| 2023 | A Two-Step TLS-Based Browser fingerprinting approach using combinatorial sequences | Fingerprint, TLS, Combinatorics | Bernhard Garn, Stefan Zauner, Dimitris E. Simos, Manuel Leithner, Richard Kuhn, Raghu Kacker |
| 2022 | AudioContext Browser Fingerprinting | AudioContext, ML, Device Verification, Device Identification | Josef Frola |
| 2022 | Browser-based CPU Fingerprinting | CPU Fingerprinting, Timing Attacks | Leon Trampert, Christian Rossow, Michael Schwarz |
| 2022 | DRAWNAPART - A Device Identification Technique based on Remote GPU Fingerprinting | | |
| 2022 | Phish in Sheeps Clothing Exploring Pitfalls of Browser Fingerprinting | | |
| 2022 | SMS PVA - An Underground Service Enabling Threat Actors to Register Bulk Fake Accounts | | |
| 2021 | Device Fingerprinting with Peripheral Timestamps | | |
| 2021 | Fingerprinting in Style - Detecting Browser Extensions via Injected Style Sheets | | |
| 2021 | JA3cury - A New Approach to TLS Fingerprinting by Merging Fingerprinting Methods | | |
| 2021 | JARM Randomizer - Evading JARM Fingerprinting | | |
| 2021 | ML-CB - Machine Learning Canvas Block | | |
| 2021 | On Reliability of JA3 Hashes for Fingerprinting Mobile Applications | | |
| 2021 | OS Fingerprinting and Tethering Detection in Mobile Networks | | |
| 2021 | Tales of FAVICONS and Caches - Persistent Tracking in Modern Browsers | | |
| 2021 | The CNAME of the Game - Large-scale Analysis of DNS-based Tracking Evasion | DNS | Yana Dimova |
| 2021 | TypeNet - Deep Learning Keystrong Biometrics | | |
| 2021 | Your Phone is My Proxy - Detecting and Understanding Mobile Proxy Networks | | |
| 2020 | 3d Red Pill - A Guest-to-Host Escape on QEMUKVM Virtio Devices | | |
| 2020 | Accurate TLS Fingerprinting using Destination Context and Knowledge Bases | | |
| 2020 | Awakening the Web’s Sleeper Agents - Misusing Service Workers for Privacy Leakage | | |
| 2020 | BeCAPTCHA-Mouse - Synthetic Mouse Trajectories and Improved Bot Detection | | |
| 2020 | Browser Fingerprint Standardization Using Rule Based Algorithm and Multi-Class Entropy | | |
| 2020 | Carnus - Exploring the Privacy Threats of Browser Extension Fingerprinting | | |
| 2020 | Characterizing Anomalies in Malware-Generated HTTP Traffic | | |
| 2020 | Clash of the Trackers - Measuring the Evolution of the Online Tracking Ecosystem | | |
| 2020 | Combining Behavioural Biometrics and Session Context Analytics to Enhance Risk Based Static Authentication in Web Applications | | |
| 2020 | Deobfuscation, Unpacking, And Decoding of Obfuscated Malicious JavaScript For Machine Learning Models Detection Performance Improvement | | |
| 2020 | Don’t count me out - On the relevance of IP addresses in the tracking ecosystem | | |
| 2020 | EssentialFP - Exposing the Essence of Browser Fingerprinting | | |
| 2020 | Fingerprinting the Fingerprinters - Learning to Detect Browser Fingerprinting Behaviors | | |
| 2020 | Fingerprinting With Atomic Counters in Upcoming Web Graphics Compute APIs | | |
| 2020 | FP-Crawlers - Studying the Resilience of Browser Fingerprinting to Block Crawlers | | |
| 2020 | FPSelect - Low-Cost Browser Fingerprints for Mitigating Dictionary Attacks against Web Authentication Mechanisms | | |
| 2020 | Guess Who - Large-Scale Data-Centric Study of the Adequacy of Browser Fingerprints for Web Authentication | | |
| 2020 | Inside The Black Box - A Glimpse Of Google’s Internal Data Free-For-All | | |
