UCognito: Private Browsing without Tears

Slides:

Advertisements

Similar presentations

On the Design of a Web Browser: Lessons learned from Operating Systems Kapil Singh and Wenke Lee Georgia Institute of Technology Web 2.0 Security and Privacy.

Advertisements

Presented by Vaibhav Rastogi. Current browsers try to separate host system from Web Websites evolved into web applications Lot of private data on the.

Objected Oriented Perl An introduction – because I don’t have the time or patience for an in- depth OOP lecture series…

Building web applications on top of encrypted data using Mylar Presented by Tenglu Liang Tai Liu.

Browser Comparisons Internet Explorer 8 & 9, Chrome 11 and Firefox 4 Security, Privacy, Add-ons & Convenience.

On the Privacy of Private Browsing Kiavash Satvat, Matt Forshaw, Feng Hao, Ehsan Toreini Newcastle University DPM’13.

Web browsers It’s a software application for retrieving and presenting information on WWW. An information resource is identified by a Uniform Resource.

Copyright © 2012 Certification Partners, LLC -- All Rights Reserved Lesson 4: Web Browsing.

Chapter 6 Security Kernels.

An Evaluation of the Google Chrome Extension Security Architecture

Lesson 4: Web Browsing.

Ahmad Radaideh.  Abstract  Introduction  Google Cached Content  GOOGLE HACKING Procedures  Google Advance Operators  Google hacking Result Categories.

Learning C++ the Fun Way Taesoo Kim Dr. Ramon Lawrence Computer Science.

Indirect File Leaks in Mobile Applications Daoyuan Wu and Rocky K. C. Chang The Hong Kong Polytechnic University May 21, MoST’15, in conjunction.

DISTRIBUTED CONSISTENCY MANAGEMENT IN A SINGLE ADDRESS SPACE DISTRIBUTED OPERATING SYSTEM Sombrero.

The Jukebox Orian Paz & Yair Cleper Instructor: Viktor Kulikov Semester: Spring 2009 Final Presentation.

James Tam Web Browsers In this section of notes you will learn about the web browsing process, some of the important features of popular browsers and a.

Progress Report 11/1/01 Matt Bridges. Overview Data collection and analysis tool for web site traffic Lets website administrators know who is on their.

Firefox 2 Feature Proposal: Remote User Profiles TeamOne August 3, 2007 TeamOne August 3, 2007.

Reusability and Portability Chapter 8 CSCI Reusability and Portability  The length of the development process is critical.  No matter how high.

Lesson 18: Configuring Application Restriction Policies

An Introduction To Flash Application Development Greg Dietsche.

Efficient Privilege De-Escalation for Ad Libraries in Mobile Apps Bin Liu (SRA), Bin Liu (CMU), Hongxia Jin (SRA), Ramesh Govindan (USC)

Google Chrome Your Customized Google Buddy April 2012 John Riley and Denise Tate-Kuhler.

Working with Applications Lesson 7. Objectives Administer Internet Explorer Secure Internet Explorer Configure Application Compatibility Configure Application.

Panorama: Capturing System-wide Information Flow for Malware Detection and Analysis Authors: Heng Yin, Dawn Song, Manuel Egele, Christoper Kruegel, and.

Computer Organization

Testing. Definition From the dictionary- the means by which the presence, quality, or genuineness of anything is determined; a means of trial. For software.

May08-21 Model-Based Software Development Kevin Korslund Daniel De Graaf Cory Kleinheksel Benjamin Miller Client – Rockwell Collins Faculty Advisor – Dr.

SOFTWARE ENGINEERING1 Introduction. Software Software (IEEE): collection of programs, procedures, rules, and associated documentation and data SOFTWARE.

Gaurav Aggarwal and Elie Bursztein, Collin Jackson, Dan Boneh, USENIX (Aug.,2010) A N A NALYSIS OF P RIVATE B ROWSING M ODES IN M ODERN B ROWSERS 1.

Internet Browsers and Add-ons Popular browsers Browser stats (shown in talk) What a browser does Javascript (shown in talk) * Add-ons * Also see an explanation.

ZigZag: Automatically Hardening Web Applications Against Client-side Validation Vulnerabilities Presented by Xianchen Meng CSCI 680 Advanced System and.

New uPortal Contributions from the University of Wisconsin-Madison Jim Helwig University of Wisconsin-Madison Eric Dalquist Unicon, Inc. JA-SIG December.

Chapter 2 Operating System Overview

Static Testing Code Review/Verification –Code is reviewed by the developer after each change Individually and with code sessions –Use of Visual Studio’s.

CE Operating Systems Lecture 3 Overview of OS functions and structure.

CSE 4481 Computer Security Lab Mark Shtern. INTRODUCTION.

Copyright © cs-tutorial.com. Overview Introduction Architecture Implementation Evaluation.

Operating Systems Structure what is the organizational principle?

Presentation to Area 2 Computer and Technology Group 15 May 2013.

M. Alexander Helen J. Wang Yunxin Liu Microsoft Research 1 Presented by Zhaoliang Duan.

Android System Security Xinming Ou. Android System Basics An open-source operating system for mobile devices (AOSP, led by Google) – Consists of a base.

Lecture 18 Windows – NT File System (NTFS)

OPTIMISING USER INTERFACES FOR MOBILE COMPUTER ASSISTED INTERVIEWING DEVICES Prepared By Otyek Ronald James Uganda Bureau of Statistics Presented at the.

