DOCSLIB.ORG

Analyzing & Designing the Security of Shared Resources on Smartphone Operating Systems

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Analyzing & Designing the Security of Shared Resources on Smartphone Operating Systems c 2018 Soteris Demetriou ANALYZING & DESIGNING THE SECURITY OF SHARED RESOURCES ON SMARTPHONE OPERATING SYSTEMS —REVISED VERSION— BY SOTERIS DEMETRIOU DISSERTATION Submitted in partial fulfillment of the requirements for the degree of Doctor of Philosophy in Computer Science in the Graduate College of the University of Illinois at Urbana-Champaign, 2018 Urbana, Illinois Doctoral Committee: Professor Carl A. Gunter, Chair Professor Klara Nahrstedt Assistant Professor Adam M. Bates Professor XiaoFeng Wang, Indiana University Bloomington ABSTRACT Smartphone penetration surpassed 80% in the US and nears 70% in Western Europe. In fact, smartphones became the de facto devices users leverage to manage personal infor- mation and access external data and other connected devices on a daily basis. To support such multi-faceted functionality, smartphones are designed with a multi-process architecture, which enables third-party developers to build smartphone applications which can utilize smartphone internal and external resources to o↵er creative utility to users. Unfortunately, such third-party programs can exploit security inefficiencies in smartphone operating sys- tems to gain unauthorized access to available resources, compromising the confidentiality of rich, highly sensitive user data. The smartphone ecosystem, is designed such that users can readily install and replace applications on their smarpthones. This facilitates users’ e↵orts in customizing the capabil- ities of their smartphones tailored to their needs. Statistics report an increasing number of available smartphone applications—in 2017 there were approximately 3.5 million third-party apps on the offifial application store of the most popular smartphone platform. In addition we expect users to have approximately 95 such applications installed on their smartphones at any given point. However, mobile apps are developed by untrusted sources. On Android— which enjoys 80% of the smarpthone OS marketshare—application developers are identified based on self-sign certificates. Thus there is no good way of holding a developer account- able for a malicious behavior. This creates an issue of multi-tenancy on smartphones where principals from diverse untrusted sources share internal and external smartphone resources. Smartphone OSs rely on traditional operating system process isolation strategies to confine untrusted third-party applications. However this approach is insufficient because incidental seemingly harmless resources can be utilized by untrusted tenants as side-channels to by- pass the process boundaries. To make things worse, applications might include third-party libraries, for advertising or common recognition tasks. Such libraries share the process ad- dress space with their host apps and as such can inherit all the privileges the host app does. Identifying and mitigating these problems on smartphones is not a trivial process. Manual analysis on its own of all mobile apps is cumbersome and impractical, code analysis tech- niques su↵er from scalability and coverage issues, ad-hoc approaches are impractical and sucseptible to mistakes, while sometimes vulnerabilities are well hidden at the interplays between smartphone tenants and resources. In this work I follow an analytical approach to discover major security and privacy issues on smartphone platforms. I utilize the Android OS as a use case, because of its open-source ii nature but also its popularity. In particular I focus on the multi-tenancy characteristic of smartphones and identify the resources each tenant within a process, across processes and across devices can access. I design analytical tools to automate the discovery process, attacks to better understand the adversary models, and introduce design changes to the participating systems to enable robust fine-grained access control of resources. My approach revealed a new understanding of the threats introduced from third-party libraries within an application process; it revealed new capabilities of the mobile application adversary exploit- ing shared filesystem resources; and shows how a mobile app adversary can exploit shared communication mediums to compromise the confidentiality of the data collected by external devices (e.g. fitness and medical accessories, NFC tags etc.). Moreover, I show how we can eradicate these problems following an architectural design approach to introduce backward- compatible, e↵ective and efficient modifications in operating systems to achieve fine-grained application access to shared resources. Some of the problems we found are now addressed by Google, which overhauls the development of Android, the most popular smartphone OS. iii To my parents Yiannis and Maria, my brothers Michalis and Alexandros, my sister-in-law Georgia and my niece Florentia for their unconditional love and support. iv ACKNOWLEDGMENTS This thesis would have not been possible to realize without the invaluable support and guidance of my advisor and academic father Dr Carl A. Gunter. Professor Gunter trusted me to explore issues that I find interesting without any constraints. I consider myself privileged to be given the opportunity to work and learn from Dr. Gunter. I can not imagine having abetteradvisorandmentor. I would like to also thank Dr Xiaofeng Wang, whose indispensable guidance was continuous throughout my work. I was lucky during the beginning of my studies to meet with Professor Wang who got me involved in smartphone security, a topic which became the focus of my thesis. Unequivocally I learnt a lot during my interactions with Professor Wang both on how to find interesting problems and how to approach solving them. Special thanks to Dr Klara Nahrstedt and Adam M. Bates for their feedback and guidance. The final version of this thesis is shaped based on their astute observations. My sincere thanks also goes to Dr. Michael Grace and Dr. Xiaoyong Zhou who provided me with an opportunity to join their team as intern at Samsung Research America (SRA). At SRA I got exposed to real problems modern smartphone operating system vendors face and the approaches they take to tackle them. Lastly, I would like to thank all the people I got to work with during my Ph.D. studies: Dr. Carl A. Gunter; Dr. XiaoFeng Wang; Dr. Klara Nahrstedt; Dr. Kyu-Han Kim; Dr. Landon Cox; Dr. Patrick Tague; Dr. Xiaoyong Zhou; Dr. Muhammad Naveed; Dr. Michael Grace; Dr. Puneet Jain; Dr. Wei Yang; Dr. Aston Zhang; Dr. Yueh-Hsun Lin; Dr. Yuan Tian; Dr. Animesh Shrivastava; Dr. Wenrui Diao; Dr. Feng Qian; Dr. Kai Chen; Dr. Xinhui Han; Dr. Kehuan Zhang; Nan Zhang; Yeonjoon Lee; Dongjing He; Xiaorui Pan; Kan Yuan; Whitney Merrill; G¨uliz Seray Tuncay; Tongxin Li; Mingming Zha; Xianghang Mi; Peiyuan Zong; Karan Ganju. My interactions with all of them shaped me both as an academic and as a person. v TABLE OF CONTENTS CHAPTER 1 INTRODUCTION . 1 1.1 Motivation . 1 1.2 Problem Statement . 3 1.3 Approach ..................................... 4 1.4 Thesis Contributions . 7 1.5 Thesis Organisation . 9 CHAPTER 2 BACKGROUND . 10 2.1 AndroidOS .................................... 10 2.2 AndroidSecurityModel ............................. 14 2.3 Background on Techniques and Methodologies Used . 21 2.4 Android’sSharedResources . 22 CHAPTER3 LITERATUREREVIEW......................... 25 3.1 AdvertisingLibraries ............................... 25 3.2 InformationLeaksthrough FilesystemResources. 26 3.3 Shared Communication Channels . 27 3.4 Shared IoT Devices . 28 CHAPTER 4 SHARING PROCESS PRIVILEGES . 30 4.1 Introduction . 30 4.2 Analysis ...................................... 32 4.3 Detection Design . 42 4.4 Detection Evaluation . 51 4.5 UtilityandLimitations. 58 4.6 Summary . 61 CHAPTER 5 SHARING FILESYSTEM RESOURCES . 63 5.1 Introduction . 63 5.2 Analysis ...................................... 65 5.3 Mitigation Design . 82 5.4 Mitigation Evaluation . 85 5.5 Summary . 86 CHAPTER 6 SHARING DIRECT COMMUNICATION CHANNELS . 88 6.1 Introduction . 88 6.2 Analysis ...................................... 89 6.3 Mitigation Design . 105 6.4 Mitigation Evaluation . 118 6.5 Summary . 122 vi CHAPTER 7 SHARING DEVICES IN IoT ENVIRONMENTS . 123 7.1 Introduction . 123 7.2 Analysis ...................................... 126 7.3 Mitigation Design . 130 7.4 Mitigation Evaluation . 141 7.5 Discussion . 147 7.6 Summary . 149 CHAPTER8 DESIGNPRINCIPLES. 151 8.1 Contextual Threat Model . 153 8.2 Granularity of Mechanism . 154 8.3 Layered Responsibility . 157 CHAPTER 9 SUMMARY AND FUTURE DIRECTIONS . 160 9.1 Summary . 160 9.2 Contributions ................................... 162 9.3 Moving Forward . 164 REFERENCES....................................... 