SpyShield: Preserving Privacy from Spy Add-ons
description
Transcript of SpyShield: Preserving Privacy from Spy Add-ons
![Page 1: SpyShield: Preserving Privacy from Spy Add-ons](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815735550346895dc4d683/html5/thumbnails/1.jpg)
Dr. XiaoFeng Wang ©
SpyShield: Preserving Privacy from Spy Add-ons
Zhuowei Li, XiaoFeng Wang and Jong Youl ChoiIndiana University at Bloomington
![Page 2: SpyShield: Preserving Privacy from Spy Add-ons](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815735550346895dc4d683/html5/thumbnails/2.jpg)
Dr. XiaoFeng Wang ©
You are being WATCHED!
Spyware on the loose
Webroot said 89 percent of the computers it scanned
INFECTED WITH SPYWARE
With
30 PICIECES PER MACHINE!
![Page 3: SpyShield: Preserving Privacy from Spy Add-ons](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815735550346895dc4d683/html5/thumbnails/3.jpg)
Dr. XiaoFeng Wang ©
What are we going to do?
Single-layer defense is always fragile
Defense in Depth
PreventionDetectionContain
![Page 4: SpyShield: Preserving Privacy from Spy Add-ons](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815735550346895dc4d683/html5/thumbnails/4.jpg)
Dr. XiaoFeng Wang ©
Spyware containment
Protect sensitive information under spyware surveillance
Complementary to spyware prevention and detection
![Page 5: SpyShield: Preserving Privacy from Spy Add-ons](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815735550346895dc4d683/html5/thumbnails/5.jpg)
Dr. XiaoFeng Wang ©
Spy add-on
BHO
COMInterfaces
![Page 6: SpyShield: Preserving Privacy from Spy Add-ons](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815735550346895dc4d683/html5/thumbnails/6.jpg)
Dr. XiaoFeng Wang ©
SpyShield
BHO
![Page 7: SpyShield: Preserving Privacy from Spy Add-ons](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815735550346895dc4d683/html5/thumbnails/7.jpg)
Dr. XiaoFeng Wang ©
SpyShield
BHO
![Page 8: SpyShield: Preserving Privacy from Spy Add-ons](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815735550346895dc4d683/html5/thumbnails/8.jpg)
Dr. XiaoFeng Wang ©
Related work Surveillance containment
Bump in the Ether; SpyBlock Not for containing spy add-ons
Privilege separationPrevent privilege escalationsNot for control of information leaks
Sandboxing and information flow securitySpyShield enforces access control to add-on interfaces
![Page 9: SpyShield: Preserving Privacy from Spy Add-ons](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815735550346895dc4d683/html5/thumbnails/9.jpg)
Dr. XiaoFeng Wang ©
Contributions
General protection against spy add-ons
Potential for fine-grained access control
Resilience to attacks
Small overheads
Ease of use
![Page 10: SpyShield: Preserving Privacy from Spy Add-ons](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815735550346895dc4d683/html5/thumbnails/10.jpg)
Dr. XiaoFeng Wang ©
Design
Access-control proxy enforces security policies Proxy guardian protects the proxy
![Page 11: SpyShield: Preserving Privacy from Spy Add-ons](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815735550346895dc4d683/html5/thumbnails/11.jpg)
Dr. XiaoFeng Wang ©
Access-control proxy Objective: permit or deny add-ons’ access to host data
Event-driven add-ons: Steal information once an event happens Proxy: block the events according to security policies
Non-event-driven add-ons Poll add-on interfaces Proxy: control all interfaces spy add-ons might use
Direct memory access Proxy: separate untrusted add-ons from the host control the channels for Inter-process communication
![Page 12: SpyShield: Preserving Privacy from Spy Add-ons](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815735550346895dc4d683/html5/thumbnails/12.jpg)
Dr. XiaoFeng Wang ©
Untrusted add-ons
Trusted add-ons are from known vendors
If don’t know, then don’t trust
Use hash values to classify add-ons