1 Isolating Web Programs in Modern Browser Architectures CS6204: Cloud Environment Spring 2011.

The Future of Mobile E-Health Application Development Exploring HTML5 for Context-aware Diabetes Monitoring Speaker: Nishant Chettri.

Web Browsing *TAKE NOTES*. Millions of people browse the Web every day for research, shopping, job duties and entertainment. Installing a web browser.

Dynamic Vetting Android Applications for Privilege-escalation Risks Jiaojiao Fu 1.

Mokka, main guidelines and future P. Mora de Freitas Laboratoire Leprince-Ringuet Ecole polytechnique - France Linear collider Workshop 2004, Paris.

Lesson 6: Controlling Access to Local Hardware and Applications

Security-Enhanced Linux Stephanie Stelling Center for Information Security Department of Computer Science University of Tulsa, Tulsa, OK

Google Web Toolkit for Mobile Applications Development INGENUITY AT ITS BEST……………….

丁建文國立高雄應用科大資管系副教授兼任計網中心軟體發展組組長跨平台行動應用軟體開發技術 : HTML5 & Mobile JavaScript Framework 暨南大學.

Computer Software. Two Major Types of SW System SW Programs that generally perform the background tasks in a computer. These programs, many times, talk.

111 State Management Beginning ASP.NET in C# and VB Chapter 4 Pages

Maninda Edirisooriya. Introduction Extension for Google Chrome. Privacy protection system for online chat. Encrypts chat text using 128 bit AES. Decrypts.

CLOUD ARCHITECTURE Many organizations and researchers have defined the architecture for cloud computing. Basically the whole system can be divided into.

Operating System Structures

Boxify: Full-fledged App Sandboxing for Stock Android

Lesson 4: Web Browsing.

DCR ARB Presentation Team 5: Tour Conductor.

An Introduction To Flash Application Development

State your reasons or how to keep proofs while optimizing code

Chapter 2: System Structures

Application Prefetch Files Prefetch Files

Lesson 4: Web Browsing.

Outline Chapter 2 (cont) OS Design OS structure

Recitation on AdFisher

System calls….. C-program->POSIX call

Presentation transcript:

UCognito: Private Browsing without Tears Meng Xu, Yeongjin Jang, Xinyu Xing, Taesoo Kim, and Wenke Lee Present by Zhang He

Keywords Privacy Browser

Private Browsing

Privacy Goals Stealthiness: should not be stored Freshness: persistent data should not be used

Overview Research Problem Motivation Major research Evaluation Uverifier Ucognito Evaluation Conclusion Quiz

Chrome and FireFox How do they support the private browsing?

Complexity to implement

Limitation Each add-on has to take a special care on private mode This amount of complexity results in many privacy issues in popular add-on.

Bug report samples related to private mode implementation in Firefox and Chrome.

Caveat Interface for Add-on FireFox: takes the approach of manual app re-view Chrome:

Testing private browsing Goal: employ a systematic way to identify and support the features/components that persist data during a browsing session Environment:feasible with a small code base and in a slow development cycle

Overview Research Problem Existing Problem and Motivation Major research Uverifier Ucognito Evaluation Conclusion Quiz

Uverifier: Privacy Violation Detector Three major components: • a script-based driver that drives a browsing session • a system call tracer • an analyzer Test: • To test stealthiness goal, we run one private session (A) only. • To test freshness goal, we run one public session (A) and one private session (B) consecutively.

Privacy Violations OCSP cache PNaCl translation cache Nvidia’s OpenGL cache

Ucognito Filesystem sandboxing Policy system kicks in at two points

Policy System • CLEAN: create an empty file to prevent file-copying from the original user profile to the private profile • COPY: copy a file or sub-directory to the private profile from existing user profile, to employ existing settings • WRITE: allow data to be written back to the user profile after the session closes

IMPLEMENTATION Sandboxing Layer System call hooking: Placed hooks on 50 system calls Containing file access: rewrite the path argument on each system call entrance first argument (path) is on /home/user/.config rewrite the path to /tmp/ucognito-pid/home/user/.config

UI Layer

Launching a Private Mode Example: Google Chrome web browser Whole procedure: 1. Initialization phase 2. Browser starting phase 3. Browsing phase 4. Cleaning phase

Overview Research Problem Motivation Major research Evaluation Uverifier Ucognito Evaluation Conclusion Quiz

Evaluation What are the use cases for UCOGNITO? 2. How flexible and general is UCOGNITO’s policy in implementing private browsing schemes of popular browsers? 3. How much is the performance overheads?

Preventing Privacy Violations OCSP cache PNaCl translation cache Nvidia’s OpenGL cache UCOGNITO is able to mitigate all these privacy violation cases

Supporting Add-ons

Policy Flexibility

Browsing Performance

Overview Research Problem Motivation Major research Evaluation Uverifier Ucognito Evaluation Conclusion Quiz

CONCLUSION Problem: Contribution: Limitation: Private browsing is not implemented consistently and correctly in major browsers Contribution: Uverifier Ucognito Stop all known privacy leaks Overhead (1-2.5%) Limitation: Only applied to Chrome and FireFox

Overview Research Problem Motivation Major research Evaluation Uverifier Ucognito Evaluation Conclusion Quiz

Quiz Q1:What is the most important thing(goal) to privacy browsing? Q2:Why Ucognito don’t requires to change browsers and system kernel? Q3:When we use CLEAN policy, what will we do if a path is specified as CLEAN?

Thank you!