Presentation is loading. Please wait.

Presentation is loading. Please wait.

UCognito: Private Browsing without Tears

Published byGriselda Gilmore Modified over 8 years ago

Similar presentations

Presentation on theme: "UCognito: Private Browsing without Tears"— Presentation transcript:

1 UCognito: Private Browsing without Tears
Meng Xu, Yeongjin Jang, Xinyu Xing, Taesoo Kim, and Wenke Lee Present by Zhang He

2 Keywords Privacy Browser

3 Private Browsing

4 Privacy Goals Stealthiness: should not be stored
Freshness: persistent data should not be used

5 Overview Research Problem Motivation Major research Evaluation
Uverifier Ucognito Evaluation Conclusion Quiz

6 Chrome and FireFox How do they support the private browsing?

7 Complexity to implement

8 Limitation Each add-on has to take a special care on private mode
This amount of complexity results in many privacy issues in popular add-on.

9 Bug report samples related to private mode implementation in Firefox and Chrome.

10 Caveat Interface for Add-on
FireFox: takes the approach of manual app re-view Chrome:

11 Testing private browsing
Goal: employ a systematic way to identify and support the features/components that persist data during a browsing session Environment:feasible with a small code base and in a slow development cycle

12 Overview Research Problem Existing Problem and Motivation
Major research Uverifier Ucognito Evaluation Conclusion Quiz

13 Uverifier: Privacy Violation Detector
Three major components: • a script-based driver that drives a browsing session • a system call tracer • an analyzer Test: • To test stealthiness goal, we run one private session (A) only. • To test freshness goal, we run one public session (A) and one private session (B) consecutively.

14 Privacy Violations OCSP cache PNaCl translation cache
Nvidia’s OpenGL cache

15 Ucognito Filesystem sandboxing Policy system kicks in at two points

16 Policy System • CLEAN: create an empty file to prevent file-copying from the original user profile to the private profile • COPY: copy a file or sub-directory to the private profile from existing user profile, to employ existing settings • WRITE: allow data to be written back to the user profile after the session closes

17

18 IMPLEMENTATION Sandboxing Layer System call hooking:
Placed hooks on 50 system calls Containing file access: rewrite the path argument on each system call entrance first argument (path) is on /home/user/.config rewrite the path to /tmp/ucognito-pid/home/user/.config

19 UI Layer

20 Launching a Private Mode
Example: Google Chrome web browser Whole procedure: 1. Initialization phase 2. Browser starting phase 3. Browsing phase 4. Cleaning phase

21 Overview Research Problem Motivation Major research Evaluation
Uverifier Ucognito Evaluation Conclusion Quiz

22 Evaluation What are the use cases for UCOGNITO?
2. How flexible and general is UCOGNITO’s policy in implementing private browsing schemes of popular browsers? 3. How much is the performance overheads?

23 Preventing Privacy Violations
OCSP cache PNaCl translation cache Nvidia’s OpenGL cache UCOGNITO is able to mitigate all these privacy violation cases

24 Supporting Add-ons

25 Policy Flexibility

26 Browsing Performance

27

28 Overview Research Problem Motivation Major research Evaluation
Uverifier Ucognito Evaluation Conclusion Quiz

29 CONCLUSION Problem: Contribution: Limitation:
Private browsing is not implemented consistently and correctly in major browsers Contribution: Uverifier Ucognito Stop all known privacy leaks Overhead (1-2.5%) Limitation: Only applied to Chrome and FireFox

30 Overview Research Problem Motivation Major research Evaluation
Uverifier Ucognito Evaluation Conclusion Quiz

31 Quiz Q1:What is the most important thing(goal) to privacy browsing?
Q2:Why Ucognito don’t requires to change browsers and system kernel? Q3:When we use CLEAN policy, what will we do if a path is specified as CLEAN?

32 Thank you!

Download ppt "UCognito: Private Browsing without Tears"

Similar presentations

On the Design of a Web Browser: Lessons learned from Operating Systems Kapil Singh and Wenke Lee Georgia Institute of Technology Web 2.0 Security and Privacy.

On the Design of a Web Browser: Lessons learned from Operating Systems Kapil Singh and Wenke Lee Georgia Institute of Technology Web 2.0 Security and Privacy.
Presented by Vaibhav Rastogi. Current browsers try to separate host system from Web Websites evolved into web applications Lot of private data on the.

