• Login
    View Item 
    •   Home
    • Theses & Dissertations
    • 2016 - Mines Theses & Dissertations
    • View Item
    •   Home
    • Theses & Dissertations
    • 2016 - Mines Theses & Dissertations
    • View Item
    JavaScript is disabled for your browser. Some features of this site may not work without it.

    Browse

    All of Mines RepositoryCommunitiesPublication DateAuthorsTitlesSubjectsThis CollectionPublication DateAuthorsTitlesSubjects

    My Account

    Login

    Mines Links

    Arthur Lakes LibraryColorado School of Mines

    Statistics

    Display Statistics

    Vulnerability exploration and data protection in end-user applications

    • CSV
    • RefMan
    • EndNote
    • BibTex
    • RefWorks
    Thumbnail
    Name:
    Zhao_mines_0052E_11161.pdf
    Size:
    6.538Mb
    Format:
    PDF
    Download
    Author
    Zhao, Rui
    Advisor
    Yue, Chuan
    Date issued
    2016
    Keywords
    protection
    vulnerability
    security
    applications
    
    Metadata
    Show full item record
    URI
    https://hdl.handle.net/11124/170631
    Abstract
    Using different end-user applications on personal computers and mobile devices has become an integral part of our daily lives. For example, we use Web browsers and mobile applications to perform many important tasks such as Web browsing, banking, shopping, and bill-paying. However, due to the security vulnerabilities in many applications and also due to the lack of security knowledge or awareness of end users, users’ sensitive data may not be properly protected in those applications and can be leaked to attackers resulting in severe consequences such as identity theft, financial loss, and privacy leakage. Therefore, exploring potential vulnerabilities and protecting sensitive data in end-user applications are of great need and importance. In this dissertation, we explore the vulnerabilities in both end-user applications and end users. In terms of end-user applications, we focus on Web browsers, browser extensions, stand-alone applications, and mobile applications by manually or automatically exploring their vulnerabilities and by proposing new data protection mechanisms. Specifically, we (1) investigate vulnerabilities of the password managers in the five most popular Web browsers, (2) investigate vulnerabilities of two commercial browser extension and cloud based password managers, (3) propose a framework for automatic detection of information leakage vulnerabilities in browser extensions, (4) propose a secure cloud storage middleware for end-user applications, and (5) investigate cross-site input inference attacks on mobile Web users. In terms of end users, we focus on phishing attacks by investigating users’ susceptibility to both traditional phishing and Single Sign-On phishing. Specifically, we (6) explore the feasibility of creating extreme phishing attacks and evaluate the effectiveness of such phishing attacks. By conducting these research projects, we expect to advance the scientific and technological understanding on protecting users’ sensitive data in applications, and make users’ online experience more secure and enjoyable.
    Rights
    Copyright of the original work is retained by the author.
    Collections
    2016 - Mines Theses & Dissertations

    entitlement

     
    DSpace software (copyright © 2002 - 2022)  DuraSpace
    Quick Guide | Contact Us
    Open Repository is a service operated by 
    Atmire NV
     

    Export search results

    The export option will allow you to export the current search results of the entered query to a file. Different formats are available for download. To export the items, click on the button corresponding with the preferred download format.

    By default, clicking on the export buttons will result in a download of the allowed maximum amount of items.

    To select a subset of the search results, click "Selective Export" button and make a selection of the items you want to export. The amount of items that can be exported at once is similarly restricted as the full export.

    After making a selection, click one of the export format buttons. The amount of items that will be exported is indicated in the bubble next to export format.