TY - JOUR
T1 - Exploring the protection of private browsing in desktop browsers
AU - Tsalis, Nikolaos
AU - Mylonas, Alexios
AU - Nisioti, Antonia
AU - Gritzalis, Dimitris
AU - Katos, Vasilios
PY - 2017/6/1
Y1 - 2017/6/1
N2 - Desktop browsers have introduced private browsing mode, a security control which aims to protect users' data that are generated during a private browsing session by not storing them in the filesystem. As the Internet becomes ubiquitous, the existence of this security control is beneficial to users, since privacy violations are increasing, while users tend to be more concerned about their privacy when browsing the web in a post-Snowden era. In this context, this work examines the protection that is offered by the private browsing mode of the most popular desktop browsers in Windows (i.e., Chrome, Firefox, IE and Opera). Our experiments uncover occasions in which even if users browse the web with a private session, privacy violations exist contrary to what is documented by the browser. To raise the bar of privacy protection that is offered by web browsers, we propose the use of a virtual filesystem as the storage medium of browsers' cache data. We demonstrate with a case study how this countermeasure protects users from the privacy violations, which are previously identified in this work.
AB - Desktop browsers have introduced private browsing mode, a security control which aims to protect users' data that are generated during a private browsing session by not storing them in the filesystem. As the Internet becomes ubiquitous, the existence of this security control is beneficial to users, since privacy violations are increasing, while users tend to be more concerned about their privacy when browsing the web in a post-Snowden era. In this context, this work examines the protection that is offered by the private browsing mode of the most popular desktop browsers in Windows (i.e., Chrome, Firefox, IE and Opera). Our experiments uncover occasions in which even if users browse the web with a private session, privacy violations exist contrary to what is documented by the browser. To raise the bar of privacy protection that is offered by web browsers, we propose the use of a virtual filesystem as the storage medium of browsers' cache data. We demonstrate with a case study how this countermeasure protects users from the privacy violations, which are previously identified in this work.
KW - Browsing artefacts
KW - Privacy
KW - Private browsing
KW - Web browser
KW - Web security
UR - http://www.scopus.com/inward/record.url?scp=85015762524&partnerID=8YFLogxK
U2 - 10.1016/j.cose.2017.03.006
DO - 10.1016/j.cose.2017.03.006
M3 - Article
AN - SCOPUS:85015762524
SN - 0167-4048
VL - 67
SP - 181
EP - 197
JO - Computers and Security
JF - Computers and Security
ER -