Building Trusted Paths for Web Browsers

The communication between the Web browser and the human user is one component of the server-client channel. It is not the user but the browser that receives all server information and establishes the secure connection. The browser\u27s user interface signals, such as SSL lock, https protocol header et al., indicate whether the browser-server communication at the current moment is secure. Those user interface signals indicating the security status of browser should be clearly and correctly understood by the user. A survey of modern Web browsers shows the information provided by current browsers is insufficient for users to make trust judgment. Our Web spoofing work further proved that the browser status information is not reliable either. We discuss the criteria for and how to build the trusted paths between a browser and a human user. We present an open source implementation of one of the designs--synchronized random dynamic (SRD) boundary, based on Modified Mozilla source code, together with its usability study results

Trusted Paths for Browsers: An Open-Source Solution to Web Spoofing

The security of the vast majority of ``secure\u27\u27 Web services rests on SSL server PKI. However, this PKI doesn\u27t work if the the adversary can trick the browser into appearing to tell the user the wrong thing about the certificates and cryptography. The seminal web spoofing work of Felten et al demonstrated the potential, in 1996, for malicious servers to impersonate honest servers. Our recent follow-up work explicitly shows how malicious servers can still do this---and can also forge the existence of an SSL session and the contents of the alleged server certificate. This paper reports the results of our work to systematically defend against Web spoofing, by creating a trusted path from the browser to the user. Starting with the Mozilla source, we have implemented techniques that protect a wide variety of browser-user communications, that require little participation by the user and minimal disruption of the displayed server content. We have prepared shell scripts that install these modifications on the Mozilla source, to enable others to replicate this work. In on-going work, we are cleaning up and fine-tuning our code. In future work, we hope to examine more deeply the role of user interfaces in enabling users to make effective trust judgments

Web Spoofing Revisited: SSL and Beyond

Can users believe what their browsers tell them? Even sophisticated Web users decide whether or not to trust a server based on browser cues such as location bar information, SSL icons, SSL warnings, certificate information, and response time. In their seminal work on Web spoofing, Felten et al showed how, in 1996, a malicious server could forge some of these cues. However, this work used genuine SSL sessions, and Web technology has evolved much since 1996. The Web has since become the pre-eminent medium for electronic service delivery to remote users, and the security of many commerce, government, and academic network applications critically rests on the assumption that users can authenticate the servers with which they interact. This situation raises the question: is the browser-user communication model today secure enough to warrant this assumption? In this paper, we answer this question by systematically showing how a malicious server can forge every one of the above cues. Our work extends the prior results by examining contemporary browsers, and by forging all of the SSL information a client sees, including the very existence of an SSL session (thus providing a cautionary tale about the security of one of the most common applications of PKI). We have made these techniques available for public demonstration, because anything less than working code would not convincingly answer the question. We also discuss implications and potential countermeasures, both short-term and long-term

Web Spoofing 2001

The Web is currently the pre-eminent medium for electronic service delivery to remote users. As a consequence, authentication of servers is more important than ever. Even sophisticated users base their decision whether or not to trust a site on browser cues---such as location bar information, SSL icons, SSL warnings, certificate information, response time, etc. In their seminal work on web spoofing, Felten et al showed how a malicious server could forge some of these cues---but using approaches that are no longer reproducible. However, subsequent evolution of Web tools has not only patched security holes---it has also added new technology to make pages more interactive and vivid. In this paper, we explore the feasibility of web spoofing using this new technology---and we show how, in many cases, every one of the above cues can be forged. In particular, we show how a malicious server can forge all the SSL information a client sees---thus providing a cautionary tale about the security of one of the most common applications of PKI. We stress that these techniques have been implemented, and are available for public demonstration

Browsers Defenses Against Phishing, Spoofing and Malware

Web users are increasingly victims of phishing, spoofing and malware attacks. In this article, we discuss existing and proposed defense mechanisms. We highlight the vulnerabilities of current defenses, and the challenges of validating and adopting new defenses

