TY - GEN
T1 - Auto-FBI
T2 - 29th Annual Computer Security Applications Conference, ACSAC 2013
AU - Zohrevandi, Mohsen
AU - Bazzi, Rida
N1 - Copyright:
Copyright 2014 Elsevier B.V., All rights reserved.
PY - 2013
Y1 - 2013
N2 - We propose a novel and simple approach for securing access to sensitive content on the web. The approach automates the best manual compartmentalization practices for accessing different kinds of content with different browser instances. The automation is transparent to the user and does not require any modification of how non-sensitive content is accessed. For sensitive content, a Fresh Browser Instance (FBI) is automatically created to access the content. Our prototype system Auto-FBI can provide support for novice users with predefined sensitive content sites as well as for more experienced users who can define conflict of interest (COI) classes which allows content from sites in the same user-defined class to coexist in a browser instance. Our initial performance evaluation of Auto-FBI shows that the overhead introduced by the approach is acceptable (less than 160 ms for sites that already have fast load time, but for slow sites the overhead can be as high as 750 ms).
AB - We propose a novel and simple approach for securing access to sensitive content on the web. The approach automates the best manual compartmentalization practices for accessing different kinds of content with different browser instances. The automation is transparent to the user and does not require any modification of how non-sensitive content is accessed. For sensitive content, a Fresh Browser Instance (FBI) is automatically created to access the content. Our prototype system Auto-FBI can provide support for novice users with predefined sensitive content sites as well as for more experienced users who can define conflict of interest (COI) classes which allows content from sites in the same user-defined class to coexist in a browser instance. Our initial performance evaluation of Auto-FBI shows that the overhead introduced by the approach is acceptable (less than 160 ms for sites that already have fast load time, but for slow sites the overhead can be as high as 750 ms).
UR - http://www.scopus.com/inward/record.url?scp=84893262296&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84893262296&partnerID=8YFLogxK
U2 - 10.1145/2523649.2523683
DO - 10.1145/2523649.2523683
M3 - Conference contribution
AN - SCOPUS:84893262296
SN - 9781450320153
T3 - ACM International Conference Proceeding Series
SP - 349
EP - 358
BT - Proceedings - 29th Annual Computer Security Applications Conference, ACSAC 2013
Y2 - 9 December 2013 through 13 December 2013
ER -