A Cloud-based Framework for Security Analysis of Browser Extensions

In today's internet world, web browsers are an integral part of our day-to-day activities. Therefore, web browser security is a serious concern for all of us. Browsers can be breached in different ways. Because of the over privileged access, extensions are responsible for many security issues. Browser vendors try to keep safe extensions in their official extension galleries. However, their security control measures are not always effective and adequate. The distribution of unsafe extensions through different social engineering techniques is also a very common practice. Therefore, before installation, users should thoroughly analyze the security of browser extensions. Extensions are not only available for desktop browsers, but many mobile browsers, for example, Firefox for Android and UC browser for Android, are also furnished with extension features. Mobile devices have various resource constraints in terms of computational capabilities, power, network bandwidth, etc. Hence, conventional extension security analysis techniques cannot be efficiently used by end users to examine mobile browser extension security issues. To overcome the inadequacies of the existing approaches, we propose CLOUBEX, a CLOUd-based security analysis framework for both desktop and mobile Browser EXtensions. This framework uses a client-server architecture model. In this framework, compute-intensive security analysis tasks are generally executed in a high-speed computing server hosted in a cloud environment. CLOUBEX is also enriched with a number of essential features, such as client-side analysis, requirements-driven analysis, high performance, and dynamic decision making. At present, the Firefox extension ecosystem is most susceptible to different security attacks. Hence, the framework is implemented for the security analysis of the Firefox desktop and Firefox for Android mobile browser extensions. A static taint analysis is used to identify malicious information flows in the Firefox extensions. In CLOUBEX, there are three analysis modes. A dynamic decision making algorithm assists us to select the best option based on some important parameters, such as the processing speed of a client device and network connection speed. Using the best analysis mode, performance and power consumption are improved significantly. In the future, this framework can be leveraged for the security analysis of other desktop and mobile browser extensions, too.

BIDIRECTIONAL AC-DC CONVERTERS USING ONE CYCLE CONTROL (OCC) FOR ELECTRIC VEHICLES

The electric vehicle (EV) market has seen a rapid growth in the recent past. With an increase in the number of electric vehicles on road, there is an increase in the number of high capacity battery banks interfacing the grid. The battery bank of an EV, besides being the fuel tank, is also a huge energy storage unit. Presently, it is used only when the vehicle is being driven and remains idle for rest of the time, rendering it underutilized. Whereas on the other hand, there is a need of large energy storage units in the grid to filter out the fluctuations of supply and demand during a day. EVs can help bridge this gap. The EV battery bank can be used to store the excess energy from the grid to vehicle (G2V) or supply stored energy from the vehicle to grid (V2G ), when required. To let power flow happen, in both directions, a bidirectional AC-DC converter is required. This thesis concentrates on the bidirectional AC-DC converters which have a control on power flow in all four quadrants for the application of EV battery interfacing with the grid. This thesis presents a bidirectional interleaved full bridge converter topology. This helps in increasing the power processing and current handling capability of the converter which makes it suitable for the purpose of EVs. Further, the benefit of using the interleaved topology is that it increases the power density of the converter. This ensures optimization of space usage with the same power handling capacity. The proposed interleaved converter consists of two full bridges. The corresponding gate pulses of each switch, in one cell, are phase shifted by 180 degrees from those of the other cell. The proposed converter control is based on the one-cycle controller. To meet the challenge of new requirements of reactive power handling capabilities for grid connected converters, posed by the utilities, the controller is modified to make it suitable to process the reactive power. A fictitious current derived from the grid voltage is introduced in the controller, which controls the converter performance. The current references are generated using the second order generalized integrators (SOGI) and phase locked loop (PLL). A digital implementation of the proposed control ii scheme is developed and implemented using DSP hardware. The simulated and experimental results, based on the converter topology and control technique discussed here, are presented to show the performance of the proposed theory.