Enhancing Browser Security for Mobile Devices Using Smart CDNs

Slide Note
Embed
Share

Explore the realm of improving browser security for mobile devices through the utilization of Smart Content Delivery Networks (CDNs). Delve into research directions, challenges in adoption, and innovative security services to safeguard against potential threats. Discover how the rise of Smart CDNs impacts the security landscape and the implications for the middle tier in mobile security architecture.

chr_rhe
chr_rhe Follow

Uploaded on Sep 16, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. Empowering Browser Security for Mobile Devices Using Smart CDNs Ben Livshits and David Molnar Microsoft Research 1

  2. Mobile Web Growth 2

  3. Opera Mobile Study 4 http://www.opera.com/media/smw/2009/pdf/smw032009.pdf

  4. Research in Desktop Browser Security ConScript Nozzle [Oakland 10] [UsenixSec 09] StackGuard/HeapGuard NativeClient/XAX [UsenixSec 01/] [Oakland 09/OSDI 08] XSS filters/ worm filters 5

  5. Mobile: Difficulties of Adoption http://developer.android.com/resources/dashboard/platform-versions.html 6

  6. CDNs are Growing 7

  7. Consequence: Fat Middle Tier Rise of smart CDN (sCDN) What does this mean for security? 8

  8. Two Research Directions What if the middle tier is not trustworthy? What new security services can we provide? 9

  9. Two Research Directions What if the middle tier is not trustworthy? What new security services can we provide? Let s do the easiest one first 10

  10. Example Service: Nozzle in Mobile Nozzle is a heap spraying prevention system that protects desktop browsers [UsenixSec 09] How to deploy Nozzle on mobile browsers? Software updates on all handsets..? Same problem for any browser based mitigation StackGuard, RandomHeap, your paper at W2SP20XX 11

  11. Example Service: Nozzle in Mobile Run Nozzle in sCDN! Catch heap sprays, pre-render benign pages, ship renders to mobile. 12

  12. More sCDN Security Services Real Time phish tracking Why is everyone suddenly going to whuffo.com? URL reputation 15 other people were owned by this URL XSS filters Fuzz testing seeded with real traces 13

  13. Untrustworthy Infrastructure? Multiple vendors Linksys, Cisco, Akamai, Limelight, Multiple operators Comcast, Sprint, AT&T, T-Mobile, Joe Sixpack, Multiple web applications How do these parties work together? What about privacy? 14

  14. Two Research Directions What if the middle tier is not trustworthy? What new security services can we provide? 15

Related


Understanding Domain Name System (DNS) and Content Distribution Networks (CDNs)

Understanding Domain Name System (DNS) and Content Distribution Networks (CDNs)

idecl
Omnispace: Redefining Global Mobile Connectivity with 5G NTN Technology

Omnispace: Redefining Global Mobile Connectivity with 5G NTN Technology

alofq
Browser Extensions as Assistive Technology: Enhancing Accessibility

Browser Extensions as Assistive Technology: Enhancing Accessibility

nes_vea
Security Concerns and Future Challenges of Internet Connected Devices in Budva, Montenegro

Security Concerns and Future Challenges of Internet Connected Devices in Budva, Montenegro

cyru_4
Managing Mobile Devices in Corporate Environment

Managing Mobile Devices in Corporate Environment

idris
Techniques and Tools for Secure Web Browser Extension Development

Techniques and Tools for Secure Web Browser Extension Development

jac_bu
Personal Mobile Device Acceptable Use Policy Overview

Personal Mobile Device Acceptable Use Policy Overview

mano449
Troubleshooting Invalid Login Credential Issue on e-Way Bill Portal

Troubleshooting Invalid Login Credential Issue on e-Way Bill Portal

rain
Exploring Blazor: An Experimental .NET Framework for the Browser

Exploring Blazor: An Experimental .NET Framework for the Browser

aithne
Progress on Selected Smart Cities in South Africa

Progress on Selected Smart Cities in South Africa

keilani
Overview of Computer Input and Output Devices

Overview of Computer Input and Output Devices

brennan
Innovative Smart Traffic App Solution by Smart Road Technology Ltd

Innovative Smart Traffic App Solution by Smart Road Technology Ltd

lillymae
Exploring AI Trends in Foreign Intelligence, Artistic Creation, Communication, and Smart Devices

