{"id":"https://openalex.org/W3208507413","doi":"https://doi.org/10.1109/sp46214.2022.9833710","title":"Timing-Based Browsing Privacy Vulnerabilities Via Site Isolation","display_name":"Timing-Based Browsing Privacy Vulnerabilities Via Site Isolation","publication_year":2022,"publication_date":"2022-05-01","ids":{"openalex":"https://openalex.org/W3208507413","doi":"https://doi.org/10.1109/sp46214.2022.9833710","mag":"3208507413"},"language":"en","primary_location":{"id":"doi:10.1109/sp46214.2022.9833710","is_oa":false,"landing_page_url":"https://doi.org/10.1109/sp46214.2022.9833710","pdf_url":null,"source":{"id":"https://openalex.org/S4363606603","display_name":"2022 IEEE Symposium on Security and Privacy (SP)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 IEEE Symposium on Security and Privacy (SP)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5066701393","display_name":"Zihao Jin","orcid":null},"institutions":[{"id":"https://openalex.org/I4210113369","display_name":"Microsoft Research Asia (China)","ror":"https://ror.org/0300m5276","country_code":"CN","type":"company","lineage":["https://openalex.org/I1290206253","https://openalex.org/I4210113369"]},{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Zihao Jin","raw_affiliation_strings":["Microsoft Research Asia,Beijing,China","Microsoft Research Asia, Beijing, China","Tsinghua University, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Microsoft Research Asia,Beijing,China","institution_ids":["https://openalex.org/I4210113369"]},{"raw_affiliation_string":"Microsoft Research Asia, Beijing, China","institution_ids":["https://openalex.org/I4210113369"]},{"raw_affiliation_string":"Tsinghua University, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5005112254","display_name":"Ziqiao Kong","orcid":"https://orcid.org/0009-0009-4926-4932"},"institutions":[{"id":"https://openalex.org/I4210113369","display_name":"Microsoft Research Asia (China)","ror":"https://ror.org/0300m5276","country_code":"CN","type":"company","lineage":["https://openalex.org/I1290206253","https://openalex.org/I4210113369"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Ziqiao Kong","raw_affiliation_strings":["Microsoft Research Asia,Beijing,China","Microsoft Research Asia, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Microsoft Research Asia,Beijing,China","institution_ids":["https://openalex.org/I4210113369"]},{"raw_affiliation_string":"Microsoft Research Asia, Beijing, China","institution_ids":["https://openalex.org/I4210113369"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100366889","display_name":"Shuo Chen","orcid":"https://orcid.org/0000-0003-3848-3397"},"institutions":[{"id":"https://openalex.org/I4210113369","display_name":"Microsoft Research Asia (China)","ror":"https://ror.org/0300m5276","country_code":"CN","type":"company","lineage":["https://openalex.org/I1290206253","https://openalex.org/I4210113369"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Shuo Chen","raw_affiliation_strings":["Microsoft Research Asia,Beijing,China","Microsoft Research Asia, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Microsoft Research Asia,Beijing,China","institution_ids":["https://openalex.org/I4210113369"]},{"raw_affiliation_string":"Microsoft Research Asia, Beijing, China","institution_ids":["https://openalex.org/I4210113369"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5067799841","display_name":"Haixin Duan","orcid":"https://orcid.org/0000-0003-0083-733X"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Haixin Duan","raw_affiliation_strings":["Tsinghua University,Beijing,China","Tsinghua University, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Tsinghua University,Beijing,China","institution_ids":["https://openalex.org/I99065089"]},{"raw_affiliation_string":"Tsinghua University, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5066701393"],"corresponding_institution_ids":["https://openalex.org/I4210113369","https://openalex.org/I99065089"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.00263952,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"1525","last_page":"1539"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9958999752998352,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10772","display_name":"Distributed systems and fault tolerance","score":0.9948999881744385,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7672957181930542},{"id":"https://openalex.org/keywords/isolation","display_name":"Isolation (microbiology)","score":0.6003910899162292},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5251778364181519},{"id":"https://openalex.org/keywords/information-privacy","display_name":"Information