165 vii CHAPTER 1: INTRODUCTION 1.1 MOTIVATION Eleven years now, after the first iOS and Android enabled smartphones, the technology behemoths are now responsible for 90% [1] of total smartphone sales in 2018. These de- vices have revolutionized the way people communicate and manage personal and business tasks. Their unprecedented nature, which combines mobility, computational power and a model of easy to replace applications that can facilitate every facet of our everyday lives, constitute them an integral tool for people of any age. This very model, designed to leverage developers’ creativity to provide users with a menagerie of smartphone applications (apps for short) of any perceived purpose, led to the release of an astounding number of apps in official application markets. Statista reports an almost exponential increase in the number of available smartphone apps on the official application store
Load more

Recommended publications
  • Adscape: Harvesting and Analyzing Online Display Ads
    Adscape: Harvesting and Analyzing Online Display Ads Paul Barford Igor Canadi Darja Krushevskaja University of University of Rutgers University Wisconsin-Madison Wisconsin-Madison [email protected] [email protected] [email protected] Qiang Ma S. Muthukrishnan Rutgers University Rutgers University [email protected] [email protected] ABSTRACT online users and the increasing amount of time that peo- Over the past decade, advertising has emerged as the pri- ple spend online has led to an estimated $36B in online ad mary source of revenue for many web sites and apps. In spending in the US for FY2012, which represents an 15% this paper we report a first-of-its-kind study that seeks to increase over the previous year [2]. The majority of this broadly understand the features, mechanisms and dynamics spending is on advertising that most commonly appears in of display advertising on the web - i.e., the Adscape. Our search results as text ads. There is, however, a growing pref- study takes the perspective of users who are the targets of erence for display ads | typically image and video ads that display ads shown on web sites. We develop a scalable crawl- appear in response to users' browsing and other activities ing capability that enables us to gather the details of dis- on the web | that can convey more robust and visual mes- play ads including creatives and landing pages. Our crawling sages to users. A recent report by Forrester estimates that strategy is focused on maximizing the number of unique ads $12.7B was spent in the US on display and video advertising harvested.
    [Show full text]
  • Privacy Leakage in Personalized Mobile In-App Ads
    The Price of Free: Privacy Leakage in Personalized Mobile In-App Ads Wei Meng, Ren Ding, Simon P. Chung, Steven Han, and Wenke Lee College of Computing Georgia Institute of Technology {wei, rding, pchung34, s.han}@gatech.edu, [email protected] Abstract—In-app advertising is an essential part of the ecosys- always a concern. While ad personalization has been well tem of free mobile applications. On the surface, this creates a studied for web, relatively little research explores mobile ad win-win situation where app developers can profit from their personalization in terms of what user information is being work without charging the users. However, as in the case of collected. We believe research focused on mobile ad personal- web advertising, ad-networks behind in-app advertising employ ization is a significant pursuit for the following reasons: 1) personalization to improve the effectiveness/profitability of their Mobile devices are a lot more intimate to users; they are ad-placement. This need for serving personalized advertisements in turn motivates ad-networks to collect data about users and carried around at all times and are being used more and more profile them. As such, “free” apps are only free in monetary for sensitive operations like personal communications, dating, terms; they come with the price of potential privacy concerns. banking, etc. Therefore, privacy concerns regarding what infor- The question is, how much data are users giving away to pay for mation is collected for ad personalization are more serious. 2) “free apps”? Unlike in-browser advertising, where the advertisement content is strictly isolated from the rest of the displayed page by the In this paper, we study how much of the user’s interest and demographic information is known to these major ad networks well-known “same origin policy”, in-app advertising operates on the mobile platform.
