Augmented browsing

Abstract: Anyone who regularly reads life science literature often comes across names of genes, proteins, or small molecules that they would like to know more about. To make this process easier, we have developed a new, free service called Reflect ("http://reflect.ws":http://reflect.ws) that can be installed as a plug-in to Firefox or Internet Explorer. Reflect tags gene, protein, and small molecule names in any web page, typically within a few seconds, and without affecting document layout. Clicking on a tagged gene or protein name opens a popup showing a concise summary that includes synonyms, database identifiers, sequence, domains, 3D structure, interaction partners, subcellular location, and related literature. Clicking on a tagged small molecule name opens a popup showing 2D structure and interaction partners. The popups also allow navigation to commonly used databases. In the future we plan to add further entity types to Reflect, including outside the life sciences.

Abstract: With the constant migration of applications from the desktop to the web, power users have found ways of enhancing web applications, at the client-side, according to their needs. In this paper, we investigate this phenomenon by focusing on the popular Greasemonkey extension which enables users to write scripts that arbitrarily change the content of any page, allowing them to remove unwanted features from web applications, or add additional, desired features to them. The creation of script markets, on which these scripts are often shared, extends the standard web security model with two new actors, introducing newly identified types of vulnerabilities. We describe the architecture of Greasemonkey and perform a large-scale analysis of the most popular, community-driven, script market for Greasemonkey. Through our analysis, we discover not only dozens of malicious scripts waiting to be installed by users, but thousands of benign scripts with vulnerabilities that could be abused by attackers. In 58 cases, the vulnerabilities are so severe, that they can be used to bypass the Same-Origin Policy of the user’s browser and steal sensitive user-data from all sites. We have discovered several of these severely vulnerable scripts, with over a million installations, and created a proof-of-concept exploit that successfully launches a novel “Man-in-the-browser” attack against an installed vulnerable script with an installation base of 1.2

Abstract: A system and method to present global and local context sensitive augmented content in accordance with multiple criteria, including one or more user's preferences, and present the augmented content via a transparent layer on top of the original content for less obtrusive and more efficient browsing, knowledge discovery and exploration experience. The original content remains visible to the user while the augmented content is being viewed or interacted with. The global context sensitive augmented content is generated using metrics based on the overall document or content being viewed, while the local context sensitive augmented content is generated using metrics based on the currently viewed or selected object within the document or content being viewed. Real-time and theme based augmentation are used to further enhance the user's experience. The local and global augmentation represent an in-situ user customized augmented network of concepts and relationships that are of interest to knowledge discovery of the topic at hand.