privacy","score":0.4515036344528198},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.3531638979911804}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7672957181930542},{"id":"https://openalex.org/C2775941552","wikidata":"https://www.wikidata.org/wiki/Q25212305","display_name":"Isolation (microbiology)","level":2,"score":0.6003910899162292},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5251778364181519},{"id":"https://openalex.org/C123201435","wikidata":"https://www.wikidata.org/wiki/Q456632","display_name":"Information privacy","level":2,"score":0.4515036344528198},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.3531638979911804},{"id":"https://openalex.org/C89423630","wikidata":"https://www.wikidata.org/wiki/Q7193","display_name":"Microbiology","level":1,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/sp46214.2022.9833710","is_oa":false,"landing_page_url":"https://doi.org/10.1109/sp46214.2022.9833710","pdf_url":null,"source":{"id":"https://openalex.org/S4363606603","display_name":"2022 IEEE Symposium on Security and Privacy (SP)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 IEEE Symposium on Security and Privacy (SP)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.5199999809265137,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":25,"referenced_works":["https://openalex.org/W1557855942","https://openalex.org/W1705596515","https://openalex.org/W1729553147","https://openalex.org/W1965209910","https://openalex.org/W1976371754","https://openalex.org/W1988160443","https://openalex.org/W2068034551","https://openalex.org/W2094258292","https://openalex.org/W2108384401","https://openalex.org/W2159079348","https://openalex.org/W2169768162","https://openalex.org/W2511463445","https://openalex.org/W2560443936","https://openalex.org/W2750799145","https://openalex.org/W2883613460","https://openalex.org/W2888996757","https://openalex.org/W2951328987","https://openalex.org/W2963311060","https://openalex.org/W3049709743","https://openalex.org/W4297798333","https://openalex.org/W6637632062","https://openalex.org/W6734191230","https://openalex.org/W6753443810","https://openalex.org/W6753974513","https://openalex.org/W6764257909"],"related_works":["https://openalex.org/W2584827882","https://openalex.org/W2538581760","https://openalex.org/W3195097297","https://openalex.org/W4225340788","https://openalex.org/W3038106605","https://openalex.org/W2513267613","https://openalex.org/W3049084372","https://openalex.org/W2528109871","https://openalex.org/W2940702331","https://openalex.org/W2905822832"],"abstract_inverted_index":{"Chromium\u2019s":[0],"site":[1,55,65],"isolation":[2,56,66],"ensures":[3],"that":[4,16,50,64],"different":[5,10,179],"sites":[6],"are":[7,85,182],"rendered":[8],"by":[9,160],"processes,":[11],"which":[12,72,78],"is":[13,97,108,140,163],"a":[14,22,35,58,68,81],"vision":[15],"academic":[17,28],"researchers":[18],"set":[19,84],"forth":[20],"over":[21],"decade":[23],"ago.":[24],"The":[25,156],"journey":[26],"from":[27],"prototypes":[29],"to":[30,76,110,174,193],"the":[31,39,51,74,88,93,95,104,111,138,154,164,167,172,185],"commercial":[32],"availability":[33],"represents":[34],"holistic":[36],"rethinking":[37],"about":[38],"security":[40],"architecture":[41],"for":[42,130],"modern":[43],"browsers.":[44],"In":[45],"this":[46],"paper,":[47],"we":[48,62],"emphasize":[49],"timing":[52,70],"issues":[53],"under":[54],"need":[57],"thorough":[59],"study.":[60],"Specifically,":[61],"show":[63],"enables":[67],"realistic":[69],"attack,":[71],"allows":[73],"attacker":[75],"identify":[77],"websites":[79,119],"in":[80,153,178],"given":[82],"target-sites":[83],"loaded":[86],"into":[87],"browser,":[89],"as":[90,92],"well":[91],"website":[94],"user":[96],"currently":[98],"interacting":[99],"with.":[100],"Through":[101],"these":[102],"vulnerabilities,":[103],"user\u2019s":[105],"site-visit":[106],"behavior":[107],"leaked":[109],"attacker.":[112],"Our":[113],"evaluation":[114],"using":[115],"Alexa":[116],"Top":[117],"3000":[118],"gives":[120],"very":[121,141],"high":[122],"vulnerability":[123],"percentages":[124],"\u2013":[125],"99%,":[126],"99%":[127],"and":[128,171,189,195],"95%":[129],"our":[131,161],"three":[132],"key":[133],"metrics":[134],"of":[135,169],"vulnerabilities.":[136],"Moreover,":[137],"attack":[139],"robust":[142],"without":[143],"any":[144],"special":[145],"assumption,":[146],"so":[147],"will":[148],"be":[149],"effective":[150],"if":[151],"deployed":[152],"field.":[155],"main":[157],"challenge":[158],"revealed":[159],"work":[162],"tension":[165],"between":[166],"scarcity":[168],"processes":[170],"obligation":[173],"isolate":[175],"cross-site":[176],"frames":[177],"processes.":[180],"We":[181],"working":[183],"with":[184],"Google":[186],"Chrome":[187],"team":[188,192],"Microsoft":[190],"Edge":[191],"propose":[194],"evaluate":[196],"mitigation":[197],"options.":[198]},"counts_by_year":[],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}