    [Show full text]
  • Microsoft Acquires Massive, Inc
    S T A N F O R D U N I V E R S I T Y! 2 0 0 7 - 3 5 3 - 1! W W W . C A S E W I K I . O R G! R e v . M a y 2 9 , 2 0 0 7 MICROSOFT ACQUIRES MASSIVE, INC. May 4th, 2006 T A B L E O F C O N T E N T S 1. Introduction 2. Industry Overview 2.1. The Advertising Opportunity Within Video Games 2.2. Market Size and Demographics 2.3. Video Games and Advertising 2.4. Market Dynamics 3. Massive, Inc. ! Company Background 3.1. Founding of Massive 3.2. The Financing of Massive 3.3. Product Launch / Technology 3.4. The Massive / Microsoft Deal 4. Microsoft, Inc. within the Video Game Industry 4.1. Role as a Game Publisher / Developer 4.2. Acquisitions 4.3. Role as an Electronic Advertising Network 4.4. Statements Regarding the Acquisition of Massive, Inc. 5. Exhibits 5.1. Table of Exhibits 6. References ! 2 0 0 7 - 3 5 3 - 1! M i c r o s o f t A c q u i s i t i o n o f M a s s i v e , I n c .! I N T R O D U C T I O N In May 2007, Microsoft Corporation was a company in transition. Despite decades of dominance in its core markets of operating systems and desktop productivity software, Mi! crosoft was under tremendous pressure to create strongholds in new market spaces.
    [Show full text]
  • Observing and Optimizing Online Ad Assignments
    OBSERVING AND OPTIMIZING ONLINE AD ASSIGNMENTS BY DARJA KRUŠEVSKAJA A dissertation submitted to the Graduate School—New Brunswick Rutgers, The State University of New Jersey in partial fulfillment of the requirements for the degree of Doctor of Philosophy Graduate Program in Computer Science Written under the direction of S. Muthukrishnan and approved by New Brunswick, New Jersey October, 2015 ABSTRACT OF THE DISSERTATION Observing and Optimizing Online Ad Assignments by Darja Kruševskaja Dissertation Director: S. Muthukrishnan The main focus of this thesis work is on optimization and observation of ad assignments in online ad markets. Online ad markets allocate billions of impressions to advertisers while satisfying an array of constraints. Their revenues support the Internet ecosystem. They highlight theory problems and inspire systems research. In this thesis work we initiate the study that seeks to understand mechanisms and dynamics of advertising markets. We develop a scalable crawling capability that allows us to harvest a corpus of ads across a large number of websites and user profiles. We establish that user profile is essential in display ad markets: 50% of observed websites have at least 80% of their ads targeted at profiles. Further, we introduce cardinal auctions for selling multiple copies of a good, in which bidders specify not only their bid or how much they are willing to pay for the good, but also a cardinality constraint on the maximum size of the allocation in which they are willing to participate. We perform the first known analyses of Price of Anarchy and revenue of cardinal auctions. Finally, we introduce a new class of online allocation problems with secondary metrics, in which the goal is to optimize one metric (e.g., revenue), while meeting another (e.g., cost of user conversion).
    [Show full text]
  • An Empirical Study of Mobile Ad Targeting
    An Empirical Study of Mobile Ad Targeting Theodore Book Dan S. Wallach Rice University Rice University Abstract of Android advertising libraries to access permission- protected user data [15, 31, 22, 6] as well as the behavior Advertising, long the financial mainstay of the web of applications that directly pass user private information ecosystem, has become nearly ubiquitous in the world to their ad libraries [7]. What remains little understood of mobile apps. While ad targeting on the web is fairly is the way that information is used after it has been col- well understood, mobile ad targeting is much less stud- lected. ied. In this paper, we use empirical methods to collect In this work, we measure a more complex factor that a database of over 225,000 ads on 32 simulated devices is also critical to the understanding of user privacy—the hosting one of three distinct user profiles. We then ana- interaction between advertising libraries and their host lyze how the ads are targeted by correlating ads to poten- servers. Because we do not have direct access to the pro- tial targeting profiles using Bayes’ rule and Pearson’s chi prietary algorithms used in processing ad requests and squared test. This enables us to measure the prevalence serving advertisements, we choose to treat the data center of different forms of targeting. We find that nearly all ads as a black box, observing the relationship between inputs show the effects of application- and time-based targeting, (ad requests) and outputs (provided ads). This resembles while we are able to identify location-based targeting in the methodology used by other researchers in measuring 43% of the ads and user-based targeting in 39%.
