Ashar Javed

Learn More
Fallback authentication, i.e., recovering access to an account after the password is lost, is an important aspect of real-world deployment of authentication solutions. However, most proposed and deployed mechanisms have substantial weaknesses that seriously degrade security and/or usability. e.g., the well-known security questions are often easy to guess. A(More)
In this paper, we address the overlooked problem of CrossSite Scripting (XSS) on mobile versions of web applications. We have surveyed 100 popular mobile versions of web applications and detected XSS vulnerabilities in 81 of them. The inspected sites present a simplified version of the desktop web application for mobile devices; the survey includes sites by(More)
  • Ashar Javed
  • ACM Conference on Computer and Communications…
  • 2013
In this paper, we investigate the footprints of third-party tracking on the mobile web. The survey of 100 popular mobile versions of web applications indicates that third-party tracking is also prevalent on mobile web. The results show that 62 sites are tracking users' activities on mobile web and Google Analytics is the most widespread tracker on mobile(More)
The Advanced Encryption Standard (AES) became the standard for encryption to protect the sensitive information. With the increasing use of portable and wireless devices and demanding information security needs in embedded systems, prompted efforts to find fast software based implementation of AES encryption/decryption capable of running on resource(More)
This paper deals with the problem of privacy issues caused by the tracking activities of web advertisers. Web advertisers place cookies in the browser to track users' surfing behaviour across websites, mostly without his knowledge or consent. This paper proposes a fine-grained, per-site cookie management protocol. We implement our proposal as Mozilla(More)
Formal analysis is of importance in order to increase confidence that the protocol satisfies its security requirements. In particular, the results obtained from the formal analysis of the smart card security protocols when smart cards are used as a specific type of Secure Signature Creation Devices (SSCDs) are presented. SSCDs are developed to support the(More)