Global ETD Search

81	A Novel Approach for User-Centric Privacy Protection on the Web Oad, Satish Kumar 07 August 2023 (has links) No description available. Artificial Intelligence Computer Engineering Computer Science USER-CENTRIC PRIVACY PROTECTION ON THE WEB Policy engine Modify policies Browser Extension
82	Разработка фреймворка для создания расширений веб-браузера : магистерская диссертация / Development of a framework for creating web browser extensions Воложанин, С. С., Volozhanin, S. S. January 2023 (has links) Целью работы является разработка фреймворка для создания веб-браузерных расширений. Объектом исследования является класс программных средств для автоматизации и упрощения работы разработчиков с веб-браузерными расширениями. Методы исследования включают: анализ, сравнение и обобщение данных о существующих способах автоматизации разработки веб-браузерных расширений; апробация современных WEB-технологий. Магистерская диссертация содержит 4 главы. В первой главе описаны основные теоретические аспекты предметной области. Вторая глава содержит анализ и описание средств разработки. Третья глава посвящена описанию процесса разработки фреймворка. В четвертой главе представлено описание возможностей фреймворка. Результатом работы является разработанный фреймворк для создания расширений веб-браузера. / The aim of the work is to develop a framework for developing web browser extensions. The object of research is a class of software tools for automating and simplifying the work of developers with web browser extensions. Research methods include analysis, comparison, and generalization of data on existing methods for automating the development of web browser extensions; approbation of modern WEB-technologies. The paper contains 4 chapters. The first chapter describes the main theoretical aspects of the subject area. The second chapter contains an analysis and description of development tools. The third chapter is devoted to describing the framework development process. The fourth chapter presents a description of framework capabilities. The result of the work is the framework for developing web browser extensions. ФРЕЙМВОРК WEB-ТЕХНОЛОГИИ MASTER'S THESIS FRAMEWORK WEB BROWSER EXTENSIONS WEB TECHNOLOGIES DEVELOPMENT AUTOMATION
83	Empirical analysis of the impact of packet loss on WebTransport using Socket.IO Gulliksson, Carl January 2024 (has links) This thesis presents an empirical analysis of the performance of WebTransport and WebSocket using the Socket.IO framework under varying network conditions. The thesis investigates two primary experiments, message round trip time and multiplexing performance, both conducted under three scenarios—perfect network (0% packet loss), moderate network (5% packet loss), and poor network (15% packet loss). The experiments were conducted on a system running Fedora 40 with a 12th Gen Intel Core i5-12600K processor and 16 GB of memory. The findings demonstrate that WebTransport mitigates Head-of-Line (HOL) blocking more effectively than WebSocket, especially in environments with degraded networks. WebTransport (Reliable) provided a significant performance advantage under suboptimal network conditions when measuring message round trip time, while WebTransport (Unreliable) consistently demonstrated slightly lower latency but with some data loss. When multiplexing, WebTransport showed significant performance benefits compared to using WebSocket. websockets webtransport socket.io tcp udp quic network protocols packet loss network conditions real-time browser Computer Sciences Datavetenskap (datalogi)
84	Sécurité et vie privée dans les applications web / Web applications security and privacy Somé, Dolière Francis 29 October 2018 (has links) Dans cette thèse, nous nous sommes intéressés aux problématiques de sécurité et de confidentialité liées à l'utilisation d'applications web et à l'installation d'extensions de navigateurs. Parmi les attaques dont sont victimes les applications web, il y a celles très connues de type XSS (ou Cross-Site Scripting). Les extensions sont des logiciels tiers que les utilisateurs peuvent installer afin de booster les fonctionnalités des navigateurs et améliorer leur expérience utilisateur. Content Security Policy (CSP) est une politique de sécurité qui a été proposée pour contrer les attaques de type XSS. La Same Origin Policy (SOP) est une politique de sécurité fondamentale des navigateurs, régissant les interactions entre applications web. Par exemple, elle ne permet pas qu'une application accède aux données d'une autre application. Cependant, le mécanisme de Cross-Origin Resource Sharing (CORS) peut être implémenté par des applications désirant échanger des données entre elles. Tout d'abord, nous avons étudié l'intégration de CSP avec la Same Origin Policy (SOP) et démontré que SOP peut rendre CSP inefficace, surtout quand une application web ne protège pas toutes ses pages avec CSP, et qu'une page avec CSP imbrique ou est imbriquée