    [Show full text]
  • Urban Screens Reader and Sabine Niederer 2 Urban Screens Reader 3
    EDITED BY SCOTT MCQUIRE, MEREDITH MARTIN URBAN SCREENS Reader AND SABINE NIEDERER 2 URBAN SCREENS Reader 3 Urban Screens Reader Editors: Scott McQuire, Meredith Martin and Sabine Niederer Editorial Assistance: Geert Lovink and Elena Tiis Copy Editing: Michael Dieter and Isabelle de Solier Design: Katja van Stiphout Printer: Raamwerken Printing & Design, Enkhuizen Publisher: Institute of Network Cultures, Amsterdam 2009 ISBN: 978-90-78146-10-0 Contact Institute of Network Cultures Phone: +3120 5951866 EDITED BY Fax: +3120 5951840 SCOTT MCQUIRE, Email: info@networkcultures MEREDITH MARTIN Web: http://www.networkcultures.org AND SABINE NIEDERER INC READer #5 Order a copy of this book by sending an email to: [email protected] A pdf of this publication can be downloaded freely at: http://www.networkcultures.org/publications Join the Urban Screens mailing list at: http://www.listcultures.org Join the International Urban Screens Association at: http://www.urbanscreensassoc.org Supported by: the Dutch Ministry of Education, Culture and Science in collaboration with Virtueel Platform, the Faculty of Arts, University of Melbourne, the School for Com- munication and Design at the Amsterdam University of Applied Sciences, MediaLAB Amsterdam and the International Urban Screens Association. The editors would also like to acknowledge the assistance of the Australian Research Council LP0989302 in supporting this research. Special thanks to all the authors for their contributions, and to Michael Dieter for his careful copy-editing. This publication is licensed under the Creative Commons Attribution Noncommercial No Derivative Works 2.5 Netherlands License. To view a copy of this license, visit: http://creativecommons.org/licenses/by-nc-nd/2.5/nl/deed.en No article in this reader may be reproduced in any form by any electronic or mechanical means without permission in writing from the author.
    [Show full text]
  • Kober V. Google
    Case 5:20-cv-08336 Document 1-1 Filed 11/25/20 Page 1 of 35 EXHIBIT A Case 5:20-cv-08336 Document 1-1 Filed 11/25/20 Page 2 of 35 1 BOTTINI & BOTTINI, INC. 2 Anne B. Beste (SBN 326881) 3 [email protected] Albert Y. Chang (SBN 296065) 4 [email protected] 5 Yury A. Kolesnikov (SBN 271173) [email protected] 6 7817 Ivanhoe Avenue, Suite 102 7 La Jolla, California 92037 Telephone: (858) 914-2001 8 Facsimile: (858) 914-2002 9 Attorneys for Plaintiff and the Class 10 11 SUPERIOR COURT FOR THE STATE OF CALIFORNIA 12 COUNTY OF SANTA CLARA 13 14 AMOS KOBER, on behalf of himself Case No. 15 and all others similarly situated, CLASS ACTION COMPLAINT: 16 Plaintiff, (1) THE CARTWRIGHT ACT 17 (CAL. BUS. & PROF. CODE § v. 16720); 18 GOOGLE LLC, ALPHABET, INC., (2) UNFAIR COMPETITION 19 and DOES 1-100, LAW (CAL. BUS. & PROF. CODE § 17200 ET SEQ.); AND 20 Defendants. (3) UNJUST ENRICHMENT 21 DEMAND FOR JURY TRIAL 22 23 24 25 26 27 28 CLASS ACTION COMPLAINT Case 5:20-cv-08336 Document 1-1 Filed 11/25/20 Page 3 of 35 1 Plaintiff, individually and on behalf of all others similarly situated (the “Class,” as 2 defined below), files this class-action complaint against Google LLC and Alphabet, Inc. 3 (“Defendants”) for violations of the Cartwright Act and Cal. Bus. & Prof. Code. Plaintiff 4 alleges the following (a) upon personal knowledge with respect to the matters pertaining 5 to Plaintiff; and (b) upon information and belief with respect to all other matters, based 6 upon, among other things, the investigations undertaken by Plaintiff’s counsel.
