PerfWeb: How to Violate Web Privacy with Hardware Performance Events

The browser history reveals highly sensitive information about users, such as financial status, health conditions, or political views. Private browsing modes and anonymity networks are consequently important tools to preserve the privacy not only of regular users but in particular of whistleblowers and dissidents. Yet, in this work we show how a malicious application can infer opened websites from Google Chrome in Incognito mode and from Tor Browser by exploiting hardware performance events (HPEs). In particular, we analyze the browsers' microarchitectural footprint with the help of advanced Machine Learning techniques: k-th Nearest Neighbors, Decision Trees, Support Vector Machines, and in contrast to previous literature also Convolutional Neural Networks. We profile 40 different websites, 30 of the top Alexa sites and 10 whistleblowing portals, on two machines featuring an Intel and an ARM processor. By monitoring retired instructions, cache accesses, and bus cycles for at most 5 seconds, we manage to classify the selected websites with a success rate of up to 86.3%. The results show that hardware performance events can clearly undermine the privacy of web users. We therefore propose mitigation strategies that impede our attacks and still allow legitimate use of HPEs

SafeScript: JavaScript transformation for policy enforcement

Approaches for safe execution of JavaScript on web pages have been a topic of recent research interest. A significant number of these approaches aim to provide safety through runtime mediation of accesses made by a JavaScript program. In this paper, we propose a novel, lightweight JavaScript transformation technique for enforcing security properties on untrusted JavaScript programs using source code interposition. Our approach assures namespace isolation between several principals within a single web page, and access control for sensitive browser interfaces. This access control mechanism is based on a whitelist approach to ensure soundness of the mediation. Our technique is lightweight, resulting in low run-time overhead compared to existing solutions such as BrowserShield and Caja. \ua9 2013 Springer-Verlag

Securing Legacy Firefox Extensions with SENTINEL

Abstract. A poorly designed web browser extension with a security vulnerability may expose the whole system to an attacker. Therefore, attacks directed at “benign-but-buggy ” extensions, as well as extensions that have been written with malicious intents pose significant security threats to a system running such components. Recent studies have indeed shown that many Firefox extensions are over-privileged, making them attractive attack targets. Unfortunately, users currently do not have many options when it comes to protecting themselves from extensions that may potentially be malicious. Once installed and executed, the extension needs to be trusted. This paper introduces Sentinel, a policy enforcer for the Firefox browser that gives fine-grained control to the user over the actions of existing JavaScript Firefox extensions. The user is able to define policies (or use predefined ones) and block common attacks such as data exfiltration, remote code execution, saved password theft, and preference modification. Our evaluation of Sentinel shows that our prototype implementation can effectively prevent concrete, realworld Firefox extension attacks without a detrimental impact on users’ browsing experience

SessionShield: Lightweight Protection against Session Hijacking

Abstract. The class of Cross-site Scripting (XSS) vulnerabilities is the most prevalent security problem in the field of Web applications. One of the main attack vectors used in connection with XSS is session hijacking via session identifier theft. While session hijacking is a client-side attack, the actual vulnerability resides on the server-side and, thus, has to be handled by the website’s operator. In consequence, if the operator fails to address XSS, the application’s users are defenseless against session hijacking attacks. In this paper we present SessionShield, a lightweight client-side protection mechanism against session hijacking that allows users to protect themselves even if a vulnerable website’s operator neglects to mitigate existing XSS problems. SessionShield is based on the observation that session identifier values are not used by legitimate clientside scripts and, thus, need not to be available to the scripting languages running in the browser. Our system requires no training period and imposes negligible overhead to the browser, therefore, making it ideal for desktop and mobile systems

Password meters and generators on the web: From large-scale empirical study to getting it right

