Ravi Chandra Jammalamadaka
University of California, Irvine
USA
Timothy W.van der Horst
Brigham Young University
USA
Sharad Mehrotra
University of California, Irvine
USA
Kent E. Seamons
Brigham Young University
USA
Nalini Venkatasubramanian
University of California, Irvine
USA
Accessing the Internet to perform sensitive transactions from the computers found in cybercaf'es and public libraries is risky. The untrusted nature of these machines creates a target rich environment for identity thieves. A malicious entity can install a simple keystroke logger, a common payload of many viruses, to record and transmit the secret information (e.g., passwords, credit card numbers, PIN numbers) that a user enters into these machines. In addition, sophisticated malware can hijack a user's authenticated session to perform unauthorized transactions masquerading as the user.
This paper presents Delegate, a proxy-based architecture that enables a user to access websites without disclosing any personal information to the untrusted machine. In addition, Delegate enforces rules at the proxy to detect and prevent session hijacking attempts. The architecture requires no special software at Web servers or the untrusted machine, but assumes the user possesses a trusted hardware device like a cell phone. Delegate is designed to strike an appropriate balance between ease of use and security. If concepts from the proposed architecture were supported by Web servers, then some of the same protections Delegate affords to users of untrusted machines could be realized by users on trusted desktop computers when their machines fall prey to spyware or other malware.
Keywords: Web security, session hijacking, malware