Title: FlowFox: a web browser with flexible and precise information flow control
Authors: De Groef, Willem #
Issue Date: 12-Sep-2012
Conference: SPION Technical Workshop edition:1 location:Leuven date:12 September 2012
OWASP Belgium Chapter Meeting location:Leuven date:12 September 2012
Abstract: Modern web browsers handle content from a variety of origins, and not all these origins can be equally trusted. Such content can be a mix of both markup and executable scripts. These scripts can heavily interact with their environment by for example communicating with remote servers or by accessing application and privacy-sensitive user information.
An important consequence of such a powerful browser environment is the fact that users' privacy is at stake.
We will give a demo of FlowFox, a fully functional web browser that implements a precise and general information flow control mechanism for web scripts. We will show how FlowFox can protect against privacy-violating information leaks in real-life malicious JavaScript programs by controlling the flow of sensitive information within web scripts.
Publication status: published
KU Leuven publication type: IMa
Appears in Collections:Informatics Section
# (joint) last author

Files in This Item:
File Description Status SizeFormat
spion-20120912.pdf Published 6299KbAdobe PDFView/Open


All items in Lirias are protected by copyright, with all rights reserved.