based and Browser-based Timing Attack Techniques

Offered By: OWASP Foundation via YouTube

Tags

Web Security Courses Application Security Courses Same-Origin Policy Courses Timing Attacks Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the evolving landscape of timing attacks in web security through this 42-minute conference talk from AppSecEU 2016 in Rome. Delve into various timing attack concepts, including the Drunkenness Timing Attack and its experimental results. Examine web-based timing attacks, their relationship to the Same-Origin Policy, and classic cross-site timing attacks. Investigate browser-based timing attacks, such as the Video Parsing Attack, Cache Storing Attack, and Age-discovery Attack. Learn about additional attack vectors, mitigation strategies, and engage in a Q&A session to deepen your understanding of this critical aspect of application security.

Syllabus

APPSEC EUROPE
TID TIMING ATTACKS
Timing Attack Concept
Drunkenness Timing Attack
The Experiment Part 2
Web-based Timing Attacks
Same-Origin Policy
Classic Cross-site Timing Attacks
Browser-based Timing Attacks
Video Parsing Attack
Cache Storing Attack
Age-discovery Attack
Moar Attacks
Mitigation
Conclusion
Questions?


Taught by

OWASP Foundation

Related Courses

Web Security: Same-Origin Policies
LinkedIn Learning Client-Side Protection Against DOM-Based XSS Done Right
OWASP Foundation via YouTube CSP Pitfalls and Gotchas
OWASP Foundation via YouTube The "Web/Local" Boundary Is Fuzzy - A Security Study of Chrome's Process-based Sandboxing
Association for Computing Machinery (ACM) via YouTube Browsers Gone Wild
Black Hat via YouTube