skip to main content

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


Title: Web Browser Security and Privacy
This report will analyze issues related to web browser security and privacy. The web browser applications that will be looked at are Google Chrome, Bing, Mozilla Firefox, Internet Explorer, Microsoft Edge, Safari, and Opera. In recent months web browsers have increased the number of daily users. With the increase in daily users who may not be as well versed in data security and privacy, comes an increase in attacks. This study will discuss the pros and cons of each web browser, how many have been hacked, how often they have been hacked, why they have been hacked, security flaws, and more. The study utilizes research and a user survey to make a proper analysis and provide recommendations on the topic.  more » « less
Award ID(s):
1754054
PAR ID:
10344954
Author(s) / Creator(s):
;
Date Published:
Journal Name:
ADMI 2022:The Symposium of Computing at Minority Institutions
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. ; ( , ADMI 2021: The Symposium of Computing at Minority Institutions)
    null (Ed.)
    Web Browsers have storage components and external software that aid in creating an enjoyable and functioning browser experience. Web browser history, cookies, ActiveX controls, and extensions all have vulnerabilities that are exploited by hackers, websites, and the web browsers themselves. Users are putting themselves at risk for an attack on their browser, possibly even their systems if they do not take the proper actions to secure their browser and keep their information private. This paper will discuss the aspects of the web browser named above, their security issues, and what can be done to stay protected. 
    more » « less
  2. ; ; ; ; ; ; ; ; ; ; et al ( , WWW '20: Proceedings of the Web Conference 2020)
    Website privacy policies sometimes provide users the option to opt-out of certain collections and uses of their personal data. Unfortunately, many privacy policies bury these instructions deep in their text, and few web users have the time or skill necessary to discover them. We describe a method for the automated detection of opt-out choices in privacy policy text and their presentation to users through a web browser extension. We describe the creation of two corpora of opt-out choices, which enable the training of classifiers to identify opt-outs in privacy policies. Our overall approach for extracting and classifying opt-out choices combines heuristics to identify commonly found opt-out hyperlinks with supervised machine learning to automatically identify less conspicuous instances. Our approach achieves a precision of 0.93 and a recall of 0.9. We introduce Opt-Out Easy, a web browser extension designed to present available opt-out choices to users as they browse the web. We evaluate the usability of our browser extension with a user study. We also present results of a large-scale analysis of opt-outs found in the text of thousands of the most popular websites. 
    more » « less
  3. ; ; ( , Proceedings of the 22nd ACM Internet Measurement Conference)
    We conduct the first systematic study of the effectiveness of Web Audio API-based browser fingerprinting mechanisms and present new insights. First, we show that audio fingerprinting vectors, unlike other prior vectors, reveal an apparent fickleness with some users' browsers giving away differing fingerprints in repeated attempts. However, we show that it is possible to devise a graph-based analysis mechanism to collectively consider all the different fingerprints left by users' browsers and thus craft a highly stable fingerprinting mechanism. Next, we investigate the diversity of audio fingerprints and compare this with prior fingerprinting techniques. Our results show that audio fingerprints are much less diverse than other vectors with only 95 distinct fingerprints among 2093 users. At the same time, further analysis shows that web audio fingerprinting can potentially bring considerable additive value to existing fingerprinting mechanisms. For instance, our results show that the addition of web audio fingerprinting causes a 9.6\% increase in entropy when compared to using Canvas fingerprinting alone. We also show that our results contradict the current security and privacy recommendations provided by W3C regarding audio fingerprinting. 
    more » « less
  4. ; ( , The 2023 ADMI Symposium)
    This report will discuss and analyze the risks and different challenges which are accompanied when completing remote work and learning. Specifically, this paper will focus on this trends’ effect, during the 2019 Coronavirus pandemic (COVID-19). The different applications that will be included in this research are Slack, Zoom, Skype, Microsoft Teams, Google Meets, Trello, Webex, and Troop Messenger. In recent months, there has been a complete increase in the amount of people worldwide that use these platforms. However, the majority of users do not fully understand security and privacy when using these different platforms. Due to this lack of knowledge, this comes with an increase in attacks. This study will further discuss the different pros and cons of each of the different platforms (mentioned above); the applications that have been breached, how often they were breached, different flaws, vulnerabilities of each system and more. This study coherently uses and assesses its credibility with the assistance of research, a user survey, and past research studies on this topic. 
    more » « less
  5. ; ; ; ; ; ; ( , Human factors in computing systems)
    Strong end-user security practices benefit both the user and hosting platform, but it is not well understood how companies communicate with their users to encourage these practices. This paper explores whether web companies and their platforms use different levels of language formality in these communications and tests the hypothesis that higher language formality leads to users’ increased intention to comply. We contribute a dataset and systematic analysis of 1,817 English language strings in web security and privacy interfaces across 13 web platforms, showing strong variations in language. An online study with 512 participants further demonstrated that people perceive differences in the language formality across platforms and that a higher language formality is associated with higher self-reported intention to comply. Our findings suggest that formality can be an important factor in designing effective security and privacy prompts. We discuss implications of these results, including how to balance formality with platform language style. In addition to being the first piece of work to analyze language formality in user security, these findings provide valuable insights into how platforms can best communicate with users about account security. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email