Browser web storage vulnerability investigation: HTML5 localStorage object

Show full item record

Title: Browser web storage vulnerability investigation: HTML5 localStorage object
Author: Johnson, Daryl
Abstract: With the introduction of HTML5, the latest browser language, a new data storage technique, called localStorage, has been added to allow websites to store larger amounts of data for a long period of time on the user’s local system. This new technology does not (as of this writing) have a fully implemented independent interface to support end user control. Unlike cookies, there is not yet an interface for the user to block, alter or delete localStorage in web browsers. Nefarious users have files of data they utilize in their illegal activities that they need to preserve (stolen user information, credit card numbers, etc.). These users do not want to have a copy of this data on their personal machines in case of an investigation. Therefore, nefarious users are constantly looking for a new method to preserve and store this data, concealing it in such a way that it won’t be associated with them but available when needed. Our project is to model this process by building a web application that would take a file, encrypt it, slice it up into 26 parts and distribute it to as many client systems as possible. At a later time, a second web application would watch for return visits by the holders of the parts of the original file and retrieve the parts as clients interact with the website. We would be studying the recidivism rate of clients returning to the website and the number of copies of each part distributed necessary to achieve a reliable recovery rate of the whole file. We will first test this prototype in a controlled laboratory setting to ensure that it works as intended. Next we have chosen two websites, the XXXX(http://XXX.XXX.edu/) and XXX(http://XXX.XXX.edu/) departmental websites, as a test bed. We have secured permission from the chairs of these departments to utilize these resources. These sites were chosen primarily because their viewers are adult learners and because of their high traffic patterns.
Record URI: http://hdl.handle.net/1850/14796
Date: 2011

Files in this item

Files Size Format View
LocalStorageVulnerability.pdf 204.5Kb PDF View/Open

The following license files are associated with this item:

This item appears in the following Collection(s)

Show full item record

Search RIT DML


Advanced Search

Browse