dans une autre page sans ou avec un CSP différent et inefficace. Nous avons aussi élucidé la sémantique de CSP, en particulier les différences entre ses 3 versions, et leurs implémentations dans les navigateurs. Nous avons ainsi introduit le concept de CSP sans dépendances qui assure à une application la même protection contre les attaques, quelque soit le navigateur dans lequel elle s'exécute. Finalement, nous avons proposé et démontré comment étendre CSP dans son état actuel, afin de pallier à nombre de ses limitations qui ont été révélées dans d'autres études. Les contenus tiers dans les applications web permettent aux propriétaires de ces contenus de pister les utilisateurs quand ils naviguent sur le web. Pour éviter cela, nous avons introduit une nouvelle architecture web qui une fois déployée, supprime le pistage des utilisateurs. Dans un dernier temps, nous nous sommes intéressés aux extensions de navigateurs. Nous avons d'abord démontré que les extensions qu'un utilisateur installe et/ou les applications web auxquelles il se connecte, peuvent le distinguer d'autres utilisateurs. Nous avons aussi étudié les interactions entre extensions et applications web. Ainsi avons-nous trouvé plusieurs extensions dont les privilèges peuvent être exploités par des sites web afin d'accéder à des données sensibles de l'utilisateur. Par exemple, certaines extensions permettent à des applications web d'accéder aux contenus d'autres applications, bien que cela soit normalement interdit par la Same Origin Policy. Finalement, nous avons aussi trouvé qu'un grand nombre d'extensions a la possibilité de désactiver la Same Origin Policy dans le navigateur, en manipulant les entêtes CORS. Cela permet à un attaquant d'accéder aux données de l'utilisateur dans n'importe qu'elle autre application, comme par exemple ses mails, son profile sur les réseaux sociaux, et bien plus. Pour lutter contre ces problèmes, nous préconisons aux navigateurs un système de permissions plus fin et une analyse d'extensions plus poussée, afin d'alerter les utilisateurs des dangers réels liés aux extensions. / In this thesis, we studied security and privacy threats in web applications and browser extensions. There are many attacks targeting the web of which XSS (Cross-Site Scripting) is one of the most notorious. Third party tracking is the ability of an attacker to benefit from its presence in many web applications in order to track the user has she browses the web, and build her browsing profile. Extensions are third party software that users install to extend their browser functionality and improve their browsing experience. Malicious or poorly programmed extensions can be exploited by attackers in web applications, in order to benefit from extensions privileged capabilities and access sensitive user information. Content Security Policy (CSP) is a security mechanism for mitigating the impact of content injection attacks in general and in particular XSS. The Same Origin Policy (SOP) is a security mechanism implemented by browsers to isolate web applications of different origins from one another. In a first work on CSP, we analyzed the interplay of CSP with SOP and demonstrated that the latter allows the former to be bypassed. Then we scrutinized the three CSP versions and found that a CSP is differently interpreted depending on the browser, the version of CSP it implements, and how compliant the implementation is with respect to the specification. To help developers deploy effective policies that encompass all these differences in CSP versions and browsers implementations, we proposed the deployment of dependency-free policies that effectively protect against attacks in all browsers. Finally, previous studies have identified many limitations of CSP. We reviewed the different solutions proposed in the wild, and showed that they do not fully mitigate the identified shortcomings of CSP. Therefore, we proposed to extend the CSP specification, and showed the feasibility of our proposals with an example of implementation. Regarding third party tracking, we introduced and implemented a tracking preserving architecture, that can be deployed by web developers willing to include third party content in their applications while preventing tracking. Intuitively, third party requests are automatically routed to a trusted middle party server which removes tracking information from the requests. Finally considering browser extensions, we first showed that the extensions that users install and the websites they are logged into, can serve to uniquely identify and track them. We then studied the communications between browser extensions and web applications and demonstrate that malicious or poorly programmed extensions can be exploited by web applications to benefit from extensions privileged capabilities. Also, we demonstrated that extensions can disable the Same Origin Policy by tampering with CORS headers. All this enables web applications to read sensitive user information. To mitigate these threats, we proposed countermeasures and a more fine-grained permissions system and review process for browser extensions. We believe that this can help browser vendors identify malicious extensions and warn users about the threats posed by extensions they install. Web Navigateurs Applications web Sécurité Extensions de navigateurs Communication inter-iframes Confidentialité Vie privé Pistage Empreinte de navigateurs Web Browser Web applications Security Same origin policy Content origin policy Cross-origin resource sharing Browser extensions Privacy Cross-iframe communication Third party web tracking Browser fingerprinting