Exploring AI Trends in Foreign Intelligence, Artistic Creation, Communication, and Smart Devices

anwi_72
Understanding Mobile Communication and Networks in Physics

Understanding Mobile Communication and Networks in Physics

linus
Emerging Threats in Banking: Mobile Banking Vulnerabilities

Emerging Threats in Banking: Mobile Banking Vulnerabilities

dash_60
Computer Peripherals and Interfacing

Computer Peripherals and Interfacing

ellen
Understanding Input and Output Devices in Computing

Understanding Input and Output Devices in Computing

esha
TT Lock - Smart Lock Management Software Overview

TT Lock - Smart Lock Management Software Overview

bonnie
Understanding Sensor-Based Mobile Web Fingerprinting and Attacks

Understanding Sensor-Based Mobile Web Fingerprinting and Attacks

qcort
Exploring Secure Cooperative Sharing of Resources in Web Applications

Exploring Secure Cooperative Sharing of Resources in Web Applications

eckardt_b
Mobile Device Management with Microsoft Intune and Android Enterprise

Mobile Device Management with Microsoft Intune and Android Enterprise

quno547
Phased Array Antenna Design for Smart Intersection Radar Using Analog Devices ADAR-1000

Phased Array Antenna Design for Smart Intersection Radar Using Analog Devices ADAR-1000

ellamay
Understanding the Role of Security Champions in Organizations

Understanding the Role of Security Champions in Organizations

irvin
Exploring Smart City Solutions and Applications

Exploring Smart City Solutions and Applications

deen

More Related Content

Genoa Smart City Strategy: Leveraging ICT for Sustainable Urban Development
Genoa Smart City Strategy: Leveraging ICT for Sustainable Urban Development
Smart Antenna Systems Overview: Enhancing Wireless Performance
Smart Antenna Systems Overview: Enhancing Wireless Performance
Automotive Grade 10 Joining Methods: Locking Devices Overview
Automotive Grade 10 Joining Methods: Locking Devices Overview
Understanding Basics of Computer Systems
Understanding Basics of Computer Systems
VARTA Micro Batteries: Powering Smart Home Solutions
VARTA Micro Batteries: Powering Smart Home Solutions
Ascon: The Lightweight Cryptography Standard for IoT
Ascon: The Lightweight Cryptography Standard for IoT
Mobile Device and Platform Security in Spring 2017: Lecture Highlights
Mobile Device and Platform Security in Spring 2017: Lecture Highlights
Introduction to Hubitat Elevation: Smart Home Automation Hub
Introduction to Hubitat Elevation: Smart Home Automation Hub
Using Smart View in PlanUW: Data Input and Reporting
Using Smart View in PlanUW: Data Input and Reporting
Understanding the Roles of a Security Partner
Understanding the Roles of a Security Partner
Mobile Application Development and Introduction to Mobile Computing
Mobile Application Development and Introduction to Mobile Computing
Understanding Mobile Computing and TCP/IP Protocol Suite
Understanding Mobile Computing and TCP/IP Protocol Suite
Techniques for Reducing Connected-Standby Energy Consumption in Mobile Devices
Techniques for Reducing Connected-Standby Energy Consumption in Mobile Devices
Understanding Network Devices and Connectivity
Understanding Network Devices and Connectivity
Study of Mobile Web App Security: Findings and Recommendations
Study of Mobile Web App Security: Findings and Recommendations
Efficient ACME Workflow Automation for Browser-based Team Collaboration
Efficient ACME Workflow Automation for Browser-based Team Collaboration
Comparing Virtual Reality (VR), Augmented Reality (AR), and Mixed Reality (MR)
Comparing Virtual Reality (VR), Augmented Reality (AR), and Mixed Reality (MR)
Understanding Cyber Security and Risks
Understanding Cyber Security and Risks
Enhancing Mobile-Cloud Computing with Autonomous Agents Framework
Enhancing Mobile-Cloud Computing with Autonomous Agents Framework
Perceptions of Medical Students on Point-of-Care Ultrasound Devices
Perceptions of Medical Students on Point-of-Care Ultrasound Devices
Understanding Geolocation: What You Need to Know
Understanding Geolocation: What You Need to Know
Automating Your Browser and Desktop Apps Using Python
Automating Your Browser and Desktop Apps Using Python
Guide to Creating Access from Wired to Wireless Devices Using Airborne AP Ethernet Bridge
Guide to Creating Access from Wired to Wireless Devices Using Airborne AP Ethernet Bridge
Addressing Counterfeit and Substandard ICT Devices in Brazil: The SIGA Project
Addressing Counterfeit and Substandard ICT Devices in Brazil: The SIGA Project