Show simple item record

dc.contributor.authorAmrutkar, Chaitrali
dc.contributor.authorSingh, Kapil
dc.contributor.authorVerma, Arunabh
dc.contributor.authorTraynor, Patrick
dc.date.accessioned2011-02-23T19:56:31Z
dc.date.available2011-02-23T19:56:31Z
dc.date.issued2011
dc.identifier.urihttp://hdl.handle.net/1853/36978
dc.descriptionResearch area: Information Security and Cryptography, Internet Security, Wireless and Mobile Networking
dc.description.abstractMobile web browsers now provide nearly equivalent features when compared to their desktop counterparts. However, smaller screen size and optimized features for constrained hardware make the web experience on mobile browsers significantly different. In this paper, we present the first comprehensive study of the display-related security issues in mobile browsers. We identify two new classes of display-related security problems in mobile browsers and devise a range of real world attacks against them. Additionally, we identify an existing security policy for display on desktop browsers that is inappropriate on mobile browsers. Our analysis is comprised of eight mobile and five desktop browsers. We compare security policies for display in the candidate browsers to infer that desktop browsers are significantly more compliant with the policies as compared to mobile browsers. We conclude that mobile browsers create new security challenges and are not simply miniature versions of their desktop counterparts.en_US
dc.language.isoen_USen_US
dc.publisherGeorgia Institute of Technologyen_US
dc.relation.ispartofseriesSCS Technical Report ; GT-CS-11-02en_US
dc.subjectAccess control policiesen_US
dc.subjectDesktop web browsersen_US
dc.subjectDisplay-related securityen_US
dc.subjectInformation securityen_US
dc.subjectMobile web browsersen_US
dc.subjectSecurity policiesen_US
dc.subjectWebpagesen_US
dc.subjectWebsitesen_US
dc.titleOn the Disparity of Display Security in Mobile and Traditional Web Browsersen_US
dc.typeTechnical Reporten_US
dc.contributor.corporatenameGeorgia Institute of Technology. College of Computing
dc.contributor.corporatenameGeorgia Institute of Technology. School of Computer Science
dc.contributor.corporatenameGeorgia Institute of Technology. Converging Infrastructure Security (CISEC) Laboratory


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record