Topic Descriptions and Seminar Paper Objectives
|
Topic Title |
Tutor |
Description |
Seminar Paper Objective |
|---|---|---|---|
| Security of Emerging JavaScript Runtimes | Abdullah | Node.js and other traditional javascript runtimes are suffering from various attack types and a large attack surface which would be risky to use. Emerging JavaScript runtimes proposed several techniques to mitigate the risks on JavaScript runtime and their engines, starting from implement runtime APIs with memory-safe language, -therefore a memory-safe runtime by-default-, to build more sophisticated supply chain to avoid set of supply chain attacks. Recently, researchers are investigating these emerging runtimes and to which extend are they safer in compare to traditional JavaScript runtimes. Moreover, what these emerging runtimes would sacrifice to provide higher level of security. | Understand memory-safe runtime and the effect of languages like rust on JavaScript runtimes, like deno. Explain the pros and cons of Deno’s permissions system, e.g., useability vs security. Explain how Deno managed to reduce the attack surface and why it might fail against other types of attacks, e.g., against supply chain. Elaborate how desentralised supply chain would better alternative to the traditional supply chain, and what are the possible risks on JavaScript ecosystem. Finally, understand why deno failed to fully prevent from prototype chain attacks. |
| Web Security Scanners | Alex | Web security scanners are core tools in black-box testing. Starting from the seed URL, they iteratively explore the web application and identify the vulnerabilities. However, the increasing complexity of modern web applications creates new challenges for web security scanners, such as client-side navigation, multi-step workflows, and the exponential growth of application states. Recent works have proposed novel solutions to the challenges, aiming to improve the vulnerability detection of web security scanners. | - Describe the typical architecture of black-box web security scanners. - Build a methodology to enumerate the black-box web security scanners presented in scientific literature and execute it. - Identify the main challenges of black-box web security scanning using the collected papers. - For each challenge, analyze and compare the solutions proposed in the previous works based on their strengths and limitations. - Propose a future direction for the black-box web security scanners. |
| Type Confusion in Gradually Typed Languages | Dominic | The dynamic nature of modern programming languages such as JavaScript and Python not only offers developers lots of freedom and flexibility, but also gives rise to issues such as type confusion. Type confusion vulnerabilities occur when there is a mismatch between a piece of data’s expected and actual data type at runtime. These vulnerabilities can act as building block for larger attacks, e.g.., enabling attackers to circumvent input validation mechanisms and to hijack the control flow. More recently, gradual typing has emerged as a middleground between the flexibility of dynamic typing and the type safety of static typing. But does gradual typing actually help preventing type confusion in practice? Or could it possibly make it even worse? |
- Introduce and frame the problem: Present technical terms you are going to use in the paper. Show that you understand type confusion and gradual typing. - Type-related issues: Discuss type confusion and how it can be detected by presenting the follow-up paper concisely but in-depth. Collect other kinds of type-related issues from related work and compare them to type confusion in terms of attack vector, threat model, potential consequences. Also discuss how type-related issues, especially type confusion can act as building blocks for larger attacks. - Gradual typing enabling type issues: Discuss the main paper in-depth. Show you understand how gradual typing can affect type safety. Furthermore, assess and discuss proposed countermeasures/improvements to current implementations of gradual typing. Can you think of other solutions? - Critical discussion: 1) Discuss the trade-off between flexibility and security in dynamically/gradually typed languages. Do we need more or less flexibility? 2)Critically assess both the main and follow-up papers and discuss major strengths and weaknesses. 3) Discuss/propose directions for future work on the type safety of gradually typed languages. |
| Electron Application Security | Cris | Browser-based cross-platform applications, in the form of Electron applications, have gained significant traction in recent times. However, these electron applications are also susceptible to most security and privacy vulnerabilities associated with the native Web applications of the past and the present. The relatively complex architecture and the nature of data withheld or accessed by these electron applications on the users' machine, makes them an interesting target for malicious actors on the Web. | Understanding of the electron application architecture and its components. Familiarity with the prior research studies focused on the threat surface of Electron apps. Understanding of the transferability of different vulnerabilities associated with native Web applications to the Electron ecosystem and its implications. A holistic view of the current state (in terms of S&P) of the Electron architecture and (known) ways and strategies towards secure development of such applications. |
