miscellaneous tracking on the web start on malware
play

Miscellaneous: tracking on the web (& start on malware) CS - PowerPoint PPT Presentation

Dec 02, 2023 •300 likes •1.14k views

Miscellaneous: tracking on the web (& start on malware) CS 161: Computer Security Prof. Raluca Ada Popa April 17, 2018 Credit: some slides are adapted from previous offerings of this course or from CS 241 of Prof. Dan Boneh Miscellaneous

  1. Miscellaneous: tracking on the web (& start on malware) CS 161: Computer Security Prof. Raluca Ada Popa April 17, 2018 Credit: some slides are adapted from previous offerings of this course or from CS 241 of Prof. Dan Boneh

  2. Miscellaneous topics Tracking on the web Malware (bots, worms, viruses) Bitcoin All will be covered on exam, you should understand the concepts, but no need to understand the details.

  3. What does a site learn about you when you visit them? Discuss with your neighbor

  4. The sites you visit learn: The URLs you’re interested in n Google/Bing also learns what you’re searching for Your IP address n Thus, your service provider & geo-location n Can often link you to other activity including at other sites Your browser’s capabilities, which OS you run, which language you prefer Which URL you looked at that took you there n Via the HTTP “ Referer ” header They also learn cookies!

  5. They also learn cookies Why is that harmful?

  6. Let’s remove all of our cookies

  7. Cool, no web site is tracking us …

  8. We do a search on “ private browsing ”

  10. Google has stored a couple of cookies on our system

  11. Goodness knows what info they decided to put in the cookie

  12. But it lasts for months …

  13. Private browsing You can turn on a mode called private browsing on your browser What is this? Does it protect you against tracking?

  14. We click on the top result

  15. Note that this mode is privacy from your family, not from web sites!

  16. Private browsing “Private Browsing allows you to browse the Internet without saving any information about which sites and pages you’ve visited.” - deletes history of URL visits, passwords, cookies too - Private Browsing maintains cookies for as long as the private browsing window is open. Once you quit the browser, it gets deleted - So still tracked for a good while!

  17. Ironically, we’ve gained a bunch of cookies in the process

  18. This one sticks around for two years. Expires: April 17, 2020

  19. How did YouTube enter the picture?? Expires: April 17, 2020 There was YouTube content embedded on the site

  20. YouTube is remembering the version of Flash I’m running … Expires: April 17, 2020

  21. We navigate to The New York Times …

  23. What a lot of yummy cookies!

  24. Here are the ones from the website itself …

  25. This one tracks the details of my system & browser

  26. doubleclick.net - who’s that? And how did it get there from visiting www.nytimes.com? doubleclick.net is a tracker, purposefully embedded by NYTimes for tracking

  27. Third-Party Cookies How can a web site enable a third party to plant cookies in your browser & later retrieve them? n Include on the site’s page (for example): w <img src="http://doubleclick.net/ad.gif" width=1 height=1> Why would a site do that? * n Site has a business relationship w/ DoubleClick Why can this track you? n Now DoubleClick sees all of your activity that involves their web sites n Because your browser dutifully sends them their cookies for any web page that has that img n Identifier in cookie ties together activity as = YOU Owned by Google, by the way •

  28. Moral: you can be tracked by a site even if you do not visit that site

  29. Remember this 2-year Mozilla cookie?

  30. Google Analytics Any web site can (anonymously) register with Google to instrument their site for analytics n Gather information about who visits, what they do when they visit To do so, site adds a small Javascript snippet that loads http://www.google-analytics.com/ga.js n You can see sites that do this because they introduce a " __utma " cookie Code ships off to Google information associated with your visit to the web site n Shipped by fetching a GIF w/ values encoded in URL n Web site can use it to analyze their ad “campaigns” n Not a small amount of info …

  32. Values Reportable via Google Analytics

  33. Still More Tracking Techniques … Any scenario where browsers execute programs that manage persistent state can support tracking by cookies n Such as …. Flash ?

  34. Sure, this is where you’d think to look to analyze what Flash cookies are stored on your machine My browser had Flash cookies from 67 sites! Some Flash cookies “ respawn ” regular browser cookies that you previously deleted!