| 2020 | Leveraging Frequency Analysis for Deep Fake Image Recognition | | |
| 2020 | Neither Denied nor Exposed Fixing WebRTC | | |
| 2020 | Poking a Hole in the Wall - Censorship-Resistant Internet Communications by Parasitizing on WebRTC | | |
| 2020 | Remote physical device fingerprinting | | |
| 2020 | SenCAPTCHA - A Mobile-First CAPTCHA Using Orientation Sensors | | |
| 2020 | Taming the Shape Shifter - Detecting Anti-Fingerprinting Browsers | | |
| 2020 | Timeless Timing Attacks - Exploiting Concurrency to Leak Secrets over Remote Connections | | |
| 2020 | TLS Fingerprinting Techniques | | |
| 2020 | Using Generative Adversarial Networks to Break and Protect Text CAPTCHAs | | |
| 2020 | Using TLS Fingerprints for OS Identification in Encrypted Traffic | | |
| 2020 | Web Applications Security and Privacy | | |
| 2020 | Web Browser Privacy - What Do Browsers Say When They Phone Home | | |
| 2020 | Web Runner 2049 - Evaluating Third-Party Anti-Bot Services | | |
| 2019 | After You, Please - Browser Extensions Order Attacks and Countermeasures | | |
| 2019 | An Investigation on Information Leakage of DNS over TLS | | |
| 2019 | Analyzing and Improving the Image Quality of StyleGAN | | |
| 2019 | Browser Fingerprinting - A Survey | | |
| 2019 | Browser Fingerprinting - Exploring Device Diversity to Augment Authentication and Build Client-Side Countermeasures | | |
| 2019 | Even Turing Should Sometimes Not Be Able To Tell - Mimicking Humanoid Usage Behavior for Exploratory Studies of Online Services | | |
| 2019 | Fourier Spectrum Discrepancies in Deep Network Generated Images | | |
| 2019 | From IP ID To Device ID and KASLR Bypass | | |
| 2019 | Hacking Google reCAPTCHA v3 using Reinforcement Learning | | |
| 2019 | Improving the Testing Efficiency of Selenium-based Load Tests | | |
| 2019 | JavaScript Template Attacks - Automatically Inferring Host Information for Targeted Exploits | | |
| 2019 | Leveraging WebAssembly for Numerical JavaScript Code Virtualization | | |
| 2019 | Monsters in the Middleboxes - Building Tools for Detecting HTTPS Interception | | |
| 2019 | Morelian Analysis for Browsers - Making Web Authentication Stronger with Canvas Fingerprinting | | |
| 2019 | Passive OS Fingerprinting by DNS Traffic Analysis | | |
| 2019 | Preventing Browser Fingerprinting by Randomizing Canvas | | |
| 2019 | Rendered Private - Making GLSL Execution Uniform to Prevent WebGL-based Browser Fingerprinting | | |
| 2019 | Resident Evil - Understanding Residential IP Proxy as a Dark Service | | |
| 2019 | SoK - In Search of Lost Time - A Review of JavaScript Timers in Browsers | | |
| 2019 | Talon - An Automated Framework for Cross-Device Tracking Detection | | |
| 2019 | The Generation and Use of TLS Fingerprints | | |
| 2019 | Tracking Versus Security - Investigating the Two Facets of Browser Fingerprinting | | |
| 2019 | VisibleV8 - In-browser Monitoring of JavaScript in the Wild | | |
| 2018 | Browser Fingerprinting - Exploring Device Diversity to Augment Authentification and Build Client-Side Countermeasures | | |
| 2018 | Clock Around the Clock - Time-Based Device Fingerprinting | | |
| 2018 | Detecting Social Spamming on Facebook Platform | | |
| 2018 | Evaluating Server-Side Internet Proxy Detection Methods | | |
| 2018 | Fingerprinting Mobile Browsers | | |
| 2018 | FP-STALKER - Tracking Browser Fingerprint Evolutions | | |
| 2018 | Hiding in The Crowd - An Analysis of the Effectiveness of Browser Fingerprinting At Large Scale | | |
