Skip to main content
SpringerLink
Log in

ESQABE: Predicting Encrypted Search Queries

  • Conference paper
  • First Online:
ICT Systems Security and Privacy Protection (SEC 2021)

Part of the book series: IFIP Advances in Information and Communication Technology ((IFIPAICT,volume 625))

  • 1493 Accesses

Abstract

All popular search engines implement HTTPS to protect the privacy of their users. Unfortunately, HTTPS encryption only covers Application layer headers and information will still leak through side-channels and other protocols used in a conversation between browser and server. This paper presents a novel eavesdropping approach called ESQABE, which combines these sources of information in order to determine what a subject is querying a search engine for in a real-life situation. To achieve this goal, packet length and timing information of the autocomplete functionality are used in combination with the home page contents of the search result links subsequently opened by the user. ESQABE is evaluated by automated tests using realistic search queries and based on real-life behavior. The technique is able to correctly predict the search query in 33% of the cases which is a significant improvement when compared to related work. In 41% of the cases, the correct query was included in the top 3 of most likely predictions. In most other cases no prediction could be made. To better protect the user, we contribute a browser extension that effectively hides the search query for the eavesdropper. The tool not only protects users but also visualizes what information is leaking to an eavesdropper.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 119.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 159.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 159.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://transparencyreport.google.com/https/overview.

  2. 2.

    https://www.mondovo.com/keywords/most-searched-words-on-google/.

  3. 3.

    https://trends.google.com/.

  4. 4.

    https://backlinko.com/google-ctr-stats.

References

  1. Barbaro, M., Zeller, T.J.: A face is exposed for AOL searcher no. 4417749. https://www.nytimes.com/2006/08/09/technology/09aol.html. Accessed 23 Nov 2020

  2. Chen, S., Wang, R., Wang, X., Zhang, K.: Side-channel leaks in web applications: a reality today, a challenge tomorrow. In: 2010 IEEE Symposium on Security and Privacy, pp. 191–206 (2010). https://doi.org/10.1109/SP.2010.20

  3. Cucerzan, S., Brill, E.: Spelling correction as an iterative process that exploits the collective knowledge of web users. In: Proceedings of EMNLP 2004. pp. 293–300 (July 2004), https://www.aclweb.org/anthology/W04-3238

  4. Di Martino, M., Quax, P., Lamotte, W.: Knocking on IPs: identifying https websites for zero-rated traffic. Secur. Commun. Networks (2020). https://doi.org/10.1155/2020/7285786

    Article  Google Scholar 

  5. Dyer, K.P., Coull, S.E., Ristenpart, T., Shrimpton, T.: Peek-a-boo, I still see you: why efficient traffic analysis countermeasures fail. In: 2012 IEEE Symposium on S&P, pp. 332–346. IEEE (2012). https://doi.org/10.1109/SP.2012.28

  6. Lewandowski, D., Spree, U.: Ranking of wikipedia articles in search engines revisited: fair ranking for reasonable quality? J. Am. Soc. Inf. Sci. Technol. 62(1), 117–132 (2011). https://doi.org/10.1002/asi.21423

    Article  Google Scholar 

  7. Liberatore, M., Levine, B.N.: Inferring the source of encrypted http connections. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, New York, pp. 255–263. CCS 2006. Association for Computing Machinery (2006). https://doi.org/10.1145/1180405.1180437

  8. Monaco, J.V.: What are you searching for? a remote keylogging attack on search engine autocomplete. In: 28th \(\{\)USENIX\(\}\) Security Symposium (\(\{\)USENIX\(\}\) Security 19), pp. 959–976 (2019)

    Google Scholar 

  9. Oh, S.E., Li, S., Hopper, N.: Fingerprinting keywords in search queries over tor. Proc. Priv. Enhancing Technol. 4, 251–270 (2017). https://doi.org/10.1515/popets-2017-0048

    Article  Google Scholar 

  10. Siby, S., Marc, J., Diaz, C., Vallina-Rodriguez, N., Troncoso, C.: Encrypted DNS privacy? \(\rightarrow \) a traffic analysis perspective. In: NDSS. Internet Society (2020). https://doi.org/10.14722/ndss.2020.24301

Download references

Author information

Authors and Affiliations

  1. UHasselt - Hasselt University - tUL, Expertise Centre for Digital Media (EDM), Wetenschapspark 2, 3590, Diepenbeek, Belgium

    Isaac Meers, Mariano Di Martino & Wim Lamotte

  2. UHasselt - Hasselt University - tUL - Flanders Make, Expertise Center for Digital Media (EDM), Wetenschapspark 2, 3590, Diepenbeek, Belgium

    Peter Quax

Authors
  1. Isaac Meers
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mariano Di Martino
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Peter Quax
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Wim Lamotte
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Isaac Meers .

Editor information

Editors and Affiliations

  1. University of Oslo, Oslo, Norway

    Audun Jøsang

  2. Nelson Mandela University, Gqeberha, South Africa

    Lynn Futcher

  3. University of Oslo, Oslo, Norway

    Janne Hagen

Rights and permissions

Reprints and permissions

Copyright information

© 2021 IFIP International Federation for Information Processing

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Meers, I., Di Martino, M., Quax, P., Lamotte, W. (2021). ESQABE: Predicting Encrypted Search Queries. In: Jøsang, A., Futcher, L., Hagen, J. (eds) ICT Systems Security and Privacy Protection. SEC 2021. IFIP Advances in Information and Communication Technology, vol 625. Springer, Cham. https://doi.org/10.1007/978-3-030-78120-0_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-78120-0_7

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-78119-4

  • Online ISBN: 978-3-030-78120-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Societies and partnerships

Search

Navigation