Department of Computer Science Activity 1998-2004

This report summarizes much of the research and teaching activity of the Department of Computer Science at Dartmouth College between late 1998 and late 2004. The material for this report was collected as part of the final report for NSF Institutional Infrastructure award EIA-9802068, which funded equipment and technical staff during that six-year period. This equipment and staff supported essentially all of the department\u27s research activity during that period

Enhancing End User Security - Attacks & Solutions

End user computing environments, e.g. web browsers and PC operating systems, are the target of a large number of attacks, both online and offline. The nature of these attacks varies from simple online attacks, such as user tracking using cookies, to more sophisticated attacks on security protocols and cryptographic algorithms. Other methods of attack exist that target end user applications that utilise and interact with cryptographic functions provided by the PC operating system. After providing a general introduction to the security techniques and protocols used in this thesis, a review of possible threats to end user computing environments is given, followed by a discussion of the countermeasures needed to combat these threats. The contributions of this thesis include three new approaches for enhancing the security of end user systems, together with an analysis and a prototype implementation of an end user security enhancement tool. The following paragraphs summarise the three main contributions of this thesis. Digitally signing a digital document is a straightforward procedure; however, when the digital document contains dynamic content, the digital signature may remain valid but the viewed document may not be the same as the document when viewed by the signer. A new solution is proposed to solve the problem; the main idea behind the solution is to make the application aware of the sensitive cryptographic function being requested. In order to verify a digital signature computed on a document or any other object (e.g. an executable), access to the public key corresponding to the private key used to sign the document is required. Normally, the public part of the key is made available in a digital 'certificate', which is made up of the public key of the signer, the name of the signer, and other data, all signed using the private signing key of a trusted third party known as a Certification Authority (CA). To verify such a certificate, and thereby obtain a trusted copy of the document signer's public key, a trusted copy of the CA's public key is required. If a malicious party can insert a fake CA public key into the list of CA public keys stored in a PC, then this party could potentially do considerable harm to that PC, since this malicious party could then forge signatures apparently created by other entities. A method of achieving such an attack without attracting the user's attention is presented in this thesis. Countermeasures that can be deployed to prevent the insertion of a fake root public key are discussed. A suggested solution that can be used to detect and remove such fake keys is presented, and a prototype implementation of this solution is described. SSL/TLS supports mutual authentication, i.e. both server and client authentication, using public key certificates. However, this optional feature of SSL/TLS is not widely used because most end users do not have a certified public key. Certain attacks rely on this fact, such as web spoofing and phishing attacks. A method for supporting client-side SSL authentication using trusted computing platforms is proposed. The proposed approach makes a class of phishing attacks ineffective; moreover, the proposed method can also be used to protect against other online attacks

Enhancing Web Browsing Security

Web browsing has become an integral part of our lives, and we use browsers to perform many important activities almost everyday and everywhere. However, due to the vulnerabilities in Web browsers and Web applications and also due to Web users\u27 lack of security knowledge, browser-based attacks are rampant over the Internet and have caused substantial damage to both Web users and service providers. Enhancing Web browsing security is therefore of great need and importance.;This dissertation concentrates on enhancing the Web browsing security through exploring and experimenting with new approaches and software systems. Specifically, we have systematically studied four challenging Web browsing security problems: HTTP cookie management, phishing, insecure JavaScript practices, and browsing on untrusted public computers. We have proposed new approaches to address these problems, and built unique systems to validate our approaches.;To manage HTTP cookies, we have proposed an approach to automatically validate the usefulness of HTTP cookies at the client-side on behalf of users. By automatically removing useless cookies, our approach helps a user to strike an appropriate balance between maximizing usability and minimizing security risks. to protect against phishing attacks, we have proposed an approach to transparently feed a relatively large number of bogus credentials into a suspected phishing site. Using those bogus credentials, our approach conceals victims\u27 real credentials and enables a legitimate website to identify stolen credentials in a timely manner. to identify insecure JavaScript practices, we have proposed an execution-based measurement approach and performed a large-scale measurement study. Our work sheds light on the insecure JavaScript practices and especially reveals the severity and nature of insecure JavaScript inclusion and dynamic generation practices on the Web. to achieve secure and convenient Web browsing on untrusted public computers, we have proposed a simple approach that enables an extended browser on a mobile device and a regular browser on a public computer to collaboratively support a Web session. A user can securely perform sensitive interactions on the mobile device and conveniently perform other browsing interactions on the public computer

