A4 Article in conference proceedings
Crossing Cross-Domain Paths in the Current Web

List of Authors: Jukka Ruohonen, Joonas Salovaara, Ville Leppänen
Publication year: 2018
Book title *: 2018 16th Annual Conference on Privacy, Security and Trust (PST)
ISBN: 978-1-5386-7494-9
eISBN: 978-1-5386-7493-2


The loading of resources from third-parties has evoked new security and privacy concerns about the current world wide web. Building on the concepts of forced and implicit trust, this paper examines cross-domain transmission control protocol (TCP) connections that are initiated to domains other than the domain queried with a web browser. The dataset covers nearly ten thousand domains and over three hundred thousand TCP connections initiated by querying popular Finnish websites and globally popular sites. According to the results, (i) cross-domain connections are extremely common in the current Web. (ii) Most of these transmit encrypted content, although mixed content delivery is relatively common; many of the cross-domain connections deliver unencrypted content at the same time. (iii) Many of the cross-domain connections are initiated to known web advertisement domains, but a much larger share traces to social media platforms and cloud infrastructures. Finally, (iv) the results differ slightly between the Finnish web sites sampled and the globally popular sites. With these results, the paper contributes to the ongoing work for better understanding cross-domain connections and dependencies in the world wide web.

Last updated on 2019-20-02 at 12:22