Morphing Web Pages to Preclude Web Page Tampering Threats

Detalhes bibliográficos
Autor(a) principal: Luís Pedro Borges Abreu
Data de Publicação: 2016
Tipo de documento: Dissertação
Idioma: eng
Título da fonte: Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
Texto Completo: https://repositorio-aberto.up.pt/handle/10216/90184
Resumo: The number of Internet users keeps growing every year. Moreover, the Internet is becoming a daily tool, which impacts the individual's lives used either as a work tool or for entertainment purposes. However, by using it, people become possible targets for cyber attacks as they keep exchanging data, sometimes sensitive and private data, with remote servers.Among all the different attacks types, MitB is the reason behind the genesis of this thesis subject. MitB attacks are performed by a computer program running on user's computer that is commonly known as Malware, which has access to what happens inside a browser window. It can be a system library or even a browser extension programmed to, automatically, misrepresent the source code of the client-side server response, and other information stored in user's browsers. They rely on markup and DOM anchors to identify sections of a web page to attack. The end result of an attack will be dictated by the malware's ability to successfully identify the right location on the web page to perform the attack.Polymorphism is a broad concept that can be applied to web pages as a tool to both neutralize and defeat such kind of attacks, as documented by Shape Security, Inc. in 2014. Applying polymorphic techniques to web pages, the server response will be textually different between requests, but the visual display to the user will always be the same. That is, the values of static attributes and the structure of HTML documents may be modified on the server immediately before responses are sent off, creating a polymorphic version of the web page, or by pre-building this new versions on the server to decrease the real time computational costs. Therefore, no two HTML documents will be textually the same, turning web pages in somehow a moving target against MitB attacks. This level of protection is necessary since all changes are made locally, client side, making their detection difficult by control and security structures implemented on the service provider's servers.In this thesis, we aim to develop a tool based on polymorphism to protect web pages and users from MitB attacks based on markup and DOM anchors. This tool will be evaluated by accuracy and efficiency. The first metric will be evaluated by recording and comparing the list of errors and warnings generated by original web pages and by their polymorphic versions created with our tool. The efficiency will be evaluated by running automated attempts for tampering web pages protected by our tool.
id RCAP_00f4db13069d444b362954cfc20a794b
oai_identifier_str oai:repositorio-aberto.up.pt:10216/90184
network_acronym_str RCAP
network_name_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository_id_str 7160
spelling Morphing Web Pages to Preclude Web Page Tampering ThreatsEngenharia electrotécnica, electrónica e informáticaElectrical engineering, Electronic engineering, Information engineeringThe number of Internet users keeps growing every year. Moreover, the Internet is becoming a daily tool, which impacts the individual's lives used either as a work tool or for entertainment purposes. However, by using it, people become possible targets for cyber attacks as they keep exchanging data, sometimes sensitive and private data, with remote servers.Among all the different attacks types, MitB is the reason behind the genesis of this thesis subject. MitB attacks are performed by a computer program running on user's computer that is commonly known as Malware, which has access to what happens inside a browser window. It can be a system library or even a browser extension programmed to, automatically, misrepresent the source code of the client-side server response, and other information stored in user's browsers. They rely on markup and DOM anchors to identify sections of a web page to attack. The end result of an attack will be dictated by the malware's ability to successfully identify the right location on the web page to perform the attack.Polymorphism is a broad concept that can be applied to web pages as a tool to both neutralize and defeat such kind of attacks, as documented by Shape Security, Inc. in 2014. Applying polymorphic techniques to web pages, the server response will be textually different between requests, but the visual display to the user will always be the same. That is, the values of static attributes and the structure of HTML documents may be modified on the server immediately before responses are sent off, creating a polymorphic version of the web page, or by pre-building this new versions on the server to decrease the real time computational costs. Therefore, no two HTML documents will be textually the same, turning web pages in somehow a moving target against MitB attacks. This level of protection is necessary since all changes are made locally, client side, making their detection difficult by control and security structures implemented on the service provider's servers.In this thesis, we aim to develop a tool based on polymorphism to protect web pages and users from MitB attacks based on markup and DOM anchors. This tool will be evaluated by accuracy and efficiency. The first metric will be evaluated by recording and comparing the list of errors and warnings generated by original web pages and by their polymorphic versions created with our tool. The efficiency will be evaluated by running automated attempts for tampering web pages protected by our tool.2016-07-112016-07-11T00:00:00Zinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/masterThesisapplication/pdfhttps://repositorio-aberto.up.pt/handle/10216/90184TID:201311720engLuís Pedro Borges Abreuinfo:eu-repo/semantics/openAccessreponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãoinstacron:RCAAP2023-11-29T14:43:00Zoai:repositorio-aberto.up.pt:10216/90184Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireopendoar:71602024-03-20T00:07:17.629119Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãofalse
dc.title.none.fl_str_mv Morphing Web Pages to Preclude Web Page Tampering Threats
title Morphing Web Pages to Preclude Web Page Tampering Threats
spellingShingle Morphing Web Pages to Preclude Web Page Tampering Threats
Luís Pedro Borges Abreu
Engenharia electrotécnica, electrónica e informática
Electrical engineering, Electronic engineering, Information engineering
title_short Morphing Web Pages to Preclude Web Page Tampering Threats
title_full Morphing Web Pages to Preclude Web Page Tampering Threats
title_fullStr Morphing Web Pages to Preclude Web Page Tampering Threats
title_full_unstemmed Morphing Web Pages to Preclude Web Page Tampering Threats
title_sort Morphing Web Pages to Preclude Web Page Tampering Threats
author Luís Pedro Borges Abreu
author_facet Luís Pedro Borges Abreu
author_role author
dc.contributor.author.fl_str_mv Luís Pedro Borges Abreu
dc.subject.por.fl_str_mv Engenharia electrotécnica, electrónica e informática
Electrical engineering, Electronic engineering, Information engineering
topic Engenharia electrotécnica, electrónica e informática
Electrical engineering, Electronic engineering, Information engineering
description The number of Internet users keeps growing every year. Moreover, the Internet is becoming a daily tool, which impacts the individual's lives used either as a work tool or for entertainment purposes. However, by using it, people become possible targets for cyber attacks as they keep exchanging data, sometimes sensitive and private data, with remote servers.Among all the different attacks types, MitB is the reason behind the genesis of this thesis subject. MitB attacks are performed by a computer program running on user's computer that is commonly known as Malware, which has access to what happens inside a browser window. It can be a system library or even a browser extension programmed to, automatically, misrepresent the source code of the client-side server response, and other information stored in user's browsers. They rely on markup and DOM anchors to identify sections of a web page to attack. The end result of an attack will be dictated by the malware's ability to successfully identify the right location on the web page to perform the attack.Polymorphism is a broad concept that can be applied to web pages as a tool to both neutralize and defeat such kind of attacks, as documented by Shape Security, Inc. in 2014. Applying polymorphic techniques to web pages, the server response will be textually different between requests, but the visual display to the user will always be the same. That is, the values of static attributes and the structure of HTML documents may be modified on the server immediately before responses are sent off, creating a polymorphic version of the web page, or by pre-building this new versions on the server to decrease the real time computational costs. Therefore, no two HTML documents will be textually the same, turning web pages in somehow a moving target against MitB attacks. This level of protection is necessary since all changes are made locally, client side, making their detection difficult by control and security structures implemented on the service provider's servers.In this thesis, we aim to develop a tool based on polymorphism to protect web pages and users from MitB attacks based on markup and DOM anchors. This tool will be evaluated by accuracy and efficiency. The first metric will be evaluated by recording and comparing the list of errors and warnings generated by original web pages and by their polymorphic versions created with our tool. The efficiency will be evaluated by running automated attempts for tampering web pages protected by our tool.
publishDate 2016
dc.date.none.fl_str_mv 2016-07-11
2016-07-11T00:00:00Z
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/masterThesis
format masterThesis
status_str publishedVersion
dc.identifier.uri.fl_str_mv https://repositorio-aberto.up.pt/handle/10216/90184
TID:201311720
url https://repositorio-aberto.up.pt/handle/10216/90184
identifier_str_mv TID:201311720
dc.language.iso.fl_str_mv eng
language eng
dc.rights.driver.fl_str_mv info:eu-repo/semantics/openAccess
eu_rights_str_mv openAccess
dc.format.none.fl_str_mv application/pdf
dc.source.none.fl_str_mv reponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron:RCAAP
instname_str Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron_str RCAAP
institution RCAAP
reponame_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
collection Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository.name.fl_str_mv Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
repository.mail.fl_str_mv
_version_ 1799135998622302209