Collaborative Research: SaTC: CORE: Medium: App-driven Web Browsing: Novel Risks, Vulnerabilities, and Defenses

Sponsor: National Science Foundation

Award Number: 2211576

PI: Manuel Egele

Th

This project explores, measures, and addresses the security flaws that are inherent to the technologies used for developing apps that enable web browsing. This requires implementing novel static and dynamic code and app analysis techniques for detecting security issues that enable a wide range of attacks, from incorrect origin-isolation enforcement to remote code injection and execution. Moreover, the project includes the development of observatories to understand whether these browsing apps are becoming more secure over time and identify new vulnerabilities, in a data-driven fashion. The outcomes of this research strengthen the research community’s understanding of the risks of app-driven browsing and provide solutions that improve the security hygiene of the app ecosystem, while being widely disseminated through academic publications, curriculum integration, industry conferences, and media articles.

This award reflects NSF’s statutory mission and has been deemed worthy of support through evaluation using the Foundation’s intellectual merit and broader impacts review criteria.

For more information, click here.