| S&P of Web Applications and the Geo-difference Factor | Shubham | The Web security researchers have extensively studied the state of security and privacy of globally popular Web applications, as listed by Alexa, Tranco or CruX in the past, and have reported their findings. However, the investigations, the resulting insights and conclusion drawn on globally popular websites (e.g. security header deployment, third-party tracking, privacy policies, etc.) does not weigh in the geo-difference factor and the influence of the local policies may lead to significant deviation from the observed behavior and trends among globally popular websites. | Thorough investigation and listing of various different security and privacy related differences among websites in different parts of the world. Root cause analysis of the influencing factors and the underlying reasons behind these differences, as reported by prior studies in this direction. Discussion on the challenges of performing a holistic S&P measurements that also incorporates local factors and nuances of individual websites. |
| Detection of Malicious Browser Extensions | Valentino | Browser extensions provide powerful customization but can pose significant security and privacy risks. Detecting malicious extensions is challenging due to diverse abuse patterns and the difficulty of distinguishing malicious from benign behavior. As detection methods improve, malicious actors continue to evolve their techniques. This creates an ongoing challenge to stay ahead of emerging threats while maintaining a balance between security and the legitimate functionality that the extensions provide. We will study two papers where static, dynamic analysis, and user feedback monitoring are used to detect common malicious behaviors while minimizing false positives. | Understand the architecture of browser extensions and reason on a set of possible malicious behaviors. Identify the main features that can be considered in the analysis of extensions. Define the main aspects of static vs dynamic approaches (strengths vs weaknesses). Understand the role of extensions APIs and discuss how analysis for maliciousness could be driven by the higher relevance that these part of the code have. |
| AI-Based Analysis | Gianluca |
Analyzing web application is a complex and time-consuming task that require high levels of human expertise. |
- Investigation of challenges connected to the automatic detection of vulnerabilities. - Discussion of methods to address them using ML techniques |
| Shared state in extended reality environment | Andrea | Extended reality (XR) leverages existing technology and protocols to maintain and transmit real-time updates about players and objects to all participants in a shared virtual environment. The real-time nature of these interactions introduces specific security vulnerabilities, including the potential for message tampering and unauthorized information access. | - Investigation of the current technologies used in virtual platforms to offer this real time communication. - Identify through literature search the problems and attacks related to this collaborative shared state. - Discussion of the implementation challenges and possible defenses towards the attacks happening in platforms and the attacks presented in literature. |
| Security, Privacy, and Accessibility: Implications of Digital Disparities | Masud | Developers around the world face significant accessibility hurdles that impact their ability to build secure, privacy-conscious, and accessible web applications. These challenges can arise from various factors, including economic limitations in developing or least-developed countries and the restrictive effects of international sanctions. In economically disadvantaged regions, developers often struggle with limited access to the internet, outdated infrastructure, and a lack of affordable tools and resources, which can hinder their ability to stay current with emerging technologies and best practices. Similarly, countries under sanctions, such as Iran or North Korea, face additional barriers, including restricted access to critical software, development platforms, and cloud services, which severely limits their ability to collaborate globally and adopt modern security or accessibility standards. These hurdles not only affect the quality of developers' work but also create disparities in the global web development landscape, influencing how developers implement security measures, ensure privacy, and deliver accessible user experiences. This topic aims to explore how economic challenges and sanctions affect developers’ practices worldwide, focusing on the ways these factors shape their approach to security, privacy, accessibility, and overall user experience. | ssess the global state of web development by identifying and analyzing the key accessibility hurdles faced by developers, including economic challenges and the impact of international sanctions. Investigate regional disparities in web development practices, focusing on whether developers in certain areas are lagging behind due to limited access to resources, tools, and infrastructure. Explore how developers from different regions address critical issues such as security, privacy, and accessibility despite the constraints they face. Evaluate the impact of these accessibility barriers on the overall user experience, considering how these challenges shape the quality of web applications. Examine how these practices, influenced by resource limitations and regional disparities, affect web accessibility, potentially leading to inequities in how users from different regions experience and interact with online platforms. |
| Offensive and Defensive Security with Service Workers | Dolière | Service workers (SWs) are at the heart of progressive web applications. They facilitate many advanced features such as offline browsing, web push notifications, seamless user experiences, access to a programmable cache, and other advanced client-side storage. Beyond traditional web apps, SWs also power Manifest V3 WebExtensions and edge Cloudflare workers. Most prior work has demonstrated different abuses of service workers’ features. Recently, attempts have been made to leverage service workers to advance web security. | 1. Master the specific capabilities and privileges of service workers 2. Comprehend the different possible abuses of service workers 3. Devise defensive strategies for/based on service workers |