Untersuchungen zu Client-seitigem Cross-Site Scripting

The Web's functionality has shifted from purely server-side code to rich client-side applications, which allow the user to interact with a site without the need for a full page load. While server-side attacks, such as SQL or command injection, still pose a threat, this change in the Web's model also increases the impact of vulnerabilities aiming at exploiting the client. The most prominent representative of such client-side attacks is Cross-Site Scripting, where the attacker's goal is to inject code of his choosing into the application, which is subsequently executed by the victimized browsers in the context of the vulnerable site. This thesis provides insights into different aspects of Cross-Site Scripting. First, we show that the concept of password managers, which aim to allow users to choose more secure passwords and, thus, increase the overall security of user accounts, is susceptible to attacks which abuse Cross-Site Scripting flaws. In our analysis, we found that almost all built-in password managers can be leveraged by a Cross-Site Scripting attacker to steal stored credentials. Based on our observations, we present a secure concept for password managers, which does not insert password data into the document such that it is accessible from the injected JavaScript code. We evaluate our approach from a functional and security standpoint and find that our proposal provides additional security benefits while not causing any incompatibilities. Our work then focuses on a sub-class of Cross-Site Scripting, namely Client-Side Cross-Site Scripting. We design, implement and execute a study into the prevalence of this class of flaws at scale. To do so, we implement a taint-aware browsing engine and an exploit generator capable of precisely producing exploits based on our gathered data on suspicious, tainted flows. Our subsequent study of the Alexa top 5,000 domains shows that almost one out of ten of these domains carry at least one Client-Side Cross-Site Scripting vulnerability. We follow up on these flaws by analyzing the gathered flow data in depth in search of the root causes of this class of vulnerability. To do so, we first discuss the complexities inherent to JavaScript and define a set of metrics to measure said complexity. We then classify the vulnerable snippets of code we discovered according to these metrics and present the key insights gained from our analysis. In doing so, we find that the reasons for such flaws are manifold, ranging from simple unawareness of developers to incompatibilities between, otherwise safe, first- and third-party code. In addition, we investigate the capability of the state of the art of Cross-Site Scripting filters in the client, the XSS Auditor, finding that several conceptual issues exist which an attacker to subvert of its protection capabilities. We show that the Auditor can be bypassed on over 80% of the vulnerable domains in our data set, highlighting that it is ill-equipped to stop Client-Side Cross-Site Scripting. Motivated by our findings, we present a concept for a filter targeting Client-Side Cross-Site Scripting, combining taint tracking in the browser in conjunction with taint-aware HTML and JavaScript parsers, allowing us to robustly protect users from such attacks.Das Web hat sich gewandelt: von rein server-seitig implementierter Funktionalität zu mächtigen client-seitigen Applikation, die einem Benutzer die Interaktion mit einer Seite ohne Neuladen ermöglichen. Obwohl server-seitige Angriffe, wie etwa SQL- oder Command-Injections, weiterhin ein Risiko darstellen, erhöht sich durch die Änderung am Konzept des Webs auch die Auswirkung von client-seitigen An- griffen. Der bekannteste Vertreter solcher Verwundbarkeiten ist Cross-Site Script- ing (XSS), eine Code-Injection-Attacke, die darauf abzielt, dass der vom Angreifer eingeschleuste Code im Browser seines Opfers mit der verwundbaren Applikation interagieren kann. Diese Arbeit beschäftigt sich mit verschiedenen Aspekten von Cross-Site Script- ing. Zuerst legt sie die Funktionsweise von Passwort-Managern dar, die Benutzer bei der Wahl sichererer Passwörter unterstützen sollen. Eine Analyse des Konzepts an sich und aktueller Browser zeigt jedoch auf, dass Passwort-Manager anfällig für Cross-Site Scripting-Angriffe sind, die das Stehlen von gespeicherten Zugangsdaten ermöglichen. Basierend auf den Erkenntnissen stellt diese Arbeit daraufhin das Konzept eines Passwort-Managers vor, der Zugangsdaten für eingeschleusten Code unerreichbar macht. Die Evaluation in Hinblick auf Funktionalität und Sicherheit zeigt, dass sich durch den vorgestellten Ansatz Vorzüge für die Sicherheit bieten und der präsentierte Ansatz keinen negativen Einfluss auf bestehende Applikationen hat. Anschließend liegt der Fokus dieser Arbeit auf einer Unterklasse von XSS, dem Client-Seitigen Cross-Site Scripting. Sie präsentiert das Design, die Implementierung und die Durchführung einer Studie, deren Ziel es ist, die Verbreitung von Client-Seitigem XSS im Web zu erforschen. Dazu kombiniert die Arbeit einen Browser, der Taint Tracking unterstützt, und einen Exploit-Generator, der basierend auf den gesammelten Datenflüssen Exploits erzeugen kann. Die daraufhin durchgeführte Studie zeigt auf, dass fast jede zehnte Webseite in den Alexa Top 5000 Domains anfällig für Client-Seitiges Cross-Site Scripting ist. Anschließend analysiert diese Arbeit die gefundenen Schwachstellen ausführlich, um die zugrunde liegenden Ursachen von Client-Seitigem XSS zu erkunden. Dazu erläutert sie die Komplexität von JavaScript, leitet daraus Metriken zur Messung der Komplexität von verwundbarem Code ab, klassifiziert die erkannten Verwundbarkeiten und präsentiert die Schlüsselerkenntnisse. Dabei zeigt sich, dass Client-Seitiges Cross-Site Scripting sowohl durch Unwissen von Entwicklern, aber auch durch die Kombination von inkompatiblem eigenen und fremden Code verursacht wird. Im Anschluss analysiert diese Arbeit aktuelle XSS-Filter und zeigt auf, dass moderne Filter, wie der XSS Auditor, konzeptionelle Probleme aufweisen, die es einem Angreifer erlauben, den Filter auf 80% der verwundbaren Domains zu umgehen. Diese Arbeit präsentiert daraufhin ein neues Konzept, welches auf Taint Tracking basierend von einem Angreifer eingeschleusten Code im HTML- und JavaScript- Parser erkennt und stoppt. Dies ermöglicht es, Client-Seitiges XSS zu unterbinden, wobei ein akzeptabler Performanz-Verlust und geringe False Positives entstehen