![Page 13: SpyShield: Preserving Privacy from Spy Add-ons](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815735550346895dc4d683/html5/thumbnails/13.jpg)
Dr. XiaoFeng Wang ©
Security policies
Limit untrusted add-ons’ access to host when sensitive data are being processed
For example, the bank balance is displayed
Sensitive zones
![Page 14: SpyShield: Preserving Privacy from Spy Add-ons](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815735550346895dc4d683/html5/thumbnails/14.jpg)
Dr. XiaoFeng Wang ©
Policy setting
![Page 15: SpyShield: Preserving Privacy from Spy Add-ons](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815735550346895dc4d683/html5/thumbnails/15.jpg)
Dr. XiaoFeng Wang ©
Proxy guardian
Protect the proxy from being attacked
Use system call interposition
Protect dataDatabase of the hash values for trusted add-onsPolicies
Protect proxy processes
![Page 16: SpyShield: Preserving Privacy from Spy Add-ons](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815735550346895dc4d683/html5/thumbnails/16.jpg)
Dr. XiaoFeng Wang ©
Implementation (1)
We implemented an access control proxy for IE plug-ins COM interfaces interposed:
![Page 17: SpyShield: Preserving Privacy from Spy Add-ons](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815735550346895dc4d683/html5/thumbnails/17.jpg)
Dr. XiaoFeng Wang ©
Implementation (2)
Proxy guardian interposed the following system calls:
![Page 18: SpyShield: Preserving Privacy from Spy Add-ons](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815735550346895dc4d683/html5/thumbnails/18.jpg)
Dr. XiaoFeng Wang ©
Evaluations
Setting: Pentium 3.2GHz and 1GB memory and Windows XP
Effectiveness test Traffic differential analysis [NetSpy] Dangerous behavior blocked
Performance test Latency for Inter-process communication Processing time of function invocations Web navigation
![Page 19: SpyShield: Preserving Privacy from Spy Add-ons](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815735550346895dc4d683/html5/thumbnails/19.jpg)
Dr. XiaoFeng Wang ©
Effectiveness (1)
![Page 20: SpyShield: Preserving Privacy from Spy Add-ons](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815735550346895dc4d683/html5/thumbnails/20.jpg)
Dr. XiaoFeng Wang ©
Effectiveness (2) Differential analysis
![Page 21: SpyShield: Preserving Privacy from Spy Add-ons](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815735550346895dc4d683/html5/thumbnails/21.jpg)
Dr. XiaoFeng Wang ©
Effectiveness (3)
Block malicious activities
![Page 22: SpyShield: Preserving Privacy from Spy Add-ons](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815735550346895dc4d683/html5/thumbnails/22.jpg)
Dr. XiaoFeng Wang ©
Performance (1)
Overhead for IPC1327 times!
However, IPC only takes a SMALL portion of transaction processing time
![Page 23: SpyShield: Preserving Privacy from Spy Add-ons](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815735550346895dc4d683/html5/thumbnails/23.jpg)
Dr. XiaoFeng Wang ©
Performance (2) Function invocation time Web navigation:
80% functionalities of google toolbar and 8/9 of Yahoo! Toolbar Memory costs:
From 11MB to 15MB However, an additional new window only cost an extra 0.1 to 0.5MB
![Page 24: SpyShield: Preserving Privacy from Spy Add-ons](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815735550346895dc4d683/html5/thumbnails/24.jpg)
Dr. XiaoFeng Wang ©
Limitations
Limitations of the designOnly for protecting add-onsNot for defending against kernel-level spyware
Limitations of implementationApply same policies to the whole window object
How about frames?Only wrap the COM interfaces for the plug-ins used in exp
![Page 25: SpyShield: Preserving Privacy from Spy Add-ons](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815735550346895dc4d683/html5/thumbnails/25.jpg)
Dr. XiaoFeng Wang ©
Conclusion and future work
SpyShield offers effective containment against Spy add-ons
Future work: develop policy model and techniques for containing standalone spyware