Seyed Ali Mirheidari, Sajjad Arshad, Kaan Onarlioglu, Bruno Crispo, Engin Kirda, William Robertson
This work extended the exploitability of the Web Cache Deception (WCD) attack by developing novel attack techniques. The work demonstrated that variations of the path confusion technique make it possible to exploit sites which are otherwise not impacted by the original attack. Findings showed that many popular sites remain vulnerable two years after the public disclosure of WCD. The paper was published at USENIX Security Symposium 2020.