01whole.pdf (608.34 kB)
Download file

Characterisation and detections of third-party content loading in the web

Download (608.34 kB)
thesis
posted on 28.03.2022, 19:24 by Hasina Rahman
The Web has evolved into a tangled mass of interconnected services within the last two decades,where websites import resources i.e. data or contents from third-party domains. These domains serve several purposes including analytics, tracking and advertisement. Websites trust their third parties for resources in the process of loading contents or data to their web pages. The dependency of resources sometimes extend further from third-party domains to other domains thus fabricating a chain of dependency. In the resource dependency chain, the first party websites are indeed trusting resources obtained by their direct third-parties through requests to other domains. The chain of dependency cannot be rigidly controlled by the first-party websites as they have very scarce or no information of where the loaded content have originated from. Since this is the case, the websites even end up trusting compromised websites for contents unknowingly and become prone to multifarious attacks. We characterize the implicit trust in the chain of dependency for Alexa's top 30k websites and estimate the level of risks that first-party websites may be venturing while loading resources from thirty-party domains. We found that 10.55% of the resources of top-1000 Alexa websites are obtained implicitly and that they constitute 4.1% of malicious resources in the overall count of external resources.

History

Table of Contents

1. Introduction -- 2. Literature review -- 3. Technical background -- 4. Experimental evaluation -- 5. Conclusion -- References.

Notes

Bibliography: pages 47-54 Empirical thesis.

Awarding Institution

Macquarie University

Degree Type

Thesis MRes

Degree

MRes, Macquarie University, Faculty of Science and Engineering, Department of Computing

Department, Centre or School

Department of Computing

Year of Award

2019

Principal Supervisor

Ali Kaafar

Rights

Copyright Hasina Rahman 2018. Copyright disclaimer: http://mq.edu.au/library/copyright

Language

English

Extent

1 online resource (xiv, 54 pages) graphs, tables

Former Identifiers

mq:71017 http://hdl.handle.net/1959.14/1270011