Enhancing Web Browsing Security

Chuan Yue
2010
Web browsing has become an integral part of our lives, and we use browsers to perform many important activities almost everyday and everywhere. However, due to the vulnerabilities in Web browsers and Web applications and also due to Web users' lack of security knowledge, browser-based attacks are rampant over the Internet and have caused substantial damage to both Web users and service providers. Enhancing Web browsing security is therefore of great need and importance. This dissertation
more » ... rates on enhancing the Web browsing security through exploring and experimenting with new approaches and software systems. Specifically, we have systematically studied four challenging Web browsing security problems: HTTP cookie management, phishing, insecure JavaScript practices, and browsing on untrusted public computers. We have proposed new approaches to address these problems, and built unique systems to validate our approaches. ACKNOWLEDGMENTS This long journey to a Ph.D. in computer science could not be accomplished without the support and help from many people. First and foremost I want to thank my advisor Professor Raining Wang. It has been my great honor and pleasure to be his Ph.D. student for the past five years. I sincerely thank him for all his guidance, support, encouragement, trust, time, and effort that made this dissertation possible. In addition to appreciating his many qualities as an excellent advisor, I especially want to thank him for always giving me the freedom to explore on my own, always setting a high standard for my research, always being available to meet and discuss projects with me, as well as always treating me and other students with respect. I am very grateful to other committee members Professor Weizhen Mao, Professor Phil Kearns, Professor Qun Li, Professor Gexin Yu, and my former committee member Professor Evgenia Smirni, for their valuable feedback and suggestions that helped me improve the quality of this dissertation. Particularly, I am heartily thankful to Professor Smirni, Professor Mao, Professor Kearns, and my advisor for their tremendous support in helping me get a job. I am also thankful to Professor Andreas Stathopoulos, Professor Xiaodong Zhang, Professor Bruce Lowekamp, Pr.ofessor Dimitris Nikolopoulos, Professor Barry Lawson, and Dr. Richard Tran Mills for their help in my first-year Ph.D. study. My sincere appreciation also goes to graduate center course instructors Ms. Barbara Monteith and Ms. Robin Cantor-Cooke. Barbara has helped me a lot in improving my academic writing skills, and Robin has helped me a lot in improving my academic presentation skills. Barbara and Robin have also given me great help in my job application process. I also want to sincerely thank administrative members Ms. Vanessa Godwin and Ms. Jacqulyn Johnson, as well as all the techies in our computer science department. Their professional and efficient help made my Ph.D. study and research a pleasant experience. I also thank many former and current students for their help, collaboration, and friendship. Qi Zhang gave me suggestions on applying for my first-year Ph.D. assistantship. Mengjun Xie helped me in collecting and processing trace for the CookiePicker project. Zi Zhu helped me in testing the RCB framework. Eli Courtwright and Benjamin Strahs generously invited me to be deeply involved in their research projects. Zhenyu Wu provided a great deal of useful information to me with his extensive software and hardware experience. Thanks also go to
doi:10.21220/s2-jpwx-sw57 fatcat:jqvmkkgfjbf7ndukedupgdnm54