Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 CPSC156: The Internet Co-Evolution of Technology and Society Lecture 22: April 17, 2007 Browser-based Security and Privacy Tools.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "1 CPSC156: The Internet Co-Evolution of Technology and Society Lecture 22: April 17, 2007 Browser-based Security and Privacy Tools."— Presentation transcript:

1 1 CPSC156: The Internet Co-Evolution of Technology and Society Lecture 22: April 17, 2007 Browser-based Security and Privacy Tools

2 2 Privacy and Security Problems Phishing – Spam directs users to spoofed websites – Malicious programs/websites steal info Passwords – Same password used at multiple websites Transaction Generators – “Hijack” user's session with a website

3 3 Stanford Anti-Phishing Projects http://crypto.stanford.edu/antiphishing SpoofGuard – Notify user about spoofed websites PwdHash – Transparently manage website-specific passwords SafeCache/SafeHistory – Prevent website from learning your prior behavior SpyBlock – Prevent unauthorized transactions

4 4 Spoofed Websites Why create them? – Steal private info (passwords, SSN, etc.) Users directed to fake websites – Easy to create website – Easy to imitate authentic websites Users typically enticed via spam – Easy to craft believable email – Easy to distribute email widely Examples: http://www.millersmiles.co.uk/http://www.millersmiles.co.uk/

5 5 Traditional Indications Indications – Suspicious URLs For example: http://www.ebay.com@129.170.213.101/ Requires user to read URL in address bar – Non-HTTPS URL Most authentic websites requiring senstive information use HTTPS Most spoofed websites don't use HTTPS Requires user to read URL in address bar or notice the “lock” icon Problems – Users don't read carefully – Users don't understand what they see

6 6 SpoofGuard: Overview Goal: Automate detection of spoofs – Don't rely on reactive measures (e.g., blacklists) ‏ Idea: Score each page visited – Score correlated with believe that webpage is a spoof Notify user of scoring results – Low suspicion: traffic light – High suspicion: force user to acknowledge popup Availability: Internet Explorer plugin

7 7 SpoofGuard: Scoring Criteria URLs and Links – Does the URL have a suspicious pattern? Images – Keep database of images and their domains – Are a page's images similar to ones from a different domain? Passwords – If page asks for a password, does it use HTTPS and have valid certificate? Referring Address – Was user referred from an email message (e.g., Hotmail)? Post Data – Store (hash of) posted data and domain – Is posted data same as data previously posted to a different domain?

8 8 SpoofGuard: Notification Traffic light in toolbar – Indicates score assigned to the page Popup notification – Forces user confirmation – Popup on any detected spoof; or – Popup only when user submits information Intercepts form submission Spoofs usually harmless when only viewing

9 9 The Same-Origin Principle Began with Netscape Navigator 2.0 – “prevents document[s] or script[s] loaded from one origin from getting or setting properties of a document from a different origin.“ http://www.mozilla.org/projects/security/components/same-origin.html http://www.mozilla.org/projects/security/components/same-origin.html Why? – Information provided to/from a website should not be directly available to another website unless user explicitly provides it Applied to cookies (we've seen this before)

10 10 Types of Tracking Single-session / Multiple-session – Normal web features (e.g., via special URLs, cookies) ‏ Cooperative tracking – 3rd-party cookies, JavaScript, tags Semi-cooperative tracking – Post link to external image on a forum Non-cooperative tracking – What can one learn without explicitly adding content to another site? We'll see...

11 11 SafeHistory and SafeCache

12 12 Content and DNS Caches Why store recently-used information? – Load pages faster, save bandwidth Timing attacks – Content cache 1)User visits www.ebay.comwww.ebay.com 2)User visits www.phishingsite.com, which measures how long it takes to load eBay logowww.phishingsite.com – DNS cache 1)User visits www.ebay.comwww.ebay.com 2)User visits www.phishingsite.com, which measures how long it takes to lookup IP address for www.ebay.comwww.phishingsite.comwww.ebay.com

13 13 Loading From the Cache Assume http://www.mysite.com/index.html contains this HTML: http://www.mysite.com/index.html Two different players – Embedding site (mysite.com) The “carrier” for the image – Hosting site (microsoft.com) Location in the network of the image being displayed