  35. Facebook “Like” button (an IFRAME hosted on facebook.com)

  36. What does Facebook learn? Many pages include a Facebook “Like” button. What are the implications, for user tracking? Facebook can track you on every site that you visit that embeds such a button, not only when you are actually visit Facebook

  37. From Facebook:

  38. Tracking – So What? Cookies form the core of how Internet advertising works today n Without them, arguably you’d have to pay for content up front a lot more w (and payment would mean you’d lose anonymity anyway) n A “better ad experience” is not necessarily bad w Ads that reflect your interests; not seeing repeated ads But: ease of gathering so much data so easily Þ concern of losing control how it’s used n Privacy concerns n Large amounts of private data in one place

  40. When you interview, they Know What You’ve Posted

  42. Tracking – So What? Cookies etc. form the core of how Internet advertising works today n Without them, arguably you’d have to pay for content up front a lot more w (and payment would mean you’d lose anonymity anyway) n A “better ad experience” is not necessarily bad w Ads that reflect your interests; not seeing repeated ads But: ease of gathering so much data so easily Þ concern of losing control how it’s used n Content shared with friends doesn’t just stay with friends … n You really don’t have a good sense of just what you’re giving away …

  43. Inadvertent information leaking Consider posting a picture on Twitter

  44. The world can see it, but what more can an outside figure out about you?

  45. Photos are tagged with location from the camera

  48. How To Gain Better Privacy? discuss with your neighbor

  49. How To Gain Better Privacy? Force of law n Example #1: web site privacy policies w US sites that violate them commit false advertising w But: policy might be “ Yep, we sell everything about you, Ha Ha! ”

  50. The New Yorker’s Privacy Policy (when you buy their archives) 7. Collection of Viewing Information. You acknowledge that you are aware of and consent to the collection of your viewing information during your use of the Software and/or Content. Viewing information may include, without limitation, the time spent viewing specific pages, the order in which pages are viewed, the time of day pages are accessed, IP address and user ID. This viewing information may be linked to personally identifiable information, such as name or address and shared with third parties.

  51. How To Gain Better Privacy? Force of law n Example #1: web site privacy policies w US sites that violate them commit false advertising w But: policy might be “ Yep, we sell everything about you, Ha Ha! ” n Example #2: SB 1386 (bill in CA legislature) w Requires an agency, person or business that conducts business in California and owns or licenses computerized 'personal information' to disclose any breach of security (to any resident whose unencrypted data is believed to have been disclosed) w Quite effective at getting sites to pay attention to securing personal information n Example #3: GDPR law

  53. General Data Protection Regulation (GDPR) New European law (2018) designed to allow individuals to better control their personal data Requires consent or strong reason to process and store personal information Gives a user the right to know what information is held about them Allows a user to request that their information is deleted and that they are ‘forgotten’ Requires that personal information is properly protected. … and more Applies to US companies with European customers too 53

  54. How To Gain Better Privacy? Technology n Various browser additions n Special browser extensions n Tor and anonymizers to hide IP addresses

  55. Browser: “Tracking protection” Private browsing includes tracking protection You can choose a blocking list in your Firefox browser for example: - Basic (default): Blocks third-party trackers based on Disconnect.me. Blocks commonly known analytics trackers, social sharing trackers, and advertising trackers, but allows some known content trackers to reduce website breakage. - strict: blocks all known trackers, including analytics, trackers, social sharing trackers, and advertising trackers as well as content trackers. The strict list will break some videos, photo slideshows, and some social networks.

  56. Browsers: Do not track flag You can turn on this flag in your browser What does it do? - Tells web servers you want to opt-out of tracking - It does this by transmitting a Do Not Track HTTP header every time your data is requested from a web server It does not enforce that there is no tracking, it is up to the web servers whether they decide to track or not

  57. Some ad companies do provide more generic ads as a result of this flag

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Miscellaneous: Malware contd &amp; start on Bitcoin CS 161: Computer Security Prof. Raluca

Miscellaneous: Malware contd &amp; start on Bitcoin CS 161: Computer Security Prof. Raluca

Miscellaneous: Malware contd &amp; start on Bitcoin CS 161: Computer Security Prof. Raluca Ada Popa April 19, 2018 Credit: some slides are adapted from previous offerings of this course Viruses vs. Worms VIRUS WORM Propagates by

757 views • 56 slides
PHP Miscellaneous Dr. E. Benoist Winter Term 2005-2006 PHP Miscellaneous 1 PHP Miscellaneous

PHP Miscellaneous Dr. E. Benoist Winter Term 2005-2006 PHP Miscellaneous 1 PHP Miscellaneous

Berner Fachhochschule - HTI PHP Miscellaneous Dr. E. Benoist Winter Term 2005-2006 PHP Miscellaneous 1 PHP Miscellaneous Generating PDF Documents FPDF Library Image Generation GD Library Example: Barcode Generator Authorization

935 views • 56 slides
PIN-point control for analyzing malware Jason Jones REcon 2014 1 Me Sr

PIN-point control for analyzing malware Jason Jones REcon 2014 1 Me Sr

PIN-point control for analyzing malware Jason Jones REcon 2014 1 Me Sr Sec Research Analyst @ Arbor ex-TippingPoint ASI Primarily reverse malware Interests / Research DDoS Botnet tracking Malware Clustering Bug

419 views • 29 slides
Lecture 12 Malware Defenses Stephen Checkoway University of Illinois at Chicago CS 487

Lecture 12 Malware Defenses Stephen Checkoway University of Illinois at Chicago CS 487

Lecture 12 Malware Defenses Stephen Checkoway University of Illinois at Chicago CS 487 Fall 2017 Slides based on Baileys ECE 422 Malware review How does the malware start running? Logic bomb? Trojan horse? Virus?

