GGrantIndex
← Search

CAREER: Tools and Techniques for Preserving Integrity on the Web

$551,090FY2020CSENSF

Suny At Stony Brook, Stony Brook NY

Investigators

Abstract

The web, the Internet's most successful and recognizable application, has become part of peoples' daily lives and is relied upon by billions of users for news, entertainment, communications, and work. This reliance is constantly taken advantage of by attackers who appear to have an inexhaustible collection of diverse attacks targeting popular web services and end users. This project views a large number of seemingly unrelated attacks as mere instances of the problem of integrity violation. Due to the absence of integrity checks and guarantees, web applications have no way of gauging whether the content that their users will receive today when clicking on a remote link or loading a remote resource, is the same content that they linked to in the past. This project focuses on better understanding this issue of content integrity on the web, gathering data about how attackers abuse it, and developing defenses against integrity violations. The project proposes to design, implement, and evaluate tools and techniques for preserving integrity on the web by enabling web developers to discover the remote resources on which their web applications rely and make explicit statements about these resources through new policy systems. Next to developer-authored policies, this project will use anomaly detection to automatically discover when remote resources behave in an uncharacteristic fashion by extracting attributes and combining them in integrity signatures. To quantify how popular web applications depend on remote resources and to evaluate how different types of websites would react to different policies, the project includes the longitudinal collection of linking data and the use of this data to simulate the effects of the proposed systems. Finally, the project proposes collaborative, client-server resource-integrity schemes to further protect web users and strengthen the security of existing services. The outcomes of this research effort are expected to improve the research community's understanding of content integrity on the web and to achieve substantial practical impact in protecting websites and users against integrity-violating attacks on the web. This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

View original record on NSF Award Search →