85	A survey of the available browse for the black rhinoceros (Diceros bicornis ssp. bicornis Linnaeus, 1758) in a farmland area in the Kunene region, Namibia Olsson, Sanna January 2015 (has links) No description available. black rhinoceros black rhino rhinoceros rhino Black Rhino Custodianship Program Namibia browser herbivore southern Africa browse availability Diceros bicornis shrub tree browse forage
86	Dark web och integritet på Internet : En kvalitativ studie av mediala gestaltningar av det dolda nätverket Dark web samt anonymitetens paradox Rivero Mildén, Linn January 2018 (has links) Denna studie är av kvalitativ karaktär och har tagit sin epistemologiska utgångspunkt i gestaltningsteorin för att undersöka digitala representationer av ett tillsynes undangömt nätverk. Syftet med uppsatsen är att undersöka hur Dark web gestaltas i ett urval mediekanaler för att fastställa vanliga representationer av nätverket. Studien ämnar för att besvara i vilka sammanhang som nätverket gestaltas som en risk respektive möjlighet. Studien genomförs med hjälp av kvalitativ textanalys inspirerad av kritisk diskursanalys. Det empiriska materialet hämtades från de fyra mediekanalerna Expressen, Computer World, Sveriges Radio och Tor Blog. Vidare diskuteras termerna anonymitetsparadox och moralpanik i studien eftersom att de visade sig vara av särskild relevans vid forskning av ett sådant digitalt och till synes anonymt mediefenomen. Studiens resultat påvisar att tillgången till ett fritt och anonymiserat Internet tycks blivit en fråga vad avser demokratiska rättigheter. Ur denna aspekt fungerar Dark web som en potentiell lösning mot den kartläggning som förekommer på det traditionella Internet. Computer World hade en uteslutande teknisk gestaltning av Dark web där intresset låg i att presentera teknologin bakom nätverket. Kvällspressen fokuserade huvudsakligen på den kriminalitet som cirkulerar på det dolda nätverket och redogjorde främst för narkotikahandel och kortbedrägerier. Tog Blog belyste både tekniken och anonymitetsaspekten bakom Dark web medan Sveriges Radio visade sig vara det medium som hade mest omfattande och genomgripande porträtteringar vad avser Dark web. Slutligen visade studien att det är i samspelet mellan de risker och möjligheter kring Dark web som paradoxen med anonymitet uppstår. Dark Web Surface Web Tor Browser Gestaltningsteori Risksamhälle Representation Integritet Anonymitet Kriminalitet Kvalitativ textanalys Moralpanik Internet Media and Communication Technology Medieteknik Media Studies Medievetenskap
87	Overcoming Limitations of Serial Audio Search Hidalgo, Isabela Cordeiro Ribeiro Moura 01 January 2012 (has links) The typical approach for finding audio recordings, such as music and sound effects, in a database is to enter some textual information into a search field. The results appear summarized in a list of textual descriptions of the audio files along with a function for playing back the recordings. Exploring such a list sequentially is a time-consuming and tedious way to search for sounds. This research evaluates whether searching for audio information can become more effective with a user interface capable of presenting multiple audio streams simultaneously. A prototype audio player was developed with a user interface suitable for both search and browsing of a hierarchically organized audio collection. The audio recordings are presented either serially (serial output mode) or simultaneously (parallel output mode), spatially distributed in both vertical and horizontal planes. Users select individual recordings by simply pointing at its source location with a remote control. Two within-subjects experiments were conducted to compare the performance of the audio player's output modes in audio search tasks. The experiments differ in the maximum number of audio recordings played simultaneously - either four or six. In both experiments, search tasks were performed about 25% faster using parallel audio output than using serial output. Over 80% of participants preferred searching parallel output. The results indicate that using parallel output can be a valuable improvement to the current methods of audio search, which typically use only serial output. Auditory User Interfaces Human-Computer Interaction Music Browser Parallel Output Simultaneous Sounds Wii Remote American Studies Arts and Humanities Computer Engineering Computer Sciences
