A Novel Approach for User-Centric Privacy Protection on the Web

Date of Award


Degree Name

M.C.S. (Master of Computer Science)


Department of Computer Science


Phu Phung


Web-based applications run within web browsers and interact with a wide range of user-provided data. Web applications gain their dynamic nature from web scripts, particularly JavaScript, which accesses this data through browser APIs. Unfortunately, a significant number of web-based attacks compromising user security and privacy have been discovered over the past decade. Attackers can exploit scripting languages and other web attack techniques, such as cross-site scripting, to steal personal information. In addition, many websites utilize third-party JavaScript without thoroughly checking the code or scanning for vulnerabilities. The third-party code can exploit security weaknesses, resulting in unauthorized user information acquisition, such as user cookies and session data. In this thesis, we have developed a framework incorporating various policy categories to address the above mentioned issues. We have implemented a policy engine to enforce these regulations and provided users with a graphical interface to customize these policies according to their needs. Our experiments have demonstrated that this framework empowers end-users to modify rules and regulate the utilization of device resources. Through our policy enforcement engine, we effectively prevent simulated attack scenarios, thus safeguarding device resources and protecting user privacy.


User-centric privacy, protection on the web, Policy engine, Modify policies, Browser Extension

Rights Statement

Copyright © 2023, Author