470 views • 27 slides
Obfuscated Financial Fraud Android Malware : Detection and Behavior Tracking In Seung, Yang

Obfuscated Financial Fraud Android Malware : Detection and Behavior Tracking In Seung, Yang

Obfuscated Financial Fraud Android Malware : Detection and Behavior Tracking In Seung, Yang (KrCERT/CC, KISA) DeepSEC IDSC 2016 Friday, 11 November 2016 Analysis Team at KrCERT/CC, KISA Mobile malware analyst In Seung, Yang Who am I

1.59k views • 72 slides
Malware What is malware? Malware: malicious software worm ransomware adware

Malware What is malware? Malware: malicious software worm ransomware adware

Malware What is malware? Malware: malicious software worm ransomware adware virus trojan horse etc. and how do we fight it? AV software Firewalls Filtering Patching Writing more secure software

540 views • 42 slides
Malware What is malware? Malware: malicious software worm ransomware adware

Malware What is malware? Malware: malicious software worm ransomware adware

Malware What is malware? Malware: malicious software worm ransomware adware virus trojan horse etc. and how do we fight it? AV software Firewalls Filtering Patching Writing more secure software

568 views • 22 slides
Android Malware Analysis on Attacks and Defense Android malware Android malware With the

Android Malware Analysis on Attacks and Defense Android malware Android malware With the

Android Malware Analysis on Attacks and Defense Android malware Android malware With the explosive growth of mobile device market and usage, there is an increasing number of malicious mobile applications targeting these devices and

819 views • 44 slides
MISCELLANEOUS Page 1 of 1 Print this page Miscellaneous * Asterisks denote mandatory

MISCELLANEOUS Page 1 of 1 Print this page Miscellaneous * Asterisks denote mandatory

MISCELLANEOUS Page 1 of 1 Print this page Miscellaneous * Asterisks denote mandatory information Name of Announcer * WILMAR INTERNATIONAL LIMITED Company Registration No. 199904785Z Announcement submitted on behalf of WILMAR INTERNATIONAL

192 views • 17 slides
Entrapment: Tricking Malware with Transparent, Scalable Malware Analysis Paul Royal

Entrapment: Tricking Malware with Transparent, Scalable Malware Analysis Paul Royal

Entrapment: Tricking Malware with Transparent, Scalable Malware Analysis Paul Royal paul@gtisc.gatech.edu Agenda Modern Malware Obfuscations, Server-side Polymorphism, Collection Volume Malware Analysis Detection

504 views • 27 slides
Getting started with malware analysis Judith van Stegeren Definitions Malware : any software that

Getting started with malware analysis Judith van Stegeren Definitions Malware : any software that

Getting started with malware analysis Judith van Stegeren Definitions Malware : any software that does something that causes harm to a user, computer or network, including viruses, trojan horses, worms, rootkits, scareware and spyware. Malware

119 views • 9 slides
GOODWARE DRUGS FOR MALWARE: ON-THE-FLY MALWARE ANALYSIS AND CONTAINMENT DAMIANO BOLZONI

GOODWARE DRUGS FOR MALWARE: ON-THE-FLY MALWARE ANALYSIS AND CONTAINMENT DAMIANO BOLZONI

GOODWARE DRUGS FOR MALWARE: ON-THE-FLY MALWARE ANALYSIS AND CONTAINMENT DAMIANO BOLZONI CHRISTIAAN SCHADE TWENTE SECURITY LAB UNIVERSITY OF TWENTE THE NETHERLANDS AGENDA Something about malware Malware internals Current analysis

398 views • 27 slides
A CUCKOOS EGG IN THE MALWARE NEST ON-THE-FLY SIGNATURE-LESS MALWARE ANALYSIS, DETECTION AND

A CUCKOOS EGG IN THE MALWARE NEST ON-THE-FLY SIGNATURE-LESS MALWARE ANALYSIS, DETECTION AND

A CUCKOOS EGG IN THE MALWARE NEST ON-THE-FLY SIGNATURE-LESS MALWARE ANALYSIS, DETECTION AND CONTAINMENT FOR LARGE NETWORKS CHRISTIAAN SCHADE TWENTE SECURITY LAB UNIVERSITY OF TWENTE THE NETHERLANDS MALWARE WARS In the last

313 views • 14 slides
Malware Halting 1. Malware 2. Software diversity Part I: Method Development 3. Computer

