Toggle Main Menu Toggle Search

Open Access padlockePrints

On the Privacy of Private Browsing - A Forensic Approach

Lookup NU author(s): Dr Matthew ForshawORCiD, Professor Feng Hao, Ehsan Toreini

Downloads


Abstract

Private browsing has been a popular privacy feature built into all mainstream browsers since 2005. However, despite the prevalent use, the security of this feature has received little attention from the research community. To the best of our knowledge, no study has existed that systematically evaluates the security of private browsing across all major browsers and from all angles: not only examining the memory, but also the underlying database structure on the disk and the web traffic. In this paper, we present an up-to-date and comprehensive analysis of private browsing across the four most popular web browsers: IE, Firefox, Chrome and Safari. We report that all browsers under study suffer from a variety of vulnerabilities, many of which have not been reported or known before. The problems are generally caused by the following factors: a lax control of permission to allow extensions to run in the private mode with unrestricted privilege; inconsistent implementations of the underlying SQLite database between the private and usual modes; the neglect of the cross-mode interference when the two modes are run in parallel; a lack of attention to side-channel timing attacks, etc. All of the attacks have been experimentally verified with countermeasures proposed.


Publication metadata

Author(s): Satvat K, Forshaw M, Hao F, Toreini E

Publication type: Report

Publication status: Published

Series Title: School of Computing Science Technical Report Series

Year: 2013

Pages: 25

Print publication date: 01/10/2013

Source Publication Date: October 2013

Report Number: 1397

Institution: School of Computing Science, University of Newcastle upon Tyne

Place Published: Newcastle upon Tyne

URL: http://www.cs.ncl.ac.uk/publications/trs/papers/1397.pdf


Share