Attribute-Based, Usefully Secure Email

A secure system that cannot be used by real users to secure real-world processes is not really secure at all. While many believe that usability and security are diametrically opposed, a growing body of research from the field of Human-Computer Interaction and Security (HCISEC) refutes this assumption. All researchers in this field agree that focusing on aligning usability and security goals can enable the design of systems that will be more secure under actual usage. We bring to bear tools from the social sciences (economics, sociology, psychology, etc.) not only to help us better understand why deployed systems fail, but also to enable us to accurately characterize the problems that we must solve in order to build systems that will be secure in the real world. Trust, a critically important facet of any socio-technical secure system, is ripe for analysis using the tools provided for us by the social sciences. There are a variety of scopes in which issues of trust in secure systems can be stud- ied. We have chosen to focus on how humans decide to trust new correspondents. Current secure email systems such as S/MIME and PGP/MIME are not expressive enough to capture the real ways that trust flows in these sorts of scenarios. To solve this problem, we begin by applying concepts from social science research to a variety of such cases from interesting application domains; primarily, crisis management in the North American power grid. We have examined transcripts of telephone calls made between grid manage- ment personnel during the August 2003 North American blackout and extracted several different classes of trust flows from these real-world scenarios. Combining this knowl- edge with some design patterns from HCISEC, we develop criteria for a system that will enable humans apply these same methods of trust-building in the digital world. We then present Attribute-Based, Usefully Secure Email (ABUSE) and not only show that it meets our criteria, but also provide empirical evidence that real users are helped by the system