Exploiting side-channel leaks in web traffic of incremental search

Abstract

The explosion of information has resulted in incremental search becoming an essential tool for many websites. This technology provides real-time suggestions by sending the current query to the server. Despite encryption, search requests can be leveraged by passive attackers to infer the query typed by the user. In this paper, we show that at least nine of Alexa’s top 50 websites have serious side-channel leaks. More importantly, we use information theory to quantify the leakage and report the upper bound of recognition accuracy that an attacker can achieve. We further develop a generic attack attempting to infer users’ queries by monitoring web search traffic. Experimentally, the attack performance is close to the theoretical bounds. The most vulnerable website allows up to 53% of English queries and 76% of Chinese queries to be identified from 825k and 140k queries, respectively. Overall, our work highlights the prevalence of such side-channel leaks on the Internet and provides insights for developers to help mitigate the threat.