An evaluation of the management of deoxyrinucleic acid (DNA) evidence / An evaluation of the management of deoxyribonucleic acid (DNA) evidence

Dywaba, Zukiswa Morencia

09 1900

DNA is identified as a powerful tool in the solving of rape cases, but it is often destroyed either by members of the public or the police officials who attend to the scene. The aim of the study was to evaluate the management of DNA evidence in rape cases in the Bishop Lavis Policing Area. To address the research topic under investigation, research questions, a legal framework and policies were used. The outcome of the study indicated poor performance in securing the crime scene and ensuring that physical evidence is preserved and not tampered with. On this basis, it was recommended that developmental workshops and intensive training on the management of DNA evidence be conducted to all members of the South African Police Service attend to rape crime scenes. This should be done to equip them with knowledge and an understanding of the management of DNA evidence. / Police Practice / M. Tech. (Forensic Investigation)

Crime investigation

Crime scene

Deoxyribonucleic acid

Forensic investigation

Chain of custody

Rape

Individualisation

Identification

Physical evidence

Management

363.25953209687355

Identification and Characterization of Peptides and Proteins using Fourier Transform Ion Cyclotron Resonance Mass Spectrometry

Palmblad, Magnus

January 2002

Mass spectrometry has in recent years been established as the standard method for protein identification and characterization in proteomics with excellent intrinsic sensitivity and specificity. Fourier transform ion cyclotron resonance is the mass spectrometric technique that provides the highest resolving power and mass accuracy, increasing the amount of information that can be obtained from complex samples. This thesis concerns how useful information on proteins of interest can be extracted from mass spectrometric data on different levels of protein structure and how to obtain this data experimentally. It was shown that it is possible to analyze complex mixtures of protein tryptic digests by direct infusion electrospray ionization Fourier transform ion cyclotron resonance mass spectrometry and identify abundant proteins by peptide mass fingerprinting. Coupling on-line methods such as liquid chromatography and capillary electrophoresis increased the number of proteins that could be identified in human body fluids. Protein identification was also improved by novel statistical methods utilizing prediction of chromatographic behavior and the non-randomness of enzymatic digestion. To identify proteins by short sequence tags, electron capture dissociation was implemented, improved and finally coupled on-line to liquid chromatography for the first time. The combined techniques can be used to sequence large proteins de novo or to localize and characterize any labile post-translational modification. New computer algorithms for the automated analysis of isotope exchange mass spectra were developed to facilitate the study of protein structural dynamics. The non-covalent interaction between HIV-inhibitory peptides and the oligomerization of amyloid β-peptides were investigated, reporting several new findings with possible relevance for development of anti-HIV drug therapies and understanding of fundamental mechanisms in Alzheimer’s disease.

Materials science

Peptide

protein

peptide mass fingerprinting

identification

sequencing

protein structure

non-covalent interaction

modification

electrospray ionization

liquid chromatography

capillary electrophoresis

electron capture dissociation

cerebrospinal fluid

amyloid β-peptide

Alzheimer’s disease.

Materialvetenskap

Materials science

Teknisk materialvetenskap

Chromatography and extraction techniques for new evaluation methods of polyolefins long-term performance

