Skip to content


Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time


This repository accompanies the paper "Ex-Ray: Detection of History-Leaking Browser Extensions". A blog post describing the paper is available here. A brief description of the files is provided below, for details please see the paper.

Generally, extensions are named with their 32 character extension ID and end with their version number.

Unsupervised Flagging

File unsupervised-flagged.txt contains unsupervised flagging data based on traffic data alone. This step is based on counterfactual analysis of network traffic, after executing an extension in multiple stages. We treat the extension as a controlled environment and the size of history as input variable. The observed network traffic is the output variable.

Linear Regression

File linear_regression.json - labeled set of 212 samples that were flagged by the linear regression system including false positives.

Triage Data

File triagereport.txt features a run of our extension triage component. We split up extension network flows by remote hostname, and calculate a score how likely it is to leak. The lower the less likely it is to leak, and vice versa. Scores below 1 mean it is unlikely to leak, up until 100 it is possibly leaking, above that it is likely to leak. We would like to emphasize that this is an add-on component with the goal of aiding an analyst, not providing definite decisions.

Getting Chrome Extensions

Extensions are either available for the official store, alternatively from - this site also features older versions.


No description, website, or topics provided.






No releases published


No packages published