Marco Mellia (Politecnico di Torino)

CrowdSurf: Empowering Transparency in the Web

Hassan Metwalley, Stefano Traverso, Marco Mellia (Politecnico di Torino), Stanislav Miskovic (Symantec Corp.), Mario Baldi (Politecnico di Torino)
Appears in: 
CCR October 2015

Individuals lack proper means to supervise the services they contact and the information they exchange when surfing the web. This security task has become challenging due to the complexity of the modern web, of the data delivering technology, and even to the adoption of encryption, which, while improving privacy, makes innetwork services ineffective. The implications are serious, from a person contacting undesired services or unwillingly exposing private information, to a company being unable to control the flow of its information to the outside world.

Public Review By: 
Joseph Camp

Users are often unaware of their sensitive information being sent to a third party when browsing the web. Hence, this paper proposes a system called CrowdSurf, which audits data flows from a browser and informs users of privacy concerns. To do so, regular expressions are used to determine if certain flows should be blocked, redirected, allowed, modified, or simply logged. CrowdSurf also allows users to contribute to a cloud-based system to infer which flows are harmful. CrowdSurf is evaluated on a live trace from an Internet Service Provider and shown to perform reliably with min- imal data required.

Syndicate content