Burman, Lina

January 2005

Chromatography and extraction techniques, and also chemiluminescence have been utilized to develop new rapid and informative tools in the evaluation of long-term properties and environmental effects of polymeric materials. Methods were developed for classification of materials and for early and rapid degradation detection. Degradable polyethylene films were classified on the basis of their incorporated prooxidant systems using chromatographic fingerprinting of carboxylic acids, the dominating type of degradation product. The fingerprints were also shown to be useful for prediction of the degradation states and evaluation of the degradation mechanisms. Classification and prediction models were obtained by Multivariate Data Analysis, where the diacids were grouped according to both their type of prooxidant system and their state of degradation. The use of total luminescence intensity (TLI) measurements was also investigated as a means of classifying films and for the early detection of degradation. Comparisons were carried out with common techniques, e.g. FTIR and DSC, after both thermal and UV oxidation. TLI gave an earlier detection of degradation and was more sensitive than carbonyl index and crystallinity measurements to relative differences in degradation between the materials. It furthermore offered complementary information regarding changes in activation energies during the course of the degradation. The results were compared with the chromatographic fingerprints. A new way to evaluate the low temperature long-term stabilisation efficiency of antioxidants was investigated. A prooxidant was used to obtain catalytic oxidation, instead of using thermal acceleration, to evaluate the stabilisation efficiency of antioxidants at low temperatures but still during reasonably short aging times. Comparisons were made between polypropylene films stabilised with primary antioxidants (Irganox 1076, Irganox 1010 and α-tocopherol) with and without the prooxidant manganese stearate at different temperatures. The relative efficiencies of the antioxidants obtained under prooxidant acceleration test correlated better than thermal acceleration test with the results of a long-term low temperature test. Additives in plastic packaging materials may affect the environment after migration from the packaging to e.g. their contents, especially if they consist of organic aqueous solutions or oils. The use of Solid-Phase Microextraction (SPME) for the specific task of extraction from an organic aqueous solution such as a simulated food or pharmaceutical solution consisting of 10 vol-% ethanol in water was investigated. Methods were developed and evaluated for extraction both with direct sampling and with headspace sampling. If the extraction method and temperature were selected to suit the concentration levels of the analytes, it was possible to quantify several degradation products simultaneously. Comparisons made with Solid Phase Extraction showed the advantage of SPME for this purpose. / QC 20100929

Chemical engineering

polymer

chromatographic fingerprinting

gas-chromatography – mass spectrometry

GC-MS

degradable polyethylene

prooxidant systems

chemiluminescence

oxidation

degradation mechanisms

accelerated ageing

antioxidants

transformation products

microwave assisted extraction

MAE

solid-phase microextraction

SPME

volatiles

solid phase extraction

SPE

Kemiteknik

Chemical engineering

Kemiteknik

The ascertainment of bodily features of the accused person in terms of the Criminal Procedure Act 51 of 1977 and related enactments and problems encountered by the police in the application of the Act

Ramatsoele, Pitso Petrus

22 October 2014

The State as the representative of the victims of crime is expected to protect those vulnarable group of people with due regard to the rights of the perpetrators’s of crime. It is imperative that the law of general application which is aimed at protecting victims of crime, be sufficiently effective to protect the victims. The Criminal Procedure Act 51 of 1977 is aimed at assisting the police to conduct pre-trial criminal procedure in order to bring perpetrators of crime to book. Sections 36A, 36B, 36C and 37 (both previous and as amended) of the Criminal Procedure Act including chapter 5A of the South African Police Act, 1995 are explored in this dissertation. This dissertation examines the areas in the Criminal Procedure Act that make it problematic for the police to conduct efficient and effective crime detection through the ascertainment of bodily features of the suspected or accused person. The law in three foreign jurisdictions relating to this topic are investigated and compared in order to make recommendations and suggest possible solutions. / Criminal and Procedural Law / LL.M.

Ascertainment

Bodily features

Accused person

Criminal Procedure Act 51 of 1977

Related enactments

Problems

Police

Application of the Act

345.522068

Criminal procedure -- South Africa

Searches and seizures -- South Africa

Criminal investigation -- South Africa

Evidence, Criminal -- South Africa

Police -- South Africa

Law enforcement -- South Africa

Wi-Fi tracking : Fingerprinting attacks and counter-measures / Traçage Wi-Fi : Attaques par prise d'empreinte et contre-mesures

