Automated Ruleset Generation for “HTTPS Everywhere”

IF 0.5 Q4 COMPUTER SCIENCE, SOFTWARE ENGINEERING International Journal of Information Security and Privacy Pub Date : 2024-07-17 DOI:10.4018/ijisp.347330
Fares Alharbi, Gautam Siddharth Kashyap, B. Allehyani
{"title":"Automated Ruleset Generation for “HTTPS Everywhere”","authors":"Fares Alharbi, Gautam Siddharth Kashyap, B. Allehyani","doi":"10.4018/ijisp.347330","DOIUrl":null,"url":null,"abstract":"This paper details the implementation of a Web crawler aimed at automating ruleset construction for “HTTPS Everywhere,” with a goal to convert HTTP URLs to secure HTTPS equivalents for enhanced communication security. Developed within a seven-month timeframe, the crawler faced challenges in verifying HTTPS support, varying based on SSL certificate existence and validity. Successful ruleset creation and testing in Firefox and Chrome, adhering to stylistic standards, demonstrated the potential for effective development. The paper explores improving productivity through alternative libraries like Scrapy and Scrapy Cloud. While certain goals, such as in-depth cryptocurrency analysis and web crawler background reading, were unmet due to time constraints, valuable insights were gained. The conclusion underscores the difficulties, successes, and promises of automating ruleset generation through web crawlers for “HTTPS Everywhere,” offering valuable recommendations for advancing web security.","PeriodicalId":44332,"journal":{"name":"International Journal of Information Security and Privacy","volume":null,"pages":null},"PeriodicalIF":0.5000,"publicationDate":"2024-07-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Information Security and Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.4018/ijisp.347330","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, SOFTWARE ENGINEERING","Score":null,"Total":0}
引用次数: 0

Abstract

This paper details the implementation of a Web crawler aimed at automating ruleset construction for “HTTPS Everywhere,” with a goal to convert HTTP URLs to secure HTTPS equivalents for enhanced communication security. Developed within a seven-month timeframe, the crawler faced challenges in verifying HTTPS support, varying based on SSL certificate existence and validity. Successful ruleset creation and testing in Firefox and Chrome, adhering to stylistic standards, demonstrated the potential for effective development. The paper explores improving productivity through alternative libraries like Scrapy and Scrapy Cloud. While certain goals, such as in-depth cryptocurrency analysis and web crawler background reading, were unmet due to time constraints, valuable insights were gained. The conclusion underscores the difficulties, successes, and promises of automating ruleset generation through web crawlers for “HTTPS Everywhere,” offering valuable recommendations for advancing web security.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
为 "HTTPS 无处不在 "自动生成规则集
本文详细介绍了旨在为 "HTTPS Everywhere "自动构建规则集的网络爬虫的实施情况,其目标是将 HTTP URL 转换为安全的 HTTPS 等价物,以增强通信安全性。该爬网程序在七个月的时间内开发完成,在验证 HTTPS 支持方面面临挑战,根据 SSL 证书的存在和有效性而有所不同。在火狐浏览器和 Chrome 浏览器中成功创建和测试了规则集,并遵守了样式标准,展示了有效开发的潜力。本文探讨了如何通过 Scrapy 和 Scrapy Cloud 等替代库提高工作效率。虽然由于时间限制,某些目标(如深入的加密货币分析和网络爬虫背景阅读)未能实现,但还是获得了宝贵的见解。结论强调了通过网络爬虫为 "HTTPS Everywhere "自动生成规则集的困难、成功和前景,并为推进网络安全提供了宝贵的建议。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
International Journal of Information Security and Privacy
International Journal of Information Security and Privacy COMPUTER SCIENCE, SOFTWARE ENGINEERING-
CiteScore
2.50
自引率
0.00%
发文量
73
期刊介绍: As information technology and the Internet become more and more ubiquitous and pervasive in our daily lives, there is an essential need for a more thorough understanding of information security and privacy issues and concerns. The International Journal of Information Security and Privacy (IJISP) creates and fosters a forum where research in the theory and practice of information security and privacy is advanced. IJISP publishes high quality papers dealing with a wide range of issues, ranging from technical, legal, regulatory, organizational, managerial, cultural, ethical and human aspects of information security and privacy, through a balanced mix of theoretical and empirical research articles, case studies, book reviews, tutorials, and editorials. This journal encourages submission of manuscripts that present research frameworks, methods, methodologies, theory development and validation, case studies, simulation results and analysis, technological architectures, infrastructure issues in design, and implementation and maintenance of secure and privacy preserving initiatives.
期刊最新文献
Dynamic Adaptive Mechanism Design and Implementation in VSS for Large-Scale Unified Log Data Collection Enhancing Legal Protection of Children's Rights in the “Internet Plus” Improved Message Mechanism-Based Cross-Domain Security Control Model in Mobile Terminals Intelligent Video Monitoring and Analysis System for Power Grid Construction Site Safety Using Wireless Power Transfer Automated Ruleset Generation for “HTTPS Everywhere”
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1