14 14 SafeCache: Overview Cached content is associated with embedding site Whats the difference? – Normally: Request for same hosted content is loaded from cache regardless of embedding site. – With SafeCache: Request for hosted content is loaded from cache only if same embedding site previously cached it. Availability: Mozilla Firefox add-on

15 15 Visited Links Browser stores history of visited pages Visited links and unvisited links differentiated – Usually by color – Convenience to user But... – Font color can be read by page itself JavaScript and Cascading Style Sheets – Phishing page can determine which websites the user has previously visited

16 16 SafeHistory: Overview Only two hosts can know if a page is visited – Host of the referrer – Host of the page itself Why only these two hosts? – Referrer could learn this information anyways (it can craft special hyperlinks) – The host of the page itself knows anyways (it can check its server logs) Availability: Mozilla Firefox add-on

17 17 Password Security Basic Problems – Many passwords easy to guess Based on common words Based on easily discoverable information (e.g., pet name, last name, etc.) Traditional recommendation: use “random” combination of letters and numbers (hard to remember!) – Same password used at multiple websites Stealing password from weakly-secured website gives access to account at highly-secured website Traditional recommendation: use different password at each website (also hard to remember!)

18 18 Some Other Solutions Password list managers – Store usernames/passwords for each site – Cons: lack of portability, must consult list each time Limited-time Passwords – Example: RSA SecurID Code on device changes every 60 seconds User's password is combination of master password and code displayed on device Cons: must carry device, typically only for single domain

19 19 PwdHash: Overview Let user remember a single “master” password Transparently convert password into site-specific password As a bonus, provides protection from common phishing attacks! Availability: Mozilla Firefox add-on

20 20 PwdHash: How It Works 1)Find all password fields on a page  2)User enters '@@' before typing password  Signals browser to begin capturing password 3)Browser captures the user password and computes hash: HMAC pwd (domain-name) 4)Hash is stored in password field and submitted to website in place of master password

21 21 PwdHash: Other Features Protection against common phishing attacks – Domain name is part of hash generation – Example: HMAC ”password” (bankofamerica.com) = “y8JSLKDPFO” HMAC ”password” (bankofamericas.com) = “pDVn5u7UYO” Usable when roaming – http://www.pwdhash.com/ http://www.pwdhash.com/ – Generates hash within the browser (via JavaScript) – Neither master password nor generated password are ever communicated over network

22 22 PwdHash: Why the '@@'? Consider the straightforward approach – Translate passwords when user leaves form field – Use domain name from target of the form But... webpages can execute code (JavaScript) – Monitor keyboard – Change form target before it is submitted Before submission: After submission:

23 23 PwdHash: Limitations Runs inside browser – No protection against DNS attacks – No protection against spyware – Limited protection for Flash

24 24 Is Password Security Enough? Consider this scenario 1)User logs into www.ebay.comwww.ebay.com 2)Interacts with website as usual, possibly bidding on items and making purchases But... – Malicious software can send messages over authenticated session – These are called transaction generators (TGs)

25 25 How TGs Work 1)User logs into website with username and password 2)Website issues “session cookie” which is sent by the user with subsequent messages 3)TG can access this session cookie 4)TG initiates its own transactions using the session cookie TG never needs to know the user's password!

26 26 SpyBlock: Overview Browser and all applications run within virtual machine (VM) User confirms transactions in trusted environment Availability: Mozilla Firefox add-on under Windows Vista

27 27 SpyBlock: The Pieces Virtual Machine – Essentially, an operating system running within another operating system Authentication Agent – Runs outside virtual machine, not alongside browser and other applications – Prompts user to confirm transactions Browser Helper – Allows browser to initiate transaction confirmation – Cannot confirm transactions itself

28 28 SpyBlock: Confirmation 1)Website requests confirmation (request accompanied with transaction details) 2)Browser helper passes transaction details to authentication helper 3)Authentication agent and website have shared key K (or they generate one if necessary) 4)Authentication agent computes hash: T = HMAC K (transaction details) 5)Authentication agent passes T to browser helper, which submits it to the website 6)Website can compute HMAC K (transaction details) itself and verify against T

29 29 SpyBlock: Downsides Website must support SpyBlock transaction confirmations Though available for free, most people don't run virtual machines Security may be compromised as soon as user runs a single untrusted application outside virtual machine

Download ppt "1 CPSC156: The Internet Co-Evolution of Technology and Society Lecture 22: April 17, 2007 Browser-based Security and Privacy Tools."