88	MITIGATION OF WEB-BASED PROGRAM SECURITY VULNERABILITY EXPLOITATIONS Shahriar, HOSSAIN 30 November 2011 (has links) Over the last few years, web-based attacks have caused significant harm to users. Many of these attacks occur through the exploitations of common security vulnerabilities in web-based programs. Given that, mitigation of these attacks is extremely crucial to reduce some of the harmful consequences. Web-based applications contain vulnerabilities that can be exploited by attackers at a client-side (browser) without the victim’s (browser user’s) knowledge. This thesis is intended to mitigate some exploitations due to the presence of security vulnerabilities in web applications while performing seemingly benign functionalities at the client-side. For example, visiting a webpage might result in JavaScript code execution (cross-site scripting), downloading a file might lead to the execution of JavaScript code (content sniffing), clicking on a hyperlink might result in sending unwanted legitimate requests to a trusted website (cross-site request forgery), and filling out a seemingly legitimate form may eventually lead to stealing of credential information (phishing). Existing web-based attack detection approaches suffer from several limitations such as (i) modification of both server and client-side environments, (ii) exchange of sensitive information between the server and client, and (iii) lack of detection of some attack types. This thesis addresses these limitations by mitigating four security vulnerabilities in web applications: cross-site scripting, content sniffing, cross-site request forgery, and phishing. We mitigate the exploitations of these vulnerabilities by developing automatic attack detection approaches at both server and client-sides. We develop server-side attack detection frameworks to detect attack symptoms within response pages before sending them to the client. The approaches are designed based on the assumption that the server-side program source is available for analysis, but we are not allowed to alter the program code and the runtime environments. Moreover, we develop client-side attack detection frameworks so that some level of protection is present when the source code of server websites (either trusted or untrusted) is not available. Our proposed solutions explore several techniques such as response page parsing and file content analysis, browser-level checking of requests and responses, and finite state machine-based behavior monitoring. The thesis evaluates the proposed attack detection approaches with real-world vulnerable programs. The evaluation results indicate that our approaches are effective and perform better than the related work. We also contribute to the development of benchmark suites for evaluating attack detection techniques. / Thesis (Ph.D, Computing) -- Queen's University, 2011-11-29 09:44:24.465 Security vulnerability Cross-site request forgery Phishing Content sniffing Parser-based analysis Browser-based checking Cross-site scripting Trustworthiness testing Web-based program
89	The Null Game: feature-specific player enjoyment in massively multiplayer online role playing games Bouchard, Matthew Unknown Date No description available. RPG MOG MMO MMORPG BB-MMORPG browser-based MMORPG MUD fun enjoyment player enjoyment bad games video games managed player efficiency MPE meritocratic play
90	The Null Game: feature-specific player enjoyment in massively multiplayer online role playing games Bouchard, Matthew 06 1900 (has links) Massively Multiplayer Online Role Playing Games (MMORPGs) are complex and interesting objects of study. They are quite popular among both casual and connoisseur gamers, and they are often played continuously over many years. Despite a reasonable amount of existing research on MMORPGs, no clear explanation has emerged to explain what particular game features encourage so many players to enjoy these games for so long. In this thesis, I contend that the most important elements in the success of an MMORPG are meritocratic play and managed player efficiency (MPE). This contention is proved by examining the existing literature on player enjoyment and game design, surveying popular MMORPGs, and building and testing a simple, browser-based game that implements meritocratic play and managed player efficiency. While existing research and my survey of popular MMORPGS provide good support for the importance of meritocratic play and MPE, participants in my study provided much stronger support by reporting particular enjoyment of game tasks that displayed the clearest meritocratic play and the best opportunities to manage player efficiency. RPG MOG MMO MMORPG BB-MMORPG browser-based MMORPG MUD fun enjoyment player enjoyment bad games video games managed player efficiency MPE meritocratic play

Search results