Matte, Célestin

07 December 2017

Le récent développement des appareils portatifs possédant une interface Wi-Fi (smartphones, tablettes et « wearables ») s'accompagne d'une menace sur la vie privée de leurs utilisateurs, et sur la société toute entière. Ces appareils émettent en continu des signaux pouvant être capturés par un attaquant passif, à l'aide de matériel peu coûteux et de connaissances basiques. Ces signaux contiennent un identifiant unique appelé l'adresse MAC. Pour faire face à cette menace, les acteurs du secteur déploient actuellement une contre-mesure sur les appareils récents: le changement aléatoire de l'adresse MAC. Malheureusement, nous montrons que cette mesure, dans son état actuel, n'est pas suffisante pour empêcher le traçage des appareils. Pour cela, nous introduisons plusieurs attaques basées sur le contenu et la répartition temporelle des signaux. En complément, nous étudions les implémentations du changement aléatoire de l'adresse MAC sur des appareils récents, et trouvons un certain nombre de manquements limitant l'efficacité de ces implémentations à prévenir le traçage. En parallèle, nous effectuons deux études de terrain. La première s'attaque au développement des acteurs exploitant les problèmes cités plus haut afin d'installer des systèmes de traçage basés sur le Wi-Fi. Nous listons certaines de ces installations et examinons plusieurs aspects de ces systèmes : leur régulation, les implications en terme de vie privée, les questions de consentement et leur acceptation par le public. La seconde étude concerne la progression du changement aléatoire d'adresse MAC dans la population des appareils. Finalement, nous présentons deux outils : le premier est un système de traçage expérimental développé pour effectuer des tests et sensibiliser le public aux problèmes de vie privée liés à de tels systèmes. Le second estime l'unicité d'un appareil en se basant sur le contenu des signaux qu'il émet, même si leur identifiant est modifié. / The recent spread of everyday-carried Wi-Fi-enabled devices (smartphones, tablets and wearable devices) comes with a privacy threat to their owner, and to society as a whole. These devices continuously emit signals which can be captured by a passive attacker using cheap hardware and basic knowledge. These signals contain a unique identifier, called the MAC address. To mitigate the threat, device vendors are currently deploying a countermeasure on new devices: MAC address randomization. Unfortunately, we show that this mitigation, in its current state, is insufficient to prevent tracking. To do so, we introduce several attacks, based on the content and the timing of emitted signals. In complement, we study implementations of MAC address randomization in some recent devices, and find a number of shortcomings limiting the efficiency of these implementations at preventing device tracking. At the same time, we perform two real-world studies. The first one considers the development of actors exploiting this issue to install Wi-Fi tracking systems. We list some real-world installations and discuss their various aspects, including regulation, privacy implications, consent and public acceptance. The second one deals with the spread of MAC address randomization in the devices population. Finally, we present two tools: an experimental Wi-Fi tracking system for testing and public awareness raising purpose, and a tool estimating the uniqueness of a device based on the content of its emitted signals even if the identifier is randomized.

Télécommunications

Communication sans fil

Réseau WIFI

Adresse MAC - Media Access Control

Vie Privée

Prise d'empreintes

Changement aléatoire d'adresse MAC

Captation d'adresse MAC

Telecommunications

Wireless communication

Privacy protection

Fingerprinting

MAC adress randomization

MAC adress tracking

621.384 507 2

Localisation sonore par retournement temporel / Acoustic indoor localization based on time-reversal

