A Cloud-based Framework for Security Analysis of Browser Extensions

In today's internet world, web browsers are an integral part of our day-to-day activities. Therefore, web browser security is a serious concern for all of us. Browsers can be breached in different ways. Because of the over privileged access, extensions are responsible for many security issues. Browser vendors try to keep safe extensions in their official extension galleries. However, their security control measures are not always effective and adequate. The distribution of unsafe extensions through different social engineering techniques is also a very common practice. Therefore, before installation, users should thoroughly analyze the security of browser extensions. Extensions are not only available for desktop browsers, but many mobile browsers, for example, Firefox for Android and UC browser for Android, are also furnished with extension features. Mobile devices have various resource constraints in terms of computational capabilities, power, network bandwidth, etc. Hence, conventional extension security analysis techniques cannot be efficiently used by end users to examine mobile browser extension security issues. To overcome the inadequacies of the existing approaches, we propose CLOUBEX, a CLOUd-based security analysis framework for both desktop and mobile Browser EXtensions. This framework uses a client-server architecture model. In this framework, compute-intensive security analysis tasks are generally executed in a high-speed computing server hosted in a cloud environment. CLOUBEX is also enriched with a number of essential features, such as client-side analysis, requirements-driven analysis, high performance, and dynamic decision making. At present, the Firefox extension ecosystem is most susceptible to different security attacks. Hence, the framework is implemented for the security analysis of the Firefox desktop and Firefox for Android mobile browser extensions. A static taint analysis is used to identify malicious information flows in the Firefox extensions. In CLOUBEX, there are three analysis modes. A dynamic decision making algorithm assists us to select the best option based on some important parameters, such as the processing speed of a client device and network connection speed. Using the best analysis mode, performance and power consumption are improved significantly. In the future, this framework can be leveraged for the security analysis of other desktop and mobile browser extensions, too.

DESIGN OF A MINIATURIZED SOP INTEGRATED GNSS RF FRONT-END MODULE

Navigation devices used to be bulky and expensive and were not widely commercialized for personal use. Nowadays, all useful electronic devices are turning into being handheld so that they can be conveniently used anytime and anywhere. One can claim that almost any mobile phone, used today, has quite strong navigational capabilities that can efficiently work anywhere in the globe. No matter where you are, you can easily know your exact location and make your way smoothly to wherever you would like to go. This couldn’t have been made possible without the existence of efficient and small microwave circuits responsible for the transmission and reception of high quality navigation signals. This thesis is mainly concerned with the design of novel highly miniaturized and efficient filtering components working in the Global Navigational Satellite Systems (GNSS) frequency band to be integrated within an efficient Radio Frequency (RF) front-end module (FEM). A System-on-Package (SoP) integration technique is adopted for the design of all the components in this thesis. Two novel miniaturized filters are designed, where one of them is a wideband filter targeting the complete GNSS band with a fractional bandwidth of almost 50% at a center frequency of 1.385 GHz. This filter utilizes a direct inductive coupling topology to achieve the required wide band performance. It also has very good out-of-band rejection and low IL. Whereas the other dual band filter will only cover the lower and upper GNSS bands with a rejection notch in between the two bands. It has very good inter band rejection. The well-known “divide and conquer” design methodology was applied for the design of this filter to help save valuable design and optimization time. Moreover, the performance of two commercially available ultra-Low Noise Amplifiers (LNAs) is studied. The complete RF FEM showed promising preliminary performance in terms of noise figure, gain and bandwidth, where it out performed other commercial front-ends in these three aspects. All the designed circuits are fabricated and tested. The measured results are found to be in good agreements with the simulations.