Title: Identifying and Mitigating Threats from Embedding Third-Party Content

Wei Meng

Ph.D. student

School of Computer Science

College of Computing

Georgia Institute of Technology

Date: Thursday, December 15th, 2016

Time: 1 PM - 3 PM (EST)

Location: Klaus 3126

Committee:

------------------------

Dr. Wenke Lee (Advisor, School of Computer Science, Georgia Institute of Technology) Dr. Giovanni Vigna (Department of Computer Science, University of California, Santa Barbara) Dr. Mustaque Ahamad (School of Computer Science, Georgia Institute of Technology)

Abstract

------------------------

Embedding content from third parties to enrich features is a common practice in the development of modern web applications and mobile applications. Such practices can pose very serious security and privacy threats, because third-party content usually operates with the same privilege as first-party content and is not well isolated. Some threats are not previously known because of the uses of emerging technologies such as tracking, profiling and personalization.

This thesis has identified two new classes of threats caused by malicious first-party applications that embed third-party content, and proposed defense techniques to mitigate these threats. In particular, we show that the personalization systems of popular websites can be abused by a malicious publisher to pollute a user’s profile. In addition, we demonstrate that a malicious Android application can infer a user’s profile that is already learned by third-party ad networks.

This thesis also aims to design mechanisms that enable end-users and developers to limit the privileges of third-party content to prevent unintended behaviors. First, this thesis presents TrackMeOrNot, a client-side anti-tracking mechanism that allows end-users to selectively opt out of third-party web tracking based on their demand and cloak their privacy sensitive browsing activities. Second, we plan to design and implement a new permission mechanism for web applications to address the limitations of existing web permission mechanisms, which offer only all-or-nothing restriction.