    [Show full text]
  • A Natural Attitude
    A Natural Attitude A Naturalista’s Hair Journal Spoken from a Salon Owner’s Perspective By Schatzi Hawthorne McCarthy A publication of Schatzi's Design Gallery & Day Spa, LLC A Natural Attitude: A Naturalista’s Hair Journal Spoken from a Salon Owner’s Perspective By Schatzi Hawthorne McCarthy Copyright © 2014-2021, Schatzi Hawthorne McCarthy; cover photo by Varick Taylor of one12images.com. Embrace the beauty of you. This book is dedicated to God, the Creator, for Your grace, mercy and omniscience: “Oh lord, though hast searched me and known me…” (Psalm 139) Thank you for guiding me, naturally and super-naturally, to this path of self-discovery that was your vision for my life. To the beautiful women in my life who have loved me unconditionally and have inspired me to be a natural woman: Grandma Mabel McMillan Aunt Joyce McCullom Woodbury Dear Mother Greta Lois McCullom Hawthorne At the footstool of this matriarchy, my natural attitude was nurtured and grown. Prayerfully, the world can learn from your rich and wise example. To my Dad, the late Retired Maj. Arthur Earl Hawthorne. You were always proud of me. Without your unconditional love, I would never have had the confidence to be the natural woman that I am. My love for you is beyond all understanding! To my beautiful family--Lloyd, Jela-ni, Jamar, who have supported me in all of my lifetime endeavors. I am privileged to walk this journey of life with you and pray that we continue to grow and learn together with hearts full of love and understanding.
    [Show full text]
  • Advertisement
    ADVERTISEMENT ST.18237.NewAd.SoldCover.indd 1 03/11/10 4:35 PM REDESIGNED REINVENTED REIMAGINED The new Globe—superior, full-colour reproduction and a bold, clean design on a premium semi-gloss stock. With longer time spent and a deeper connection to the content, this will change the way readers engage with the newspaper and your ads. RELEVANT lifestyle content to an engaged audience— each month, Globe Media attracts 1,476,000 influential, affluent female readers, 808,000 of whom are the principal grocery shopper in their household.* Monday Tuesday Wednesday Thursday Friday DIGITAL enhancements offer integrated sponsorships across multiple platforms. COLOUR on every page. Visit GlobeLink.ca, call 1.800.387.9012 or email [email protected] Globe Media to reach Canada’s most influential consumers. where influence lives *Source: PMB Fall 2010, Age 12+ ST.18154.GlobeandMail.ad.indd 1 01/11/10 3:55 PM B!G LOVE FOR TAXI PHD’S PRESCRIPTION FOR MEDIA GOLD SALTY BARBIE & CELEBRATES AS SCOUTS DDB WINS GET FRESH WITH AGENCY JOE OF THE YEAR (AGAIN) CoverNov10.indd 1 02/11/10 4:13 PM REDESIGNED REINVENTED REIMAGINED The new Globe—superior, full-colour reproduction and a bold, clean design on a premium semi-gloss stock. With longer time spent and a deeper connection to the content, this will change the way readers engage with the newspaper and your ads. RELEVANT lifestyle content to an engaged audience— each month, Globe Media attracts 1,476,000 influential, affluent female readers, 808,000 of whom are the principal grocery shopper in their household.* Monday Tuesday Wednesday Thursday Friday DIGITAL enhancements offer integrated sponsorships across multiple platforms.
    [Show full text]
  • Computational Advertising: Techniques for Targeting Relevant Ads
    Computational Advertising: Techniques for Targeting Relevant Ads Kushal Dave LTRC International Institute of Information Technology Hyderabad, India [email protected] Vasudeva Varma LTRC International Institute of Information Technology Hyderabad, India [email protected] Boston — Delft Foundations and TrendsR in Information Retrieval Published, sold and distributed by: now Publishers Inc. PO Box 1024 Hanover, MA 02339 United States Tel. +1-781-985-4510 www.nowpublishers.com [email protected] Outside North America: now Publishers Inc. PO Box 179 2600 AD Delft The Netherlands Tel. +31-6-51115274 The preferred citation for this publication is K. Dave and V. Varma. Computational Advertising: Techniques for Targeting Relevant Ads. Foundations and TrendsR in Information Retrieval, vol. 8, no. 4-5, pp. 263–418, 2014. R This Foundations and Trends issue was typeset in LATEX using a class file designed by Neal Parikh. Printed on acid-free paper. ISBN: 978-1-60198-833-1 c 2014 K. Dave and V. Varma All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, mechanical, photocopying, recording or otherwise, without prior written permission of the publishers. Photocopying. In the USA: This journal is registered at the Copyright Clearance Cen- ter, Inc., 222 Rosewood Drive, Danvers, MA 01923. Authorization to photocopy items for internal or personal use, or the internal or personal use of specific clients, is granted by now Publishers Inc for users registered with the Copyright Clearance Center (CCC). The ‘services’ for users can be found on the internet at: www.copyright.com For those organizations that have been granted a photocopy license, a separate system of payment has been arranged.
