Filters








13,925 Hits in 8.3 sec

Browser Security

Charles Reis, Adam Barth, Carlos Pizano
2009 Queue  
Browsers are an appealing target for attackers because they have a large and complex trusted computing base with a wide network-visible interface.  ...  Sandboxes limit the damage that can be caused by an attacker who exploits a vulnerability in the rendering engine.  ...  Taken together, the benefits multiply and help keep users safe on today's Web. In this article, we discuss how our team used these techniques to improve security in Google Chrome.  ... 
doi:10.1145/1551644.1556050 fatcat:66ik7eg7hzaqdll7xa5olcgkrq

Browser security

Charles Reis, Adam Barth, Carlos Pizano
2009 Communications of the ACM  
Browsers are an appealing target for attackers because they have a large and complex trusted computing base with a wide network-visible interface.  ...  In this article, we discuss how our team used these techniques to improve security in Google Chrome.  ...  . his research focuses on improving the reliability and security of Web browsers and Web content.  ... 
doi:10.1145/1536616.1536634 fatcat:mihegb73dbezxauykkdnhuehdq

On Physical Web Browser [article]

Dmitry Namiot, Manfred Sneps-Sneppe
2016 arXiv   pre-print
In this paper, we present the Physical Web Browser project for web applications depending on the environment.  ...  This information (context) could be analyzed and used within the web applications. There are, at least, two models for using this information.  ...  For network proximity, hidden blocks will be visible to mobile users in the proximity of some network nodes.  ... 
arXiv:1603.04031v1 fatcat:5soijlz3qjenhel4hosi2smos4

Browser Fingerprinting: A survey [article]

Pierre Laperdrix and Nataliia Bielova and Benoit Baudry and Gildas Avoine
2019 arXiv   pre-print
With this paper, we survey the research performed in the domain of browser fingerprinting, while providing an accessible entry point to newcomers in the field.  ...  We analyze the related work in detail to understand the composition of modern fingerprints and see how this technique is currently used online.  ...  A BRIEF HISTORY OF WEB BROWSERS In this section, we look at how web browsers turned from HTML renderers to full-fledged embedded operating systems.  ... 
arXiv:1905.01051v2 fatcat:garoieeijnc7hjd46sp3wgwrgu

Language support for extensible web browsers

Benjamin S. Lerner, Dan Grossman
2010 Proceedings of the 2010 Workshop on Analysis and Programming Languages for Web Applications and Cloud Applications - APLWACA '10  
Web browsers are sophisticated and crucial programs, and millions of users extend their browsers to customize their browsing experience.  ...  In this paper we argue the position that such extensions themselves constitute an important facet of web applications-one in need of serious programminglanguage research attention.  ...  We have described the space of web-browser extensions, and argued that they are in need of programming-language research.  ... 
doi:10.1145/1810139.1810146 fatcat:whcgb2kg7fccpobm5zvsiv37b4

Cookies and Web browser design

Lynette I. Millett, Batya Friedman, Edward Felten
2001 Proceedings of the SIGCHI conference on Human factors in computing systems - CHI '01  
Then we examine how cookie technology and Web browser designs have responded to concerns about informed consent.  ...  Specifically, we document relevant design changes in Netscape Navigator and Internet Explorer over a 5-year period, starting in 1995.  ...  Nearly two years later, in 1999 -two years during which cookies gained increasing visibility in the media and privacy appears foremost in users' concerns about Web useversion 4.6 appears.  ... 
doi:10.1145/365024.365034 dblp:conf/chi/MillettFF01 fatcat:264y2e33jzgtzkrd67mmqu2khm

CookiExt: Patching the browser against session hijacking attacks

Michele Bugliesi, Stefano Calzavara, Riccardo Focardi, Wilayat Khan
2015 Journal of Computer Security  
To counter these attacks, modern web browsers implement native cookie protection mechanisms based on the HttpOnly and Secure flags.  ...  Our solution improves over existing client-side defenses by combining protection against both web and network attacks, while at the same time being designed so as to minimise its effects on the user's  ...  Though interesting, the WebSpi library is much more abstract than Featherweight Firefox and not as easily extensible to include additional web features, since these must be encoded in the applied pi-calculus  ... 
doi:10.3233/jcs-150529 fatcat:oh3myqbcnrfhdhz2k4tevmlwg4

JavaScript instrumentation for browser security

Dachuan Yu, Ajay Chander, Nayeem Islam, Igor Serikov
2007 SIGPLAN notices  
It is well recognized that JavaScript can be exploited to launch browser-based security attacks. We propose to battle such attacks using program instrumentation.  ...  Untrusted JavaScript code goes through a rewriting process which identifies relevant operations, modifies questionable behaviors, and prompts the user (a web page viewer) for decisions on how to proceed  ...  We will discuss extensions and further issues in a later section. Related Work Browser security solutions JavaScript, DOM, and web browsers provide some basic security protections.  ... 
doi:10.1145/1190215.1190252 fatcat:o43uvmhtufd5dgxnjwrjpomgzq

