Private Browsing Mode Not Really That Private: Dealing with Privacy Breach Caused by Browser Extensions

Bin Zhao, Peng Liu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

6 Scopus citations

Abstract

Private Browsing Mode (PBM) is widely supported by all major commodity web browsers. However, browser extensions can greatly undermine PBM. In this paper, we propose an approach to comprehensively identify and stop privacy breaches under PBM caused by browser extensions. Our approach is primarily based on run-time behavior tracking. We combine dynamic analysis and symbolic execution to represent extensions' behavior to identify privacy breaches in PBM caused by extensions. Our analysis shows that many extensions have not fulfilled PBM's guidelines on handling private browsing data. To the best of our knowledge, our approach also provides the first work to stop privacy breaches through instrumentation. We implemented a prototype SoPB on top of Firefox and evaluated it with 1,912 extensions. The results show that our approach can effectively identify and stop privacy breaches under PBM caused by extensions, with almost negligible performance impact.

Original languageEnglish (US)
Title of host publicationProceedings - 2015 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2015
PublisherIEEE Computer Society
Pages184-195
Number of pages12
Volume2015-September
ISBN (Electronic)9781479986293
DOIs
StatePublished - Sep 14 2015
Event45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2015 - Rio de Janeiro, Brazil
Duration: Jun 22 2015Jun 25 2015

Other

Other45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2015
CountryBrazil
CityRio de Janeiro
Period6/22/156/25/15

All Science Journal Classification (ASJC) codes

  • Software
  • Hardware and Architecture
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'Private Browsing Mode Not Really That Private: Dealing with Privacy Breach Caused by Browser Extensions'. Together they form a unique fingerprint.

  • Cite this

    Zhao, B., & Liu, P. (2015). Private Browsing Mode Not Really That Private: Dealing with Privacy Breach Caused by Browser Extensions. In Proceedings - 2015 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2015 (Vol. 2015-September, pp. 184-195). [7266849] IEEE Computer Society. https://doi.org/10.1109/DSN.2015.18