Aloui, Nadia

19 December 2014

L'objectif général de cette thèse était de proposer une solution de localisation en intérieur à la fois simple et capable de surmonter les défis de la propagation dans les environnements en intérieur. Pour ce faire, un système de localisation basé sur la méthode des signatures et adoptant le temps d'arrivée du signal de l'émetteur au récepteur comme signature, a été proposé. Le système présente deux architectures différentes, une première orientée privée utilisant la méthode d'accès multiple à répartition par code et une deuxième centralisée basée sur la méthode d'accès multiple à répartition dans le temps. Le système calcule la position de l'objet d'intérêt par la méthode de noyau. Une comparaison expérimentale entre le système à architecture orientée privée et un système de localisation sonore déjà existant et basé sur la méthode de trilatération, a permis de confirmer les résultats trouvés dans le cas de la localisation par ondes radiofréquences. Cependant, nos expérimentations étaient les premières à montrer l'effet de la réverbération sur les approches de la localisation acoustique. Dans un second lieu, un système de localisation basé sur la technique de retournement temporel, permettant une localisation simultanée de sources avec différentes précisions, a été testé par simulations en faisant varier le nombre de sources. Ce système a été ensuite validé par expérimentations. Dans la dernière partie de notre étude, nous nous sommes intéressés à la réduction de l'audibilité du signal utile à la localisation par recours à la psycho-acoustique. Un filtre défini à partir du seuil d'audition absolu a été appliqué au signal de localisation. Nos résultats ont montré une amélioration de la précision de localisation comparé au système de localisation sans modèle psycho-acoustique et ce grâce à l'utilisation d'un filtre adapté au modèle psycho-acoustique à la réception. Par ailleurs, l'écoute du signal après application du modèle psycho-acoustique a montré une réduction significative de son audibilité comparée à celle du signal original. / The objective of this PhD is to propose a location solution that should be simple and robust to multipath that characterizes the indoor environments. First, a location system that exploits the time domain of channel parameters has been proposed. The system adopts the time of arrival of the path of maximum amplitude as a signature and estimates the target position through nonparametric kernel regression. The system was evaluated in experiments for two main configurations: a privacy-oriented configuration with code-division multiple-access operation and a centralized configuration with time-division multiple-access operation. A comparison between our privacy-oriented system and another acoustic location system based on code-division multiple-access operation and lateration method confirms the results found in radiofrequency-based localization. However, our experiments are the first to demonstrate the detrimental effect that reverberation has on acoustic localization approaches. Second, a location system based on time reversal technique and able to localize simultaneously sources with different location precisions has been tested through simulations for different values of the number of sources. The system has then been validated by experiments. Finally, we have been interested in reducing the audibility of the localization signal through psycho-acoustics. A filter, set from the absolute threshold of hearing, is then applied to the signal. Our results showed an improvement in precision, when compared to the location system without psychoacoustic model, thanks to the use of matched filter at the receiver. Moreover, we have noticed a significant reduction in the audibility of the filtered signal compared to that of the original signal.

Localisation en intérieur

Méthode des signatures

Méthode de noyau

Trilatération

Retournement temporel

Psycho-acoustique

Aspect multi-échelle

Aspect multi-sources

Indoor localization

Fingerprinting technique

Nonparametric kernel regression

Code-division multiple-access operation

Time reversal

Psycho-acoustic model

Different precisions

Simultaneous location

620

Evaluation of industrial wireless communications systems’ security

Soderi, S. (Simone)

