Understanding the Use of Web Storage in Real-World Web Applications

DSpace/Manakin Repository

Show simple item record

dc.contributor.advisor Calzavara, Stefano it_IT
dc.contributor.author Casarin, Samuele <1996> it_IT
dc.date.accessioned 2022-02-20 it_IT
dc.date.accessioned 2022-06-22T07:56:32Z
dc.date.available 2022-06-22T07:56:32Z
dc.date.issued 2022-03-21 it_IT
dc.identifier.uri http://hdl.handle.net/10579/21051
dc.description.abstract Formerly born as a simple system for the exchange of public documents, over the time the Web has become one of the main services of the Internet, and it is still evolving into an increasingly sophisticated platform. As the complexity of this structure grows, more and more attention is required to ensure that web applications meet their security and privacy requirements. The advent of HTML5 brought many changes to the client-side environment, one of which is the introduction of Web Storage, a feature that allows web applications to store data in the user's browser. In this thesis we perform, to our knowledge, the first empirical analysis of the use of web storage in the wild. We leverage dynamic taint tracking at the level of JavaScript to collect explicit flows of information involving web storage in the Tranco Top 5k sites. Afterwards, we perform an automated classification of the detected information flows to shed light on the key characteristics of web storage. Our analysis shows that web storage is routinely accessed by third parties, including known web trackers, who are particularly eager to have both read and write access to persistent web storage information. This motivates the need for further research on the security and privacy implications of web storage content. it_IT
dc.language.iso en it_IT
dc.publisher Università Ca' Foscari Venezia it_IT
dc.rights © Samuele Casarin, 2022 it_IT
dc.title Understanding the Use of Web Storage in Real-World Web Applications it_IT
dc.title.alternative Understanding the Use of Web Storage in Real-World Web Applications it_IT
dc.type Master's Degree Thesis it_IT
dc.degree.name Informatica - computer science it_IT
dc.degree.level Laurea magistrale it_IT
dc.degree.grantor Dipartimento di Scienze Ambientali, Informatica e Statistica it_IT
dc.description.academicyear 2020/2021 - sessione straordinaria - 7 marzo 2022 it_IT
dc.rights.accessrights openAccess it_IT
dc.thesis.matricno 862789 it_IT
dc.subject.miur INF/01 INFORMATICA it_IT
dc.description.note it_IT
dc.degree.discipline it_IT
dc.contributor.co-advisor it_IT
dc.date.embargoend it_IT
dc.provenance.upload Samuele Casarin (862789@stud.unive.it), 2022-02-20 it_IT
dc.provenance.plagiarycheck Stefano Calzavara (stefano.calzavara@unive.it), 2022-03-07 it_IT


Files in this item

This item appears in the following Collection(s)

Show simple item record