| 2018 | JavaScript Zero - Real JavaScript and Zero Side-Channel Attacks | | |
| 2018 | Pride and Prejudice in Progressive Web Apps - Abusing Native App-like Features in Web Applications | | |
| 2018 | Rendered Insecure - GPU Side Channel Attacks are Practical | | |
| 2018 | Who Changed my Browser Settings | | |
| 2018 | Who Left Open the Cookie Jar - A Comprehensive Evaluation of Third-Party Cookie Policies | | |
| 2017 | (Cross-)Browser Fingerprinting via OS and Hardware Level Features | | |
| 2017 | DECANTeR - DEteCtion of Anomalous outbouNd HTTP TRaffic by Passive Application Fingerprinting | | |
| 2017 | Deterministic Browser | | |
| 2017 | Fantastic Timers and Where to Find Them - High-Resolution Microarchitectural Attacks in JavaScript | | |
| 2017 | FpRandom - Randomizing Core Browser Objects to Break Advanced Device Fingerprinting Techniques | | |
| 2017 | Most Websites Don’t Need to Vibrate - A Cost–Benefit Approach to Improving Browser Security | | |
| 2017 | The All Seeing Eye - Web to App Intercommunication for Session Fingerprinting in Android | | |
| 2017 | The Security Impact of HTTPS Interception | | |
| 2017 | Tracking You through DNS Traffic - Linking User Sessions by Clustering with Dirichlet Mixture Model | | |
| 2016 | A 1-million-site Measurement and Analysis | | |
| 2016 | Beauty and the Beast - Diverting Modern Web Browsers To Build Unique Browser Fingerprints | | |
| 2016 | Browser Fingerprinting - Hraska | | |
| 2016 | Cloud Fingerprinting - Using Clock Skews To Determine Co-Location of Virtual Machines | | |
| 2016 | I Am Robot - (Deep) Learning to Break Semantic Image CAPTCHAs | | |
| 2016 | I’m not a human - Breaking the Google reCAPTCHA | | |
| 2016 | Picasso - Lightweight Device Class Fingerprinting For Web Clients | | |
| 2016 | The Security of WebRTC | | |
| 2016 | Trusted Browsers For Uncertain Times | | |
| 2016 | Tunneling for Transparency A Large-Scale Analysis of End-to-End Violations in the Internet | | |
| 2016 | Web browser fingerprinting a framework for measuring the web browser | | |
| 2015 | Deterministically Deterring Timing Attacks in Deterland | | |
| 2015 | FpGuard - Detection and Prevention of Browser Fingerprinting | | |
| 2015 | Mitigating browser fingerprint tracking | | |
| 2015 | Network-based HTTPS Client Identification Using SSL TLS Fingerprinting | | |
| 2015 | The Clock is Still Ticking - Timing Attacks in the Modern Web | | |
| 2015 | Tick Tock - Building Browser Red Pills from Timing Side Channels | | |
| 2015 | You Are How You Query - Deriving Behavioral Fingerprints From DNS Traffic | | |
| 2014 | Markov Chain Fingerprinting to Classify Encrypted Traffic | | |
| 2014 | Mobile Device Identification Via Sensor Fingerprinting | | |
| 2014 | The Web Never Forgets - Persistent Tracking Mechanisms in The Wild | | |
| 2013 | Cookieless Monster - Exploring the Ecosystem of Web-based Device Fingerprinting | | |
| 2013 | Mitigating Access-Driven Timing Channels in Clouds using StopWatch | | |
| 2013 | WebGL Programming Guide | | |
| 2012 | Combining Mouse and Keystroke Dynamics Biometrics for Risk Based Authentication in Web Environments | | |
| 2012 | Pixel Perfect - Fingerprinting Canvas in HTML5 | | |
| 2010 | On the Reliability of Wireless Fingerprinting using Clock Skews | | |
| 2009 | Cache Missing For Fun and Profit | | |
| 2008 | An Improved Clock-skew Measurement Technique for Revealing Hidden Services | | |
