Extensible Web Browser Security

Louw, Mike Ter; Lim, Jin Soon; Venkatakrishnan, V.

doi:10.1007/978-3-540-73614-1_1

Cited by 24 publications

(8 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The advantage of implementing SessionShield as a stand-alone personal proxy instead of a browserplugin relies on the fact that cookies residing in the browser can still be attacked, e.g. by a malicious add-on [18]. When sensitive data are held outside of the browser, in the data structures of the proxy, a malicious add-on will not be able to access them.…”

Section: Methodsmentioning

confidence: 99%

SessionShield: Lightweight Protection against Session Hijacking

Nikiforakis

Meert

Younan

et al. 2011

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. The class of Cross-site Scripting (XSS) vulnerabilities is the most prevalent security problem in the field of Web applications. One of the main attack vectors used in connection with XSS is session hijacking via session identifier theft. While session hijacking is a client-side attack, the actual vulnerability resides on the server-side and, thus, has to be handled by the website's operator. In consequence, if the operator fails to address XSS, the application's users are defenseless against session hijacking attacks. In this paper we present SessionShield, a lightweight client-side protection mechanism against session hijacking that allows users to protect themselves even if a vulnerable website's operator neglects to mitigate existing XSS problems. SessionShield is based on the observation that session identifier values are not used by legitimate clientside scripts and, thus, need not to be available to the scripting languages running in the browser. Our system requires no training period and imposes negligible overhead to the browser, therefore, making it ideal for desktop and mobile systems.

show abstract

Section: Methodsmentioning

confidence: 99%

SessionShield: Lightweight Protection against Session Hijacking

Nikiforakis

Meert

Younan

et al. 2011

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…They propose changes to Chrome to make malware easier to identify. The work by Ter Louw et al [21] highlighted some of the potential security risks posed by Firefox extensions. They proposed runtime monitoring of XPCOM calls for detecting suspicious activities in extensions.…”

Section: Related Workmentioning

confidence: 98%

Privacy Leakage Attacks in Browsers by Colluding Extensions

Saini

Gaur

Laxmi

et al. 2014

Information Systems Security

View full text Add to dashboard Cite

Abstract. Browser Extensions (BE) enhance the core functionality of the Browser and provide customization to it. Browser extensions enjoy high privileges, sometimes with the same privileges as Browser itself. As a consequence, a vulnerable or malicious extension might expose Browser and system resources to attacks. This may put Browser resources at risk of unwanted operations, privilege escalation etc. BE can snoop on web applications, launch arbitrary processes, and even access files from host file system. In addition to that, an extension can even collude with other installed extensions to share objects and change preferences. Although well-intentioned, extension developers are often not security experts. Hence, they might end up writing vulnerable code. In this paper we present a new attacks via Browser extensions. In particular, the attack allows two malicious extensions to communicate and collaborate with each other in such a way to achieve a malicious goal. We identify the vulnerable points in extension development framework as: (a) object reference sharing, and (b) preference overriding. We illustrate the effectiveness of the proposed attack using various attack scenarios. Furthermore, we provide a proof-of-concept illustration for web domains including Banking & shopping. We believe that the scenarios we use in use-case demonstration underlines the severity of the presented attack. Finally, we also contribute an initial framework to address the presented attack.

show abstract

“…5. Ter Louw et al [23,24] present a code integrity checking mechanism for extension installation and a policy enforcement framework built into XPConnect and SpiderMonkey. In comparison, our approach is lighter, and we do not modify the core components or architecture of Firefox.…”

Section: Related Workmentioning

confidence: 99%

Securing Legacy Firefox Extensions with SENTINEL

Onarlıoğlu

Battal

Robertson

et al. 2013

Detection of Intrusions and Malware, and Vulnerability Assessment

View full text Add to dashboard Cite

Abstract.A poorly designed web browser extension with a security vulnerability may expose the whole system to an attacker. Therefore, attacks directed at "benign-but-buggy" extensions, as well as extensions that have been written with malicious intents pose significant security threats to a system running such components. Recent studies have indeed shown that many Firefox extensions are over-privileged, making them attractive attack targets. Unfortunately, users currently do not have many options when it comes to protecting themselves from extensions that may potentially be malicious. Once installed and executed, the extension needs to be trusted. This paper introduces Sentinel, a policy enforcer for the Firefox browser that gives fine-grained control to the user over the actions of existing JavaScript Firefox extensions. The user is able to define policies (or use predefined ones) and block common attacks such as data exfiltration, remote code execution, saved password theft, and preference modification. Our evaluation of Sentinel shows that our prototype implementation can effectively prevent concrete, realworld Firefox extension attacks without a detrimental impact on users' browsing experience.

show abstract

Extensible Web Browser Security

Cited by 24 publications

References 7 publications

SessionShield: Lightweight Protection against Session Hijacking

SessionShield: Lightweight Protection against Session Hijacking

Privacy Leakage Attacks in Browsers by Colluding Extensions

Securing Legacy Firefox Extensions with SENTINEL

Contact Info

Product

Resources

About