Protecting the Intranet Against "JavaScript Malware" and Related Attacks
نویسندگان
چکیده
The networking functionality of JavaScript is restricted by the Same Origin Policy (SOP). However, as the SOP applies on a document level, JavaScript still possesses certain functionality for cross domain communication. These capabilities can be employed by malicious JavaScript to gain access to intranet resources from the outside. In this paper we exemplify capabilities of such scripts. To protect intranet hosts against JavaScript based threats, we then propose three countermeasures: Element Level SOP, rerouting of cross-site requests, and restricting the local network. These approaches are discussed concerning their respective protection potential and disadvantages. Based on this analysis, the most promising approach, restricting the local network, is evaluated practically. We’re entering a time when XSS has become the new Buffer Overflow and JavaScript Malware is the new shellcode. Jeremiah Grossman [6]
منابع مشابه
Zozzle: Low-overhead Mostly Static JavaScript Malware Detection
JavaScript malware-based attacks account for a large fraction of successful mass-scale exploitation happening today. From the standpoint of the attacker, the attraction is that these drive-by attacks can be mounted against an unsuspecting user visiting a seemingly innocent web page. While several techniques for addressing these types of exploits have been proposed, in-browser adoption has been ...
متن کاملZOZZLE: Fast and Precise In-Browser JavaScript Malware Detection
JavaScript malware-based attacks account for a large fraction of successful mass-scale exploitation happening today. Attackers like JavaScript-based attacks because they can be mounted against an unsuspecting user visiting a seemingly innocent web page. While several techniques for addressing these types of exploits have been proposed, in-browser adoption has been slow, in part because of the p...
متن کاملDetection of Javascript Vulnerability At Client Agen
These days, most of companies expanding their business horizon through dynamic web sites based on Web 2.0 concept. The JavaScript is a key choice of web developers to build sophisticated dynamic web 2.0 application such social network site, blogs, e-commerce websites. On the other hand vulnerable JavaScript code is also exploited by the hackers to launch the attacks. Hacker may tamper the JavaS...
متن کاملIntelligent Defense against Malicious JavaScript Code
JavaScript is a popular scripting language for creating dynamic and interactive web pages. Unfortunately, JavaScript also provides the ground for web-based attacks that exploit vulnerabilities in web browsers and unnoticeably infect users with malicious software. Regular security tools, such as anti-virus scanners, increasingly fail to fend off this threat, as they are unable to cope with the r...
متن کاملELPA: Emulation-Based Linked Page Map Analysis for the Detection of Drive-by Download Attacks
Despite the convenience brought by the advances in web and Internet technology, users are increasingly being exposed to the danger of various types of cyber attacks. In particular, recent studies have shown that today’s cyber attacks usually occur on the web via malware distribution and the stealing of personal information. A drive-by download is a kind of web-based attack for malware distribut...
متن کامل