Presented by Vaibhav Rastogi. Current browsers try to separate host system from Web Websites evolved into web applications Lot of private data on the.
Objected Oriented Perl An introduction – because I don’t have the time or patience for an in- depth OOP lecture series…

Objected Oriented Perl An introduction – because I don’t have the time or patience for an in- depth OOP lecture series…
Building web applications on top of encrypted data using Mylar Presented by Tenglu Liang Tai Liu.

Building web applications on top of encrypted data using Mylar Presented by Tenglu Liang Tai Liu.
Browser Comparisons Internet Explorer 8 & 9, Chrome 11 and Firefox 4 Security, Privacy, Add-ons & Convenience.

Browser Comparisons Internet Explorer 8 & 9, Chrome 11 and Firefox 4 Security, Privacy, Add-ons & Convenience.
On the Privacy of Private Browsing Kiavash Satvat, Matt Forshaw, Feng Hao, Ehsan Toreini Newcastle University DPM’13.

On the Privacy of Private Browsing Kiavash Satvat, Matt Forshaw, Feng Hao, Ehsan Toreini Newcastle University DPM’13.
Web browsers It’s a software application for retrieving and presenting information on WWW. An information resource is identified by a Uniform Resource.

Web browsers It’s a software application for retrieving and presenting information on WWW. An information resource is identified by a Uniform Resource.
Copyright © 2012 Certification Partners, LLC -- All Rights Reserved Lesson 4: Web Browsing.

Copyright © 2012 Certification Partners, LLC -- All Rights Reserved Lesson 4: Web Browsing.
Chapter 6 Security Kernels.

Chapter 6 Security Kernels.
An Evaluation of the Google Chrome Extension Security Architecture

An Evaluation of the Google Chrome Extension Security Architecture
Lesson 4: Web Browsing.

Lesson 4: Web Browsing.
Ahmad Radaideh.  Abstract  Introduction  Google Cached Content  GOOGLE HACKING Procedures  Google Advance Operators  Google hacking Result Categories.

Ahmad Radaideh.  Abstract  Introduction  Google Cached Content  GOOGLE HACKING Procedures  Google Advance Operators  Google hacking Result Categories.
Learning C++ the Fun Way Taesoo Kim Dr. Ramon Lawrence Computer Science.

Learning C++ the Fun Way Taesoo Kim Dr. Ramon Lawrence Computer Science.
Indirect File Leaks in Mobile Applications Daoyuan Wu and Rocky K. C. Chang The Hong Kong Polytechnic University May 21, 2015 1 MoST’15, in conjunction.

Indirect File Leaks in Mobile Applications Daoyuan Wu and Rocky K. C. Chang The Hong Kong Polytechnic University May 21, MoST’15, in conjunction.
DISTRIBUTED CONSISTENCY MANAGEMENT IN A SINGLE ADDRESS SPACE DISTRIBUTED OPERATING SYSTEM Sombrero.

DISTRIBUTED CONSISTENCY MANAGEMENT IN A SINGLE ADDRESS SPACE DISTRIBUTED OPERATING SYSTEM Sombrero.
The Jukebox Orian Paz & Yair Cleper Instructor: Viktor Kulikov Semester: Spring 2009 Final Presentation.

The Jukebox Orian Paz & Yair Cleper Instructor: Viktor Kulikov Semester: Spring 2009 Final Presentation.
James Tam Web Browsers In this section of notes you will learn about the web browsing process, some of the important features of popular browsers and a.

James Tam Web Browsers In this section of notes you will learn about the web browsing process, some of the important features of popular browsers and a.
Progress Report 11/1/01 Matt Bridges. Overview Data collection and analysis tool for web site traffic Lets website administrators know who is on their.

Progress Report 11/1/01 Matt Bridges. Overview Data collection and analysis tool for web site traffic Lets website administrators know who is on their.
Firefox 2 Feature Proposal: Remote User Profiles TeamOne August 3, 2007 TeamOne August 3, 2007.

Firefox 2 Feature Proposal: Remote User Profiles TeamOne August 3, 2007 TeamOne August 3, 2007.
Reusability and Portability Chapter 8 CSCI 4320. Reusability and Portability  The length of the development process is critical.  No matter how high.

Reusability and Portability Chapter 8 CSCI Reusability and Portability  The length of the development process is critical.  No matter how high.

Similar presentations

Ads by Google