Presentation By :- ADARSH PILLAY

Slides:



Advertisements
Similar presentations
Enabling Secure Internet Access with ISA Server
Advertisements

Chapter 14 – Authentication Applications
Building web applications on top of encrypted data using Mylar Presented by Tenglu Liang Tai Liu.
SSLstrip Stepan Shykerynets
SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
Key Provisioning Use Cases and Requirements 67 th IETF KeyProv BOF – San Diego Mingliang Pei 11/09/2006.
Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.
Usable Security (Part 1 – Oct. 30/07) Dr. Kirstie Hawkey Content primarily from Teaching Usable Privacy and Security: A guide for instructors (
URL Obscuring COEN 152/252 Computer Forensics  Thomas Schwarz, S.J
SSL By: Anthony Harris & Adam Shkoler. What is SSL? SSL stands for Secure Sockets Layer SSL is a cryptographic protocol which provides secure communications.
Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.
D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.
CRYPTOGRAPHY PROGRAMMING ON ANDROID Jinsheng Xu Associate Professor North Carolina A&T State University.
Introduction to Secure Sockets Layer (SSL) Protocol Based on:
CSC-682 Advanced Computer Security Analyzing Websites for User-Visible Security Design Flaws Pompi Rotaru Based on an article by : Laura Falk, Atul Prakash,
Web Spoofing Steve Newell Mike Falcon Computer Security CIS 4360.
CS 4244: Internet Programming Security 1.0. Introduction Client identification and cookies Basic Authentication Digest Authentication Secure HTTP.
A Quick Insight Paper about phishing attacks based on usability study Users required to classify websites as fraudulent/legitimate using security tools.
An Evaluation of Extended Validation and Picture-in-Picture Phishing Attacks Collin Jackson et. all Presented by Roy Ford.
Security fundamentals Topic 5 Using a Public Key Infrastructure.
Pertemuan #10 Secure HTTP (HTTPS) Kuliah Pengaman Jaringan.
Can SSL and TOR be intercepted? Secure Socket Layer.
Measures to prevent MITM attack and their effectiveness CSCI 5931 Web Security Submitted By Pradeep Rath Date : 23 rd March 2004.
Secure Socket Layer SSL and TLS. SSL Protocol Peer negotiation for algorithm support Public key encryptionPublic key encryption -based key exchange and.
“What the is That? Deception and Countermeasures in the Android User Interface” Presented by Luke Moors.
Apr 1, 2003Mårten Trolin1 Previous lecture Certificates and key management Non-interactive protocols –PGP SSL/TLS –Introduction –Phases –Commands.
SSL: Secure Socket Layer By: Mike Weissert. Overview Definition History & Background SSL Assurances SSL Session Problems Attacks & Defenses.
WHAT THE APP IS THAT? DECEPTION AND COUNTERMEASURES IN THE ANDROID USER INTERFACE.
Why Does The Site Need an SSL Certification?. Security should always be a high concern for your website, but do you need an SSL certificate? A secure.
Cryptography and Network Security
Key management issues in PGP
Presentation By :- Krishna Sai Mulpuri
BUILD SECURE PRODUCTS AND SERVICES
TOPIC: HTTPS (Security protocol)
Presented by Edith Ngai MPhil Term 3 Presentation
Web Security CS-431.
Setting and Upload Products
Web Applications Security Cryptography 1
Data Virtualization Tutorial… SSL with CIS Web Data Sources
SFS-HTTP: Securing the Web with Self-Certifying URLs
SSL Certificates for Secure Websites
Web Development Web Servers.
PAYMENT GATEWAY Presented by SHUJA ASHRAF SHAH ENROLL: 4471
Ad-blocker circumvention System
Cryptography and Network Security
Secure Sockets Layer (SSL)
Vocabulary Prototype: A preliminary sketch of an idea or model for something new. It’s the original drawing from which something real might be built or.
Practical Censorship Evasion Leveraging Content Delivery Networks
Authentication Applications
Publishing and Maintaining a Website
Vocabulary Prototype: A preliminary sketch of an idea or model for something new. It’s the original drawing from which something real might be built or.
How to Check if a site's connection is secure ?
Originally by Yu Yang and Lilly Wang Modified by T. A. Yang
CS 142 Lecture Notes: Network Security
Using SSL – Secure Socket Layer
What’s New in Fireware v12.1.1
CSE 4095 Transport Layer Security TLS
A Quick Guide To Fix QuickBooks Error QuickBooks is a leading accounting software that has assisted millions of small and mid-sized business in.
CS 142 Lecture Notes: Network Security
Remote Login: Telnet Objectives Chapter 18
Created by : Ashish Shah, J.M. PATEL COLLEGE OF COMMERCE
Digital Certificates and X.509
Cryptography and Network Security
Created by : Ashish Shah, J.M. PATEL COLLEGE OF COMMERCE
Analysing Forged SSL Certificates in the Wild
CS 142 Lecture Notes: Network Security
Unemployment Insurance Agency Michigan Web Account Manager
Cryptography and Network Security
Presentation transcript:

Presentation By :- ADARSH PILLAY An Empirical Evaluation of Security Indicators in Mobile Web Browsers Chaitrali Amrutkar, Patrick Traynow and Paul C. van Oorschot Presentation By :- ADARSH PILLAY

OVERVIEW Security Indicators are those elements which give an indication of whether something is secure or not web page is, in context of web browsing. Security sensitive operations are not only restricted to desktop rather now mobile browsers are also increasingly being relied upon. W3C has set forth some guidelines to convey security for web user interface. Experiments are performed on popular browsers both on mobile and desktop and comparison is being made.

CONTENT Section 1 Section 2 Section 3 Section 4 Section 5 Section 6 Introduction Section 2 W3C Terminologies and Guidelines Section 3 Observations of Results Section 4 Additional Results Section 5 User’s interaction and Possible attacks Section 6 Related Work Section 7 Concluding Remarks CONTENT

INTRODUCTION Users are increasingly getting reliable on mobile devices for sensitive personal, social & financial exchanges. But the users are getting attacked even after browsers have strong cryptographic tools and the reason for this is not immediately clear. Goal is to check whether applied security indicators allows expert users to accurately determine the identity of website. The attacks are of different types like phishing, man-in-the-middle. Also, EV-SSL indicators are missing in the mobile browsers.

W3C TERMINOLOGIES User Interface Elements Trust Anchor Root Trusted Root Certificates Pinning Identity Signal Strong TLS Weak TLS Error Messages

W3C GUIDELINES Identity Signal : Availability Certificates : Required Content TLS Indicators Significance of presence Content & Indicator Proximity Availability Robustness : Visibility of Indicators Error Messages Interruption Proceeding Options Inhibit Interaction

Implementation Set Up The Cross Marks in the tables in coming slides represent that browser doesn’t comply with the W3C Guidelines. The Bullets in the tables in coming slides represent that browser doesn’t comply with the W3C Guidelines.

IDENTITY SIGNAL The Owner of the Website The Corresponding Issuer of Certificate Identity Signal contains information about MUST be available to user through either of the interface at all the times

CERTIFICATES Certificates MUST provide Reasons of Trust Same Website’s Domain Name Reason of Trust Reasons of Trust If certificate was accepted interactively or not If certificate was self-signed or not If self-signed then whether presented to user or not

TLS INDICATORS Content and Indicator Proximity Availability Any UI indicator MUST NOT signal the presence of a certificate unless all parts of the webpage are loaded. If browser displays a TLS indicator for the presence of a certificate for a webpage consisting of mixed content, this guideline is not followed. Significance of Presence Content MUST NOT be displayed in a manner that confuses hosted content. If a browser allows a favicon to be placed next to the padlock, an attacker can feign a secure website by mimicking the favicon as a security indicator. Content and Indicator Proximity The TLS Indicators must be available to the user through either of the interface at all times. Check whether cipher details are available or not and also, if lock icon shown or not. Availability

Observations of TLS Indicators on Mobile & Tablet Browsers & Desktop Browsers

Web content MUST NOT obscure the security user interface. ROBUSTNESS Web content MUST NOT obscure the security user interface. The TLS indicators found on the user interface are lock icon, https URL prefix, URL coloring and site identity button. The visibility of these indicators is dependent on the mode of screen whether it is landscape or portrait.

ERROR MESSAGES Interruption Proceeding Options Inhibit Operation Both warning/caution and danger messages MUST interrupt the user’s current task, such that the user has to acknowledge the message. Interruption Warning/caution messages MUST provide the user with distinct options for how to proceed (i.e., these messages MUST NOT lead to a situation in which the only option presented to the user is to dismiss the warning and continue). Proceeding Options The interactions for danger messages MUST be presented in a way that makes it impossible for the user to go to or interact with the destination website that caused the danger situation to occur, without first explicitly interacting with the danger message. Inhibit Operation

Observations of Error Messages on Mobile & Tablet Browsers & Desktop Browsers Cross with star represents that browser fails to warn user according to our view. NA implies that the particular experiment is not applicable to that browser.

ADDITIONAL RESULTS : POSITIVE SSL version 2 MUST NOT hold strong and after the experiment authors found that None of the browsers in either mobile or tablet support it. The NULL Cipher is one of the most dangerous ciphers as it represents lack of an encrypted communication channel. Authors found that None of the browsers either in mobile or tablet support the null cipher.

