Multimedia Tools and Applications

, Volume 74, Issue 5, pp 1667–1688 | Cite as

Web security in a windows system as PrivacyDefender in private browsing mode

  • Fu-Hau Hsu
  • Min-Hao Wu
  • Yi-Wen Chang
  • Shiuh-Jeng WangEmail author


Recently, due to the advance and development of Internet technology and its development, web browsers have become essential applications. A web browser is not only used to surf the Internet, but also plays an important role as a portable operating system. For example, many users edit documents via an online editor and store the documents in an online storage repository. All those tasks are done with the help of a web browser. This results in a large number of attacks on web browsers. Therefore, the security of web browsers has become an increasingly important issue in recent years. Traditionally, when a user surfs on the Internet, his interaction with the browser is recorded. This scenario is called public browsing mode. Through attacking web browsers, attackers can obtain access to surfers’ private information, including surfing habits and passwords. The attackers are able to do this as web browsers always leave cookies, browsing histories and caches on the users’ computers. To avoid malicious attacks, many web browsers have developed private browsing mode mechanisms. In private browsing mode, a user’s behavior is not traced and his private information is retained as well. However, these mechanisms still create files such as bookmarks. Most importantly, the files downloaded through a web browser will be saved to disk unless the user deletes them himself. This is an extremely serious threat to the private security of web users. We designed a mechanism in Windows XP that observes the behaviors and patterns related to the creation and deletion of files in Firefox while in private browsing mode. We then focused on the files which were not deleted, and cleared them by means of anti-forensics manners. In other words, the web browsers can be made comprehensively secure with our mechanism.


Web security Private browsing Malicious Anti-forensics 



This research was partially supported by the National Science Council of the Republic of 518 China under the Grant NSC 100-2221-E-015-001-MY2-, NSC 102-2221-E-015-001-, NSC 101-2221-E-008 -028 -MY2 and NSC 103-2623-E-008-003-D.


  1. 1.
    Aggarwal G, Bursztein E, Jackson C, Boneh D (2010) An analysis of private browsing modes in modern browsers. In USENIX Security Symposium, pp 79–94Google Scholar
  2. 2.
    Barth A, Felt AP, Saxena P, Boodman A (2010) Protecting browsers from extension vulnerabilities. In: 17th Network and Distributed System Security SymposiumGoogle Scholar
  3. 3.
    Brand M, Valli C, Woodward A (2010) Malware forensics: discovery of the intent of deception. Journal of Digital Forensics, Security & Law 5:31–42Google Scholar
  4. 4.
    Christodorescu M, Jha S (2003) Static analysis of executables to detect malicious patterns. In: Proceedings of the 12th USENIX Security Symposium (Security’03), pp 169–186Google Scholar
  5. 5.
    Egele M, Scholte T, Kirda E, Kruegel C (2012) A survey on automated dynamic malware-analysis techniques and tools. ACM Comput Surv (CSUR) vol. 44Google Scholar
  6. 6.
    Felten EW, Schneider MA (2000) Timing attacks on web privacy. In: Proceedings of the 7th ACM conference on Computer and communications security, pp. 25–32Google Scholar
  7. 7.
    Harris R (2006) Arriving at an anti-forensics consensus: examining how to define and control the anti-forensics problem. Digit Investig 3:44–49CrossRefGoogle Scholar
  8. 8.
    IBM X-Force (2011) IBM X-Force 2011 Mid-year Trend and Risk Report. [Online]. Available:
  9. 9.
    Jana S, Shmatikov V (2012) Memento: learning secrets from process footprints. In: Security and Privacy (SP), 2012 I.E. Symposium on, pp. 143–157Google Scholar
  10. 10.
    Malin CH, Casey E, Aquilina JM (2008) Malware forensics: investigating and analyzing malicious code. Syngress, BurlingtonGoogle Scholar
  11. 11.
    Microsoft. Detours. [Online]. Available:
  12. 12.
    Microsoft. Download and Install Debugging Tools for Windows. [Online]. Available:
  13. 13.
    Microsoft. NtCreateFile function. [Online]. Available:
  14. 14.
    Microsoft. NtCreateFile routine. [Online]. Available:
  15. 15.
    Microsoft. Using Nt and Zw versions of the native system services routines. [Online]. Available:
  16. 16.
    Mozilla Firefox. Private Browsing - Browse the web without saving information about the sites you visit. [Online]. Available:
  17. 17.
    Nielson C, Nielson F, Nielson R, Hankin (1999) Principles of program analysis. Springer, Secaucus, 450CrossRefzbMATHGoogle Scholar
  18. 18.
    Qualys Security Labs. MS11-077: from patch to proof-of-concept. [Online]. Available:
  19. 19.
    Saint-Jean F, Johnson A, Boneh D, Feigenbaum J (2007) Private web search. In: Proceedings of the 2007 ACM workshop on Privacy in electronic society, pp. 84–90Google Scholar
  20. 20.
    Schwartz EJ, Avgerinos T, Brumley D (2010) All you ever wanted to know about dynamic taint analysis and forward symbolic execution. IEEE Symposium on Security and Privacy (SP), pp. 317–331Google Scholar
  21. 21.
    Shankar U, Karlof C (2006) Doppelganger: better browser privacy without the bother. In Proceedings of the 13th ACM conference on Computer and communications security, pp. 154–167Google Scholar
  22. 22.
    StatCounter (2011) Top 5 Browsers. [Online]. Available:
  23. 23.
    The top 500 sites on the web. [Online]. Available:
  24. 24.
    Torbutton 1.4.1. [Online]. Available:
  25. 25.
    TotalRecal on Firefox. [Online]. Available:
  26. 26.
    Understanding the Import Address Table. [Online]. Available:
  27. 27.
    Zone.Identifier Stream Name. [Online]. Available:

Copyright information

© Springer Science+Business Media New York 2014

Authors and Affiliations

  • Fu-Hau Hsu
    • 1
  • Min-Hao Wu
    • 1
  • Yi-Wen Chang
    • 1
  • Shiuh-Jeng Wang
    • 2
    Email author
  1. 1.Department of Computer Science and Information EngineeringNational Central UniversityTaoyuanTaiwan
  2. 2.Department of Information ManagementCentral Police UniversityTaoyuanTaiwan

Personalised recommendations