Copyright \ua9 2015 ACM. Web services heavily rely on passwords for user authentication. To help users chose stronger passwords, password meter and password generator facilities are becoming increasingly popular. Password meters estimate the strength of passwords provided by users. Password generators help users with generating stronger passwords. This paper turns the spotlight on the state of the art of password meters and generators on the web. Orthogonal to the large body of work on password metrics, we focus on getting password meters and generators right in the web setting. We report on the state of affairs via a large-scale empirical study of web password meters and generators. Our findings reveal pervasive trust to third-party code to have access to the passwords. We uncover three cases when this trust is abused to leak the passwords to third parties. Furthermore, we discover that often the passwords are sent out to the network, invisibly to users, and sometimes in clear. To improve the state of the art, we propose SandPass, a general web framework that allows secure and modular porting of password meter and generation modules. We demonstrate the usefulness of the framework by a reference implementation and a case study with a password meter by the Swedish Post and Telecommunication Agency

Password meters and generators on the web: From large-scale empirical study to getting it right

Copyright \ua9 2015 ACM. Web services heavily rely on passwords for user authentication. To help users chose stronger passwords, password meter and password generator facilities are becoming increasingly popular. Password meters estimate the strength of passwords provided by users. Password generators help users with generating stronger passwords. This paper turns the spotlight on the state of the art of password meters and generators on the web. Orthogonal to the large body of work on password metrics, we focus on getting password meters and generators right in the web setting. We report on the state of affairs via a large-scale empirical study of web password meters and generators. Our findings reveal pervasive trust to third-party code to have access to the passwords. We uncover three cases when this trust is abused to leak the passwords to third parties. Furthermore, we discover that often the passwords are sent out to the network, invisibly to users, and sometimes in clear. To improve the state of the art, we propose SandPass, a general web framework that allows secure and modular porting of password meter and generation modules. We demonstrate the usefulness of the framework by a reference implementation and a case study with a password meter by the Swedish Post and Telecommunication Agency

Optimization of window settings for virtual monoenergetic imaging in dual-energy CT of the liver: a multi-reader evaluation of standard monoenergetic and advanced imaged-based monoenergetic datasets

OBJECTIVES: To evaluate optimal window settings for display of virtual monoenergetic reconstructions in third-generation dual-source, dual-energy computed tomography (DECT) of the liver. METHODS: Twenty-nine subjects were prospectively evaluated with DECT in arterial (AP) and portal venous (PVP) phases. Three reconstructed datasets were calculated: standard linearly-blended (LB120), 70-keV standard virtual monoenergetic (M70), and 50-keV advanced image-based virtual monoenergetic (M50+). Two readers assessed optimal window settings (width and level, W/L), establishing a mean for each reconstruction which was used for a blinded assessment of liver lesions. RESULTS: The optimal W/L for M50+ were significantly higher for both AP (W=429.3±44.6HU, L=129.4±9.7HU) and PVP (W=376.1±14.2HU, L=146.6±7.0HU) than for LB120 (AP, W=215.9±16.9HU, L=82.3±9.4HU) (PVP, W=173.4±8.9HU, L=69.3±6.0HU) and M70 (AP, W=247.1±22.2HU, L=72.9±6.8HU) (PVP, W=232.0±27.9HU, L=91.6±14.4HU). Use of the optimal window setting for M50+ vs. LB120 resulted in higher sensitivity (AP, 100% vs. 86%; PVP, 96% vs. 63%). CONCLUSIONS: Application of dedicated window settings results in improved liver lesion detection rates in advanced image-based virtual monoenergetic DECT when customized for arterial and portal venous phases

Nederland later II - thema klimaatadaptatie

Doel van de voorliggende studie naar klimaatadaptatie is om de ernst en urgentie van klimaatverandering, de mogelijke aanpassingsmogelijkheden en de effectiviteit, betaalbaarheid en haalbaarheid daarvan op een rij te zetten voor: • Het landelijke gebied, opgesplitst naar hoog- en laag Nederland en met aandacht voor droogte en watertekorten i.r.t. verdroging, verzilting en bodemdaling. • Het stedelijke gebied met aandacht voor droogte, hittestress en wateroverlast • Het rivierengebied specifiek voor transport over water • Waterveiligheid landelijk