ADDITIONAL RESULTS : NEGATIVE Browser supporting weak cipher can enable a network attacker to break the encrypted messages . Observations Authors perform check on DES-CBC-SHA weak cipher. 6 mobile & tablet browsers support weak cipher. Others display error messages conveying absence of encryption protocol with server.

ADDITIONAL RESULTS : NEUTRAL No difference between EV-SSL and SSL Certificates provided by W3C Documents. Only sole difference from user’s perspective is that of the indicators shown in the browser. SSL Certificates can be just domain validated only i.e. users can’t be aware whether website owner is validated or not. SSL certificates cheaper for validation compared to EV-SSL. In a browser with no differentiation between SSL and EV-SSL certificates, they both are same from user’s perspective. The inconsistency across browsers from same vendor adds to an already confusing task of whether it is an EV-SSL or SSL certified website.

USER DECEPTION AND POSSIBLE ATTACKS If W3C Guidelines are not followed then users can be easily misled about the identity of the website or the security of the connection. Four types of attacks are discussed which are possible due to violation of one or more W3C Guidelines. Phishing without SSL Phishing with SSL Phishing using compromised CA Industrial Espionage

PHISHING WITHOUT SSL A Cross implies that an attack is possible. Attacker masquerades as a trustworthy entity in the attack as closely imitates the legitimate website’s identity along with lock icon spoofing, launching attack without SSL on browser. Domain name quite similar to legitimate website which provides an impression of correct identity of website. Makes the favicon a lock image which provides an illusion for strong encryption. When rendered in a browser where URL viewing is difficult or doesn’t offer a UI to view identity information of website, then even advance user might get subjected to phishing. PHISHING WITHOUT SSL A Cross implies that an attack is possible. A Bullet implies that the corresponding attack is not possible.

Spoofing only lock icon is not adequate for a successful phishing attack. An attacker can buy an inexpensive SSL Certificate for website to increase credibility of attack. It helps as in by providing https URL prefix and URL Coloring option in addition to lock icon. Thus, if user blindly trusts these indicators then it will be subjected to phishing attack. PHISHING WITH SSL

PHISHING USING COMPROMISED CA Attacker obtains rogue certificates for legitimate websites by compromising CA. If a browser trusts a CA then it doesn’t checks if CA is compromised or not. An expert user can verify certificate issuer’s organization in the chain, thus not interacting with malicious website having a rogue certificate. But if browser doesn’t allow user interface to have certificate viewing, then even an expert user can be subjected to phishing attack.

INDUSTRIAL ESPIONAGE/EAVESDROPPING SSLstrip Attack Attacker sits on the local network and intercepts traffic. As attacker finds a request for an encrypted https site, it duplicates it with an unencrypted http site. This switching strips away the security, also, deceiving the server that an encrypted page has been sent to client. Cipher Downgrade Attack An attacker can tamper the initial messages sent by the client to server for setting up connection. The attacker can modify the ciphers that client and server exchange to weak ciphers and then forward it to server. On receiving weak ciphers, server can either establish a connection or drop it. If connection is established then, all data is transmitted through weak cipher encryption scheme & thus attacker can stream the data and break it offline. Also an expert user can get subjected to this attack. Mixed Content Attacker can tamper the unencrypted content on the webpage consisting of mixed content by replacing it with malicious content of his choice. Even expert users are unable to detect this if browser displays the SSL Indicators for a webpage containing mixed content.

RELATED WORK Traditional Browser Indicators They contain a range of indicators like https prefix, lock icon etc., but generally these go unnoticed or are absent in websites. Many users don’t understand the concept of lock icon and certificates. Also there are lot of domain name mismatches between certificates and websites. Techniques for better indicators Better Warnings More effective interface dialogues Trusted path from browser to user Disabling JS in user browser & forcing persistent view of browser’s location Dynamic Security Skins Finally, efforts to standardize security indicators & thus minimize confusion across browsers. Mobile Browser Indicators Increasing user base of mobile web browsers and mobile e-commerce has now brought focus for attackers. Also, having a different user interface than desktop browser makes it more important to focus on security indicators usage in mobile browsers.

CONCLUDING REMARKS Modern mobile browsers depict a range of sensitive operations related to security features of web browsers. But compared to desktop, they lack behind due to scree size issue. Tremendous inconsistency was seen in security indicators on mobile browsers. Also, adding of EV-SSL certificates make the mobile ecosystem more complex without producing much benefits. Such significant changes make it difficult for expert users too, for detecting security issues, raising high concern for average users as how they will deal with it.

THANK YOU