Browser history re: visited

Michael Smith, Craig Disselkoen, Shravan Narayan, Fraser Brown, Deian Stefan
2018 Workshop on Offensive Technologies  
in favor of privacy.  ...  We evaluate the attacks against four major browsers (Chrome, Firefox, Edge, and IE) and several security-focused browsers (ChromeZero, Brave, FuzzyFox, DeterFox, and the Tor Browser).  ...  The request is faster if the resource from https://fb.com is already in the cache, and slower if the browser must fetch it over the network-measurably so, if the target resource is sufficiently large.  ... 
dblp:conf/woot/SmithDNBS18 fatcat:rbbyjhhrmbcn5lzhgegul4nsqi

Trusted Browsers for Uncertain Times

David Kohlbrenner, Hovav Shacham
2016 USENIX Security Symposium  
In summary: • We show how an attacker can measure durations in web browsers without querying an explicit clock. • We show how the concepts of "fuzzy time" can apply to web browsers to mitigate all clocks  ...  We show how "fuzzy time" ideas in the trusted operating systems literature can be adapted to building trusted browsers, degrading all clocks and reducing the bandwidth of all timing channels.  ...  Queuing All events visible to JavaScript must be queued in Fuzzyfox. Unfortunately, there is not a singular place or even explicit queues available for all events in Firefox.  ... 
dblp:conf/uss/KohlbrennerS16 fatcat:6idc7464jnbevcvvwgyamxujte

Evading Censorship with Browser-Based Proxies [chapter]

David Fifield, Nate Hardison, Jonathan Ellithorpe, Emily Stark, Dan Boneh, Roger Dingledine, Phil Porras
2012 Lecture Notes in Computer Science  
We discuss a number of technical challenges that had to be overcome for this system to work and report on its performance and security.  ...  In this paper we propose a browser-based proxy creation system that generates a large number of short-lived proxies.  ...  Acknowledgments We are grateful for many helpful conversations on this topic with Drew Dean, Pat Lincoln, Ian Schuler, and Vinod Yegneswaran; and to Steve Beaty for help in testing.  ... 
doi:10.1007/978-3-642-31680-7_13 fatcat:3y7xmc4rjngnxavxygftocjcza

JavaScript instrumentation for browser security

Dachuan Yu, Ajay Chander, Nayeem Islam, Igor Serikov
2007 Proceedings of the 34th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages - POPL '07  
It is well recognized that JavaScript can be exploited to launch browser-based security attacks. We propose to battle such attacks using program instrumentation.  ...  Untrusted JavaScript code goes through a rewriting process which identifies relevant operations, modifies questionable behaviors, and prompts the user (a web page viewer) for decisions on how to proceed  ...  We will discuss extensions and further issues in a later section. Related Work Browser security solutions JavaScript, DOM, and web browsers provide some basic security protections.  ... 
doi:10.1145/1190216.1190252 dblp:conf/popl/YuCIS07 fatcat:tkupqlwiprhkpbfnmfwsblfbc4

Online privacy and browser security

Simon Heron
2009 Network Security  
It is important to design browser security and privacy alerts so as to maximise their value to the end user, and their efficacy in terms of communicating risk.  ...  Our findings aim to to provide designers and developers with guidance as to how to construct privacy and security alerts.  ...  INTRODUCTION It is non-trivial to design effective alerts in the security and privacy domain. Browser designers do their best to inform users about security-related aspects as they surf the web.  ... 
doi:10.1016/s1353-4858(09)70061-3 fatcat:r44pe22glnghjdebpad7swngne

WebCloud: Recruiting web browsers for content distribution [article]

Fangfei Zhou, Liang Zhang, Eric Franco, Richard Revis, Alan Mislove, Ravi Sundaram
2011 arXiv   pre-print
Because WebCloud is built using techniques already present in many web browsers, it can be applied today to many social networking sites.  ...  We are at the beginning of a shift in how content is created and exchanged over the web.  ...  Security We now examine how WebCloud handles malicious users.  ... 
arXiv:1109.3791v2 fatcat:4yttyzawabbdtmt3uedphuhhhe

Reactive non-interference for a browser model

Nataliia Bielova, Dominique Devriese, Fabio Massacci, Frank Piessens
2011 2011 5th International Conference on Network and System Security  
Second, we investigate three useful web browser security policies that can be enforced by our mechanism, and demonstrate their value and limitations.  ...  We investigate non-interference (secure information flow) policies for web browsers, replacing or complementing the Same Origin Policy.  ...  The predicate visible l (s) models what observers of security level l can see: visible l (s) is true iff the stream element s is visible to an observer at level l.  ... 
doi:10.1109/icnss.2011.6059965 dblp:conf/nss/BielovaDMP11 fatcat:5zjtwnukhzhtvm4rb6chxiowyi
« Previous Showing results 1 — 15 out of 13,925 results