PEBA: Enhancing User Privacy and Coverage of Safe Browsing Services

To keep web users away from unsafe websites, modern web browsers enable the embedded feature of safe browsing (SB) by default. In this work, through theoretical analysis and empirical evidence, we reveal two major shortcomings in the current SB infrastructure. First, we derive a feasible tracking technique for industry best practice. We show that the current mitigation techniques cannot eliminate the threat of de-anonymization permanently. Second, we gauge the effectiveness of blacklists provided by major vendors. Our discovery indicates the urge for blacklist integration in order to boost service quality. In light of this, we propose a new three-party paradigm PEBA with an intermediate third party decoupling the direct interaction of users and proprietary blacklist vendors. To satisfy practical usage requirements, we instantiate our design with trusted hardware, detailing how it can be leveraged to fulfill the requirements of privacy enhancement and broader content coverage at the same time. We also tackle numerous implementation challenges that emerged from this proxy-based and hardware-enabled solution. Extensive evaluation confirms that PEBA can balance well among desirable goals of security, usability, performance, and elasticity, making it suitable for deployment in practice.