    [Show full text]
  • IDENTIFYING and MITIGATING THREATS from EMBEDDING THIRD-PARTY CONTENT a Dissertation Presented to the Academic Faculty by Wei Me
    IDENTIFYING AND MITIGATING THREATS FROM EMBEDDING THIRD-PARTY CONTENT A Dissertation Presented to The Academic Faculty By Wei Meng In Partial Fulfillment of the Requirements for the Degree Doctor of Philosophy in the School of Computer Science Georgia Institute of Technology August 2017 Copyright © Wei Meng 2017 IDENTIFYING AND MITIGATING THREATS FROM EMBEDDING THIRD-PARTY CONTENT Approved by: Dr. Wenke Lee, Advisor Dr. Giovanni Vigna School of Computer Science Department of Computer Science Georgia Institute of Technology University of California, Santa Barbara Dr. Mustaque Ahamad Dr. Nick Feamster School of Computer Science Department of Computer Science Georgia Institute of Technology Princeton University Dr. Taesoo Kim Date Approved: July 20, 2017 School of Computer Science Georgia Institute of Technology To my parents, and those who have supported me. iii ACKNOWLEDGEMENTS This Ph.D. dissertation would not exist without the support from a number of people. I would like to take this opportunity to acknowledge them. First of all, I am very grateful to my advisor, Wenke Lee, for his guidance and support through the Ph.D. program. Wenke has been an amazing advisor, who has trained me to become an independent researcher and think critically. When I first started my Ph.D. I was a little bit disappointed that I did not receive much instructions on projects or concrete research topics from him. Instead, Wenke provided me with the freedom and necessary resources to explore my own interests. When I met difficulties in exploring new directions, his insightful feedback helped me overcome many challenges. I learned what top-quality research is through the many debates with him, which I enjoyed a lot.
    [Show full text]
  • Tracing Information Flows Between Ad Exchanges Using Retargeted
    Tracing Information Flows Between Ad Exchanges Using Retargeted Ads Muhammad Ahmad Bashir, Sajjad Arshad, William Robertson, and Christo Wilson, Northeastern University https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/bashir This paper is included in the Proceedings of the 25th USENIX Security Symposium August 10–12, 2016 • Austin, TX ISBN 978-1-931971-32-4 Open access to the Proceedings of the 25th USENIX Security Symposium is sponsored by USENIX Tracing Information Flows Between Ad Exchanges Using Retargeted Ads Muhammad Ahmad Bashir Sajjad Arshad William Robertson Northeastern University Northeastern University Northeastern University [email protected] [email protected] [email protected] Christo Wilson Northeastern University [email protected] Abstract geted based on sensitive Personally Identifiable Informa- tion (PII) [44, 4] or specific kinds of browsing history Numerous surveys have shown that Web users are con- (e.g., visiting medical websites) [41]. Furthermore, some cerned about the loss of privacy associated with online users are universally opposed to online tracking, regard- tracking. Alarmingly, these surveys also reveal that peo- less of circumstance [46, 60, 14]. ple are also unaware of the amount of data sharing that occurs between ad exchanges, and thus underestimate the One particular concern held by users is their digi- privacy risks associated with online tracking. tal footprint [33, 65, 58], i.e., which first- and third- In reality, the modern ad ecosystem is fueled by a flow parties are able to track their browsing history Large- of user data between trackers and ad exchanges. Al- scale web crawls have repeatedly shown that trackers are though recent work has shown that ad exchanges rou- ubiquitous [24, 19], with DoubleClick alone being able tinely perform cookie matching with other exchanges, to observe visitors on 40 of websites in the Alexa Top- these studies are based on brittle heuristics that cannot 100K [11].
    [Show full text]