07 June 2016

Abstract The worldwide success of wireless communications was originally fueled by the possibility to replace existing cables with wireless solutions. This phenomenon imposed the development of security engineering as a multidisciplinary field. Although wireless solutions can reduce installation costs and allow introducing new services, the end–users expect it to have the same level of security as they would normally have with wired solutions. Secure communications is an important part of the overall security of industrial wireless communications systems (IWCS). The aim of this thesis is to develop new security engineering methodologies for IWCS. The author develops countermeasures against confidentiality and integrity attacks and carries out a security analysis covering the protocol, electromagnetic and physical layer. In the first part of the thesis, Host Identity Protocol (HIP) is utilized to secure communication in an intra–vehicular network. Simulations and measurement campaigns are also conducted to evaluate the impact of the overhead on security in a tunnel, considering line–of–sight (LOS) and non–LOS (NLOS) scenarios. Electromagnetic analysis (EMA) is an important step in the development of safety–related systems. Today, the increasing usage of smaller integrated circuit also increases the susceptibility to electromagnetic (EM) interference. From near–field (NF) to far–field (FF) transformation, a method for the evaluation of the emissions leakage is investigated. The virtual EM (VEM) interface of the device–under–test (DUT) is studied, and it is described how an adversary can exploit it for denial of service (DoS) attacks. An effective jamming attack model is studied, and the theoretical calculations are validated with experiment–based results. Finally, focusing attention on physical layer security, two algorithms are developed. Active radio frequency fingerprinting (RFF) implements the exchange of a public key during the setup of secure communication. Afterwards, utilizing a jamming receiver in conjunction with the spread spectrum (SS) watermarking technique, the watermark–based blind physical layer security (WBPLSec) protocol is presented. The analysis and results indicate how the WBPLSec seems to be a valuable technique for deploying physical layer security by creating a secure region around the receiver. / Tiivistelmä Langattoman tietoliikenteen maailmanlaajuista suosiota kiihdytti alun perin mahdollisuus korvata tietoliikennejärjestelmissä käytetyt kaapelit langattomilla ratkaisuilla. Ilmiö lisäsi myös tarvetta kehittää alan turvatekniikkaa monialaisen tutkimuksen pohjalta. Vaikka langattomat ratkaisut merkitsevät pienempiä asennuskustannuksia ja tarjoavat mahdollisuuksia luoda uudenlaisia palveluja, järjestelmien loppukäyttäjät edellyttävät kuitenkin niiden turvallisuuden olevan vastaavalla tasolla kuin langallisissa verkoissa. Myös teollisuuden langattomien tietoliikennejärjestelmen turvallisuus riippuu pitkälti viestintäkanavien turvallisuudesta. Väitöksen tavoitteena on kehittää uusia menetelmiä, joilla teollisuuden langattomat tietoliikennejärjestelmät voitaisiin turvata. Väitöksessä kehitetään toimenpiteitä tietoliikennejärjestelmien luottamuksellisuuteen ja koskemattomuuteen kohdistuvia hyökkäyksiä vastaan ja toteutetaan turvallisuusarviointi, joka kattaa järjestelmän protokollakerroksen sekä sähkömagneettisen ja fyysisen kerroksen. Väitöksen ensimmäisessä osassa hyödynnetään HIP–protokollaa (Host Identity Protocol) liikennevälineen sisäisen tietoliikennejärjestelmän turvallisuuden varmistamisessa. Lisäksi siinä kuvataan simulaatiot ja mittaushankkeet, joiden tavoitteena on arvioida käytetyn protokollan turvallisuusvaikutuksia esteettömän (line–of–sight, LOS) ja esteellisen (non–line–of–sight, NLOS) näköyhteyden tapauksissa. Sähkömagneettinen analyysi on tärkeä vaihe turvajärjestelmien kehitysprosessissa. Järjestelmissä käytetään yhä enemmän pieniä integroituja piirejä, mikä voi myös altistaa ne sähkömagneettisille (electromagnetic, EM) häiriöille. Väitöksessä tutkitaan lähikenttä–kaukokenttä -muunnokseen perustuvan arviointimenetelmän avulla sähkömagneettisen vuotosäteilyn tasoa. Lisäksi perehdytään testattavan laitteen (device under test, DUT) virtuaaliseen EM–liitäntään ja kuvataan, miten vastaavaa liitäntää voidaan hyödyntää palvelunestohyökkäyksissä. Väitöksessä tutkitaan myös tehokasta häirintämallia ja validoidaan teoreettisten laskelmien tulokset kokeellisesti. Lopuksi väitöksessä keskitytään tietoliikennejärjestelmän fyysisen kerroksen turvallisuuteen ja kehitetään kaksi algoritmia. Aktiivisen radiotaajuisen tunnistusmenetelmän avulla voidaan vaihtaa julkisia avaimia turvallista tietoliikenneyhteyttä muodostettaessa. Lisäksi esitellään vesileimausmenetelmään perustuva fyysisen kerroksen salausmenetelmä, WBPLSec. WBPLSec luo vastaanottimen ympärille suoja–alueen, minkä ansiosta se vaikuttaa analyysin ja tutkimustulosten perusteella olevan tehokas menetelmä toteuttaa fyysisen kerroksen suojaus.