Similar presentations

SOCIAL WEB MEDIA privacy and data mining part 2 4/12/2010.

SOCIAL WEB MEDIA privacy and data mining part 2 4/12/2010.
Protecting Browser State from Web Privacy Attacks Collin Jackson, Andrew Bortz, Dan Boneh, John Mitchell Stanford University.

Protecting Browser State from Web Privacy Attacks Collin Jackson, Andrew Bortz, Dan Boneh, John Mitchell Stanford University.
WEB DESIGN TABLES, PAGE LAYOUT AND FORMS. Page Layout Page Layout is an important part of web design Why do you think your page layout is important?

WEB DESIGN TABLES, PAGE LAYOUT AND FORMS. Page Layout Page Layout is an important part of web design Why do you think your page layout is important?
Lecture 6/2/12. Forms and PHP The PHP $_GET and $_POST variables are used to retrieve information from forms, like user input When dealing with HTML forms.

Lecture 6/2/12. Forms and PHP The PHP $_GET and $_POST variables are used to retrieve information from forms, like user input When dealing with HTML forms.
Building web applications on top of encrypted data using Mylar Presented by Tenglu Liang Tai Liu.

Building web applications on top of encrypted data using Mylar Presented by Tenglu Liang Tai Liu.
How the Internet Works Course Objectives Introduce the various web browsers Introduce some new terms Explain the basic Internet to PC hookup  ISP  Wired.

How the Internet Works Course Objectives Introduce the various web browsers Introduce some new terms Explain the basic Internet to PC hookup  ISP  Wired.
Users Are Not Dependable How to make security indicators that protect them better Min Wu, Simson Garfinkel, Robert Miller MIT Computer Science and Artificial.

Users Are Not Dependable How to make security indicators that protect them better Min Wu, Simson Garfinkel, Robert Miller MIT Computer Science and Artificial.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
CMSC 414 Computer and Network Security Lecture 24 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 24 Jonathan Katz.
Internet Phishing Not the kind of Fishing you are used to.

Internet Phishing Not the kind of Fishing you are used to.
Chapter 7: The Web and E-mail1 The Web and E-mail Chapter 7.

Chapter 7: The Web and 1 The Web and Chapter 7.
Content  Overview of Computer Networks (Wireless and Wired)  IP Address, MAC Address and Workgroups  LAN Setup and Creating Workgroup  Concept on.

Content  Overview of Computer Networks (Wireless and Wired)  IP Address, MAC Address and Workgroups  LAN Setup and Creating Workgroup  Concept on.
Online Security Tuesday April 8, 2003 Maxence Crossley.

Online Security Tuesday April 8, 2003 Maxence Crossley.
Stronger Password Authentication Using Browser Extensions Blake Ross, Collin Jackson, Nick Miyake, Dan Boneh, John Mitchell Stanford University

Stronger Password Authentication Using Browser Extensions Blake Ross, Collin Jackson, Nick Miyake, Dan Boneh, John Mitchell Stanford University
Context-Aware Phishing Attacks and Client-Side Defenses Collin Jackson Stanford University.

Context-Aware Phishing Attacks and Client-Side Defenses Collin Jackson Stanford University.
URL Obscuring COEN 152/252 Computer Forensics  Thomas Schwarz, S.J. 2004.

URL Obscuring COEN 152/252 Computer Forensics  Thomas Schwarz, S.J
Web Proxy Server Anagh Pathak Jesus Cervantes Henry Tjhen Luis Luna.

Web Proxy Server Anagh Pathak Jesus Cervantes Henry Tjhen Luis Luna.
FIRST COURSE Computer Concepts Internet and Email Microsoft Office Get to Know Your Computer.

FIRST COURSE Computer Concepts Internet and Microsoft Office Get to Know Your Computer.
The Internet & The World Wide Web Notes

The Internet & The World Wide Web Notes
Cookies COEN 351 E-commerce Security. Client / Session Identification HTTP does not maintain state. State Information can be passed using: HTTP Headers.

Cookies COEN 351 E-commerce Security. Client / Session Identification HTTP does not maintain state. State Information can be passed using: HTTP Headers.

Similar presentations

Ads by Google