Skip to main content
SpringerLink
Log in

Web security in a windows system as PrivacyDefender in private browsing mode

  • Published:
Multimedia Tools and Applications Aims and scope Submit manuscript

Abstract

Recently, due to the advance and development of Internet technology and its development, web browsers have become essential applications. A web browser is not only used to surf the Internet, but also plays an important role as a portable operating system. For example, many users edit documents via an online editor and store the documents in an online storage repository. All those tasks are done with the help of a web browser. This results in a large number of attacks on web browsers. Therefore, the security of web browsers has become an increasingly important issue in recent years. Traditionally, when a user surfs on the Internet, his interaction with the browser is recorded. This scenario is called public browsing mode. Through attacking web browsers, attackers can obtain access to surfers’ private information, including surfing habits and passwords. The attackers are able to do this as web browsers always leave cookies, browsing histories and caches on the users’ computers. To avoid malicious attacks, many web browsers have developed private browsing mode mechanisms. In private browsing mode, a user’s behavior is not traced and his private information is retained as well. However, these mechanisms still create files such as bookmarks. Most importantly, the files downloaded through a web browser will be saved to disk unless the user deletes them himself. This is an extremely serious threat to the private security of web users. We designed a mechanism in Windows XP that observes the behaviors and patterns related to the creation and deletion of files in Firefox while in private browsing mode. We then focused on the files which were not deleted, and cleared them by means of anti-forensics manners. In other words, the web browsers can be made comprehensively secure with our mechanism.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11

Similar content being viewed by others

References

  1. Aggarwal G, Bursztein E, Jackson C, Boneh D (2010) An analysis of private browsing modes in modern browsers. In USENIX Security Symposium, pp 79–94

  2. Barth A, Felt AP, Saxena P, Boodman A (2010) Protecting browsers from extension vulnerabilities. In: 17th Network and Distributed System Security Symposium

  3. Brand M, Valli C, Woodward A (2010) Malware forensics: discovery of the intent of deception. Journal of Digital Forensics, Security & Law 5:31–42

  4. Christodorescu M, Jha S (2003) Static analysis of executables to detect malicious patterns. In: Proceedings of the 12th USENIX Security Symposium (Security’03), pp 169–186

  5. Egele M, Scholte T, Kirda E, Kruegel C (2012) A survey on automated dynamic malware-analysis techniques and tools. ACM Comput Surv (CSUR) vol. 44

  6. Felten EW, Schneider MA (2000) Timing attacks on web privacy. In: Proceedings of the 7th ACM conference on Computer and communications security, pp. 25–32

  7. Harris R (2006) Arriving at an anti-forensics consensus: examining how to define and control the anti-forensics problem. Digit Investig 3:44–49

    Article  Google Scholar 

  8. IBM X-Force (2011) IBM X-Force 2011 Mid-year Trend and Risk Report. [Online]. Available: http://www-935.ibm.com/services/us/iss/xforce/trendreports/

  9. Jana S, Shmatikov V (2012) Memento: learning secrets from process footprints. In: Security and Privacy (SP), 2012 I.E. Symposium on, pp. 143–157

  10. Malin CH, Casey E, Aquilina JM (2008) Malware forensics: investigating and analyzing malicious code. Syngress, Burlington

    Google Scholar 

  11. Microsoft. Detours. [Online]. Available: http://research.microsoft.com/en-us/projects/detours/

  12. Microsoft. Download and Install Debugging Tools for Windows. [Online]. Available: http://msdn.microsoft.com/en-us/windows/hardware/gg463009.aspx

  13. Microsoft. NtCreateFile function. [Online]. Available: http://msdn.microsoft.com/en-us/library/bb432380(v=vs.85).aspx

  14. Microsoft. NtCreateFile routine. [Online]. Available: http://msdn.microsoft.com/en-us/library/windows/hardware/ff566424(v=vs.85).aspx

  15. Microsoft. Using Nt and Zw versions of the native system services routines. [Online]. Available: http://msdn.microsoft.com/en-us/library/windows/hardware/ff565438(v=vs.85).aspx

  16. Mozilla Firefox. Private Browsing - Browse the web without saving information about the sites you visit. [Online]. Available: http://support.mozilla.org/en-US/kb/private-browsing-browse-web-without-saving-info

  17. Nielson C, Nielson F, Nielson R, Hankin (1999) Principles of program analysis. Springer, Secaucus, 450

    Book  MATH  Google Scholar 

  18. Qualys Security Labs. MS11-077: from patch to proof-of-concept. [Online]. Available: https://community.qualys.com/blogs/securitylabs/tags/win32k.sys

  19. Saint-Jean F, Johnson A, Boneh D, Feigenbaum J (2007) Private web search. In: Proceedings of the 2007 ACM workshop on Privacy in electronic society, pp. 84–90

  20. Schwartz EJ, Avgerinos T, Brumley D (2010) All you ever wanted to know about dynamic taint analysis and forward symbolic execution. IEEE Symposium on Security and Privacy (SP), pp. 317–331

  21. Shankar U, Karlof C (2006) Doppelganger: better browser privacy without the bother. In Proceedings of the 13th ACM conference on Computer and communications security, pp. 154–167

  22. StatCounter (2011) Top 5 Browsers. [Online]. Available: http://gs.statcounter.com/

  23. The top 500 sites on the web. [Online]. Available: http://www.alexa.com/topsites

  24. Torbutton 1.4.1. [Online]. Available: https://blog.torproject.org/blog/torbutton-141-released

  25. TotalRecal on Firefox. [Online]. Available: https://addons.mozilla.org/en-US/firefox/addon/totalrecall/

  26. Understanding the Import Address Table. [Online]. Available: http://sandsprite.com/CodeStuff/Understanding_imports.html

  27. Zone.Identifier Stream Name. [Online]. Available: http://msdn.microsoft.com/en-us/library/ff469212%28PROT.10%29.aspx

Download references

Acknowledgments

This research was partially supported by the National Science Council of the Republic of 518 China under the Grant NSC 100-2221-E-015-001-MY2-, NSC 102-2221-E-015-001-, NSC 101-2221-E-008 -028 -MY2 and NSC 103-2623-E-008-003-D.

Author information

Authors and Affiliations

  1. Department of Computer Science and Information Engineering, National Central University, Taoyuan, 320, Taiwan

    Fu-Hau Hsu, Min-Hao Wu & Yi-Wen Chang

  2. Department of Information Management, Central Police University, Taoyuan, 333, Taiwan

    Shiuh-Jeng Wang

Authors
  1. Fu-Hau Hsu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Min-Hao Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yi-Wen Chang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Shiuh-Jeng Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Shiuh-Jeng Wang.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Hsu, FH., Wu, MH., Chang, YW. et al. Web security in a windows system as PrivacyDefender in private browsing mode. Multimed Tools Appl 74, 1667–1688 (2015). https://doi.org/10.1007/s11042-014-2003-5

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11042-014-2003-5

Keywords

Search

Navigation