EMC

emulator

far–field

fingerprinting

jamming

near–field

physical layer security

railway

safety

secrecy capacity

secure region

sniffer

spread spectrum

vehicle

watermarking

wireless

wiretap channel

emulaattorit

fyysisen kerroksen turvallisuus

hajaspektri

häirintä

jäljittäminen

kaukokenttä

liikennevälineet

lähikenttä

rautatiet

salakuuntelukanavat

salasanan haistelija

salauskapasiteetti

suoja–alue

sähkömagneettinen yhteensopivuus

turvallisuus

vesileimaus

HIP

Indoor Positioning Using WLAN / Inomhuspositionering med WLAN

Andersson, Pierre, Norlander, Arvid

January 2012

This report evaluates various methods that can be used to position a smartphone running the Android platform, without the use of any special hardware or infrastructure and in conditions where GPS is unavailable or unreliable; such as indoors. Furthermore, it covers the implementation of such a system with the use of a deterministic fingerprinting method that is reasonably device independent, a method which involves measuring a series of reference points, called fingerprints, in an area and using those to locate the user. The project was carried on behalf of Sigma, a Swedish software consulting company. / Denna rapport evaluerar olika metoder för att bestämma positionen av en smartphone som använder sig av Android-plattformen. Metoden skall inte använda sig av någon speciell hårdvara eller infrastruktur samt kunna hantera förhållanden där GPS är otillgängligt eller opålitligt, som till exempel inomhus. Den beskriver också implementation av ett sådant system som använder sig av en deterministisk fingerprinting-metod som någorlunda väl kan hantera enheter av olika modeller, en metod som innebär att man mäter upp en mängd med referenspunkter, kallade fingerprints, och använder dessa för att placera användaren. Projektet utfördes på uppdrag av Sigma, ett svenskt mjukvarukonsultbolag.

Indoor Positioning

WLAN

Fingerprinting

RSS

Signal Strength

RSS Difference

Cell Phone

Mobile Phone

Android

Radio Map

WiFi

802.11

Wireless

Indoor

Positioning

Localisation

Localization

inomhuspositionering

WLAN

fingeravtryck

RSS

signalstyrka

RSS skillnad

mobiltelefon

Android

radiokarta

WiFi

802.11

trådlös

inomhus

positionering

lokalisering

Software Engineering

Programvaruteknik

An analysis of the importance of semen in investigation of rape cases at Venda (Thohoyandou)

Mulaudzi, Ratshilumela

27 February 2020

The use of technology and science in the investigation of crime plays a major role in the resolution of complicated cases that cannot be solved by means of other available evidence during the prosecution of rape cases. The study details the importance of semen in investigation of rape cases and emphasizes that semen discovered during the investigation must be analysed in all cases of rape and used as evidence in court. The use of semen as evidence in the investigation of rape cases is a modern intervention aimed at producing evidence that is reliable and relevant. / Criminology and Security Science / M. Tech. (Forensic Investigation)

Semen

Prosecution

Physical evidence

Rape

Evidence

Forensic investigation

Suspect

Victim

Deoxy-ribonucleic acid

Locard principle

363.2595320968257

Rape -- South Africa -- Thohoyandou

Semen

Sécurité et vie privée dans les applications web / Web applications security and privacy

