TY - GEN
T1 - Exploiting split browsers for efficiently protecting user data
AU - Zavou, Angeliki
AU - Athanasopoulos, Elias
AU - Portokalidis, Georgios
AU - Keromytis, Angelos D.
PY - 2012
Y1 - 2012
N2 - Offloading complex tasks to a resource-abundant environ- ment like the cloud, can extend the capabilities of resource constrained mobile devices, extend battery life, and improve user experience. Split browsing is a new paradigm that adopts this strategy to improve web browsing on devices like smartphones and tablets. Split browsers offload computa- tion to the cloud by design; they are composed by two parts, one running on the thin client and one in the cloud. Render- ing takes place primarily in the latter, while a bitmap or a simplified web page is communicated to the client. Despite its difference with traditional web browsing, split browsing still suffers from the same types of threats, such as cross-site scripting. In this paper, we propose exploiting the design of split browsers to also utilize cloud resources for protecting against various threats efficiently. We begin by systemati- cally studying split browsing architectures, and then proceed to propose two solutions, in parallel and inline cloning, that exploit the inherent features of this new browsing paradigm to accurately and efficiently protect user data against com- mon web exploits. Our preliminary results suggest that our framework can be efficiently applied to Amazon's Silk, the most widely deployed at the time of writing, split browser.
AB - Offloading complex tasks to a resource-abundant environ- ment like the cloud, can extend the capabilities of resource constrained mobile devices, extend battery life, and improve user experience. Split browsing is a new paradigm that adopts this strategy to improve web browsing on devices like smartphones and tablets. Split browsers offload computa- tion to the cloud by design; they are composed by two parts, one running on the thin client and one in the cloud. Render- ing takes place primarily in the latter, while a bitmap or a simplified web page is communicated to the client. Despite its difference with traditional web browsing, split browsing still suffers from the same types of threats, such as cross-site scripting. In this paper, we propose exploiting the design of split browsers to also utilize cloud resources for protecting against various threats efficiently. We begin by systemati- cally studying split browsing architectures, and then proceed to propose two solutions, in parallel and inline cloning, that exploit the inherent features of this new browsing paradigm to accurately and efficiently protect user data against com- mon web exploits. Our preliminary results suggest that our framework can be efficiently applied to Amazon's Silk, the most widely deployed at the time of writing, split browser.
KW - Cloud
KW - Cross-site scripting
KW - Data protection
KW - Information flow tracking
KW - Split browser architectures
UR - http://www.scopus.com/inward/record.url?scp=84869749324&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84869749324&partnerID=8YFLogxK
U2 - 10.1145/2381913.2381921
DO - 10.1145/2381913.2381921
M3 - Conference contribution
AN - SCOPUS:84869749324
SN - 9781450316651
T3 - Proceedings of the ACM Conference on Computer and Communications Security
SP - 37
EP - 42
BT - CCSW'12 - Proceedings of the Cloud Computing Security Workshop
T2 - 2012 ACM Workshop on Cloud Computing Security Workshop, CCSW 2012
Y2 - 19 October 2012 through 19 October 2012
ER -