Malware Halting 1. Malware 2. Software diversity Part I: Method Development 3. Computer

Overview Malware Halting 1. Malware 2. Software diversity Part I: Method Development 3. Computer immunization Kjell Jrgen Hole Simula@UiB 4. Epidemiological model 5. Malware halting analysis 6. Malware halting method Last updated

672 views • 29 slides
MISCELLANEOUS Page 1 of 1 Print this page Miscellaneous * Asterisks denote mandatory

MISCELLANEOUS Page 1 of 1 Print this page Miscellaneous * Asterisks denote mandatory

MISCELLANEOUS Page 1 of 1 Print this page Miscellaneous * Asterisks denote mandatory information Name of Announcer * METRO HOLDINGS LIMITED Company Registration No. 197301792W Announcement submitted on behalf METRO HOLDINGS LIMITED of

657 views • 47 slides
MISCELLANEOUS Page 1 of 1 Print this page Miscellaneous * Asterisks denote mandatory

MISCELLANEOUS Page 1 of 1 Print this page Miscellaneous * Asterisks denote mandatory

MISCELLANEOUS Page 1 of 1 Print this page Miscellaneous * Asterisks denote mandatory information Name of Announcer * METRO HOLDINGS LIMITED Company Registration No. 197301792W Announcement submitted on behalf of METRO HOLDINGS LIMITED

718 views • 46 slides
In a world where bindings and values Immutability: obstacle or tool? are

In a world where bindings and values Immutability: obstacle or tool? are

9/22/15 In a world where bindings and values Immutability: obstacle or tool? are immutable Discuss based on: Have you noticed? Programming experience in 251 and previously Readings

328 views • 3 slides
CS 251 Fall 2019 CS 251 Fall 2019 Topics Principles of Programming Languages Principles

CS 251 Fall 2019 CS 251 Fall 2019 Topics Principles of Programming Languages Principles

CS 251 Fall 2019 CS 251 Fall 2019 Topics Principles of Programming Languages Principles of Programming Languages Ben Wood Ben Wood Mutation is unnecessary. Immutability Immutability offers referential transparency. Mutation

564 views • 3 slides
CSE 331 Mutation and immutability slides created by Marty Stepp based on materials by M. Ernst,

CSE 331 Mutation and immutability slides created by Marty Stepp based on materials by M. Ernst,

CSE 331 Mutation and immutability slides created by Marty Stepp based on materials by M. Ernst, S. Reges, D. Notkin, R. Mercer, Wikipedia http://www.cs.washington.edu/331/ 1 Mutation mutation : A modification to the state of an object.

571 views • 29 slides
Detecting Self-Mutating Malware Using Control-Flow Graph Matching Danilo Bruschi Lorenzo

Detecting Self-Mutating Malware Using Control-Flow Graph Matching Danilo Bruschi Lorenzo

Detecting Self-Mutating Malware Using Control-Flow Graph Matching Danilo Bruschi Lorenzo Martignoni Mattia Monga Dipartimento di Informatica e Comunicazione Universit` a degli Studi di Milano { bruschi,martign,monga } @dico.unimi.it

356 views • 23 slides
Adventures in Fuzzing Instruction Selection EuroLLVM 2017 Justin Bogner 1 Overview

Adventures in Fuzzing Instruction Selection EuroLLVM 2017 Justin Bogner 1 Overview

Adventures in Fuzzing Instruction Selection EuroLLVM 2017 Justin Bogner 1 Overview Hardening instruction selection using fuzzers Motivated by Global ISel Leveraging libFuzzer to find backend bugs Techniques applicable to

835 views • 41 slides
Reagents: Functional programming meets scalable concurrency Aaron Turon Northeastern University

Reagents: Functional programming meets scalable concurrency Aaron Turon Northeastern University

Reagents: Functional programming meets scalable concurrency Aaron Turon Northeastern University Saturday, November 10, 12 Concurrency Parallelism Concurrency is overlapped execution of processes. Parallelism is simultaneous execution of

958 views • 94 slides
Defining methods Defining methods Method header: type name ( parameter declarations )

Defining methods Defining methods Method header: type name ( parameter declarations )

Defining methods Defining methods Method header: type name ( parameter declarations ) type refers to the result of the method May be any primitive type, any class, or void If not void , statements in the method body must

292 views • 11 slides
Practical Mostly-Static Information Flow Control Andrew Myers MIT Lab for Computer Science

Practical Mostly-Static Information Flow Control Andrew Myers MIT Lab for Computer Science

Practical Mostly-Static Information Flow Control Andrew Myers MIT Lab for Computer Science Privacy Old problem (secrecy, confidentiality) : prevent programs from leaking data Untrusted, downloaded code: more important Standard

891 views • 23 slides

More recommend