Somé, Dolière Francis

29 October 2018

Dans cette thèse, nous nous sommes intéressés aux problématiques de sécurité et de confidentialité liées à l'utilisation d'applications web et à l'installation d'extensions de navigateurs. Parmi les attaques dont sont victimes les applications web, il y a celles très connues de type XSS (ou Cross-Site Scripting). Les extensions sont des logiciels tiers que les utilisateurs peuvent installer afin de booster les fonctionnalités des navigateurs et améliorer leur expérience utilisateur. Content Security Policy (CSP) est une politique de sécurité qui a été proposée pour contrer les attaques de type XSS. La Same Origin Policy (SOP) est une politique de sécurité fondamentale des navigateurs, régissant les interactions entre applications web. Par exemple, elle ne permet pas qu'une application accède aux données d'une autre application. Cependant, le mécanisme de Cross-Origin Resource Sharing (CORS) peut être implémenté par des applications désirant échanger des données entre elles. Tout d'abord, nous avons étudié l'intégration de CSP avec la Same Origin Policy (SOP) et démontré que SOP peut rendre CSP inefficace, surtout quand une application web ne protège pas toutes ses pages avec CSP, et qu'une page avec CSP imbrique ou est imbriquée dans une autre page sans ou avec un CSP différent et inefficace. Nous avons aussi élucidé la sémantique de CSP, en particulier les différences entre ses 3 versions, et leurs implémentations dans les navigateurs. Nous avons ainsi introduit le concept de CSP sans dépendances qui assure à une application la même protection contre les attaques, quelque soit le navigateur dans lequel elle s'exécute. Finalement, nous avons proposé et démontré comment étendre CSP dans son état actuel, afin de pallier à nombre de ses limitations qui ont été révélées dans d'autres études. Les contenus tiers dans les applications web permettent aux propriétaires de ces contenus de pister les utilisateurs quand ils naviguent sur le web. Pour éviter cela, nous avons introduit une nouvelle architecture web qui une fois déployée, supprime le pistage des utilisateurs. Dans un dernier temps, nous nous sommes intéressés aux extensions de navigateurs. Nous avons d'abord démontré que les extensions qu'un utilisateur installe et/ou les applications web auxquelles il se connecte, peuvent le distinguer d'autres utilisateurs. Nous avons aussi étudié les interactions entre extensions et applications web. Ainsi avons-nous trouvé plusieurs extensions dont les privilèges peuvent être exploités par des sites web afin d'accéder à des données sensibles de l'utilisateur. Par exemple, certaines extensions permettent à des applications web d'accéder aux contenus d'autres applications, bien que cela soit normalement interdit par la Same Origin Policy. Finalement, nous avons aussi trouvé qu'un grand nombre d'extensions a la possibilité de désactiver la Same Origin Policy dans le navigateur, en manipulant les entêtes CORS. Cela permet à un attaquant d'accéder aux données de l'utilisateur dans n'importe qu'elle autre application, comme par exemple ses mails, son profile sur les réseaux sociaux, et bien plus. Pour lutter contre ces problèmes, nous préconisons aux navigateurs un système de permissions plus fin et une analyse d'extensions plus poussée, afin d'alerter les utilisateurs des dangers réels liés aux extensions. / In this thesis, we studied security and privacy threats in web applications and browser extensions. There are many attacks targeting the web of which XSS (Cross-Site Scripting) is one of the most notorious. Third party tracking is the ability of an attacker to benefit from its presence in many web applications in order to track the user has she browses the web, and build her browsing profile. Extensions are third party software that users install to extend their browser functionality and improve their browsing experience. Malicious or poorly programmed extensions can be exploited by attackers in web applications, in order to benefit from extensions privileged capabilities and access sensitive user information. Content Security Policy (CSP) is a security mechanism for mitigating the impact of content injection attacks in general and in particular XSS. The Same Origin Policy (SOP) is a security mechanism implemented by browsers to isolate web applications of different origins from one another. In a first work on CSP, we analyzed the interplay of CSP with SOP and demonstrated that the latter allows the former to be bypassed. Then we scrutinized the three CSP versions and found that a CSP is differently interpreted depending on the browser, the version of CSP it implements, and how compliant the implementation is with respect to the specification. To help developers deploy effective policies that encompass all these differences in CSP versions and browsers implementations, we proposed the deployment of dependency-free policies that effectively protect against attacks in all browsers. Finally, previous studies have identified many limitations of CSP. We reviewed the different solutions proposed in the wild, and showed that they do not fully mitigate the identified shortcomings of CSP. Therefore, we proposed to extend the CSP specification, and showed the feasibility of our proposals with an example of implementation. Regarding third party tracking, we introduced and implemented a tracking preserving architecture, that can be deployed by web developers willing to include third party content in their applications while preventing tracking. Intuitively, third party requests are automatically routed to a trusted middle party server which removes tracking information from the requests. Finally considering browser extensions, we first showed that the extensions that users install and the websites they are logged into, can serve to uniquely identify and track them. We then studied the communications between browser extensions and web applications and demonstrate that malicious or poorly programmed extensions can be exploited by web applications to benefit from extensions privileged capabilities. Also, we demonstrated that extensions can disable the Same Origin Policy by tampering with CORS headers. All this enables web applications to read sensitive user information. To mitigate these threats, we proposed countermeasures and a more fine-grained permissions system and review process for browser extensions. We believe that this can help browser vendors identify malicious extensions and warn users about the threats posed by extensions they install.

Web

Navigateurs

Applications web

Sécurité

Extensions de navigateurs

Communication inter-iframes

Confidentialité

Vie privé

Pistage

Empreinte de navigateurs

Web

Browser

Web applications

Security

Same origin policy

Content origin policy

Cross-origin resource sharing

Browser extensions

Privacy

Cross-iframe communication

Third party web tracking

Browser fingerprinting