DOMtegrity: ensuring web page integrity against malicious browser extensions
نویسندگان
چکیده
منابع مشابه
Malicious Browser Extensions at Scale: Bridging the Observability Gap between Web Site and Browser
Browser extensions enhance the user experience in a variety of ways. However, to support these expanded services, extensions are provided with elevated privileges that have made them an attractive vector for attackers seeking to exploit Internet services. Such attacks are particularly vexing for the sites being abused because there is no standard mechanism for identifying which extensions are r...
متن کاملHulk: Eliciting Malicious Behavior in Browser Extensions
We present Hulk, a dynamic analysis system that detects malicious behavior in browser extensions by monitoring their execution and corresponding network activity. Hulk elicits malicious behavior in extensions in two ways. First, Hulk leverages HoneyPages, which are dynamic pages that adapt to an extension’s expectations in web page structure and content. Second, Hulk employs a fuzzer to drive t...
متن کاملEffective detection of vulnerable and malicious browser extensions
Unsafely coded browser extensions can compromise the security of a browser, making them attractive targets for attackers as a primary vehicle for conducting cyber-attacks. Among others, the three factors making vulnerable extensions a high-risk security threat for browsers include: i) the wide popularity of browser extensions, ii) the similarity of browser extensions with web applications, and ...
متن کاملSpying on the browser: dissecting the design of malicious extensions
8 Network Security May 2011 circumnavigation talk, and also assumes that usage is only taking place in areas of pervasive filtering. It does not, for example, allow for the many people who will use such tools in less filtered countries to access video content on sites that restrict it to domestic users for copyright reasons. Many people use HotspotShield to get to video sites such as Hulu or to...
متن کاملBotnet in the Browser: Understanding Threats Caused by Malicious Browser Extensions
Browser extensions have been established as a common feature present in modern browsers. However, some extension systems risk exposing APIs which are too permissive and cohesive with the browser’s internal structure, thus leaving a hole for malicious developers to exploit security critical functionality within the browser itself. In this paper, we raise the awareness of the threats caused by br...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: International Journal of Information Security
سال: 2019
ISSN: 1615-5262,1615-5270
DOI: 10.1007/s10207-019-00442-1