October 13, 2017
Kapravelos Aims to Improve Browser Security by Taming Browser Functionality
Alexandros Kapravelos, Assistant Professor of Computer Science at NC State, has been
awarded $406,609 by the National Science Foundation (NSF) to support his
research project entitled “SaTC: CORE: Medium: Collaborative: Taming Web Content
Through Automated Reduction in Browser Functionality”.
is a collaborative award with Dr. Adam
Doupé, assistant professor of computer science at Arizona State University,
and Dr. Engin Kirda, professor of
computer science at Northeastern University.
The award runs from September 1, 2017 through August 31, 2021, and the
total funded amount is $1,199,787.
Abstract: The browser is constantly evolving to meet the
demands of Web applications. Although this evolution supports the innovation
that we see on the internet, there are security implications that we need to
consider, such as attacks against the browser that leverage bugs that occur
from the rapid development.
this project, we plan to examine how certain web applications work and associate
their behavior directly with the corresponding browser functionality. Our goal
is to be able to characterize what functionality is needed from the browser when
rendering a page and certain components. By building a system like this we will
be able to identify for example what is needed from the browser to render a web
advertisement. To better protect the internet users, we are going to leverage
that information so that we can identify when web applications diverge from
their expected behavior and attack the users' browser. We will use this
information to limit the exposed functionality to the web applications and eliminate
this way multiple classes of attacks, such as browser fingerprinting and
Return To News Homepage