Spying on the browser: Dissecting the design of malicious extensions

被引:1
|
作者
Sood A.K. [1 ]
Enbody R.J. [1 ]
机构
[1] Michigan State University, United States
来源
Network Security | 2011年 / 2011卷 / 05期
关键词
D O I
10.1016/S1353-4858(11)70050-2
中图分类号
学科分类号
摘要
Browsers are a vital component of every computer system as they serve as the interface to the Internet. However, the extensible nature of browsers has facilitated the proliferation of malware infections. In this article, we examine the design of malicious extensions used to steal information from browsers in order to conduct illegal transactions. The focus is on Mozilla's Firefox - but other browsers that share these characteristics will also share similar vulnerabilities. © 2011 Elsevier Ltd.
引用
收藏
页码:8 / 12
页数:4
相关论文
共 50 条
  • [21] Matt Frisbie on Browser Extensions
    Shringi, Kanchan
    Blumen, Robert
    IEEE SOFTWARE, 2023, 40 (04) : 118 - 120
  • [22] XHOUND: Quantifying the Fingerprintability of Browser Extensions
    Starov, Oleksii
    Nikiforakis, Nick
    2017 IEEE SYMPOSIUM ON SECURITY AND PRIVACY (SP), 2017, : 941 - 956
  • [23] Hardening the Security Analysis of Browser Extensions
    Eriksson, Benjamin
    Picazo-Sanchez, Pablo
    Sabelfeld, Andrei
    37TH ANNUAL ACM SYMPOSIUM ON APPLIED COMPUTING, 2022, : 1694 - 1703
  • [24] The privacy practices of Web browser extensions
    Martin, DM
    Smith, RM
    Brittain, M
    Fetch, I
    Wu, HL
    COMMUNICATIONS OF THE ACM, 2001, 44 (02) : 45 - 50
  • [25] On Evaluating and Securing Firefox for Android Browser Extensions
    Marston, Josh
    Weldemariam, Komminist
    Zulkernine, Mohammad
    PROCEEDINGS OF THE 1ST INTERNATIONAL CONFERENCE ON MOBILE SOFTWARE ENGINEERING AND SYSTEMS (MOBILESOFT 2014), 2014, : 27 - 36
  • [26] Detection of Inconsistencies in Privacy Practices of Browser Extensions
    Bui, Duc
    Tang, Brian
    Shin, Kang G.
    2023 IEEE SYMPOSIUM ON SECURITY AND PRIVACY, SP, 2023, : 2780 - 2798
  • [27] Vetting browser extensions for security vulnerabilities with Vex
    Bandhakavi, Sruthi
    Tiku, Nandit
    Pittman, Wyatt
    King, Samuel T.
    Madhusudan, P.
    Winslett, Marianne
    Communications of the ACM, 2011, 54 (09): : 91 - 99
  • [28] Stronger password authentication using browser extensions
    Ross, B
    Jackson, C
    Miyake, N
    Boneh, D
    Mitchell, JC
    USENIX Association Proceedings of the 14th USENIX Security Symposium, 2005, : 17 - 31
  • [29] Vetting Browser Extensions for Security Vulnerabilities with VEX
    Bandhakavi, Sruthi
    Tiku, Nandit
    Pittman, Wyatt
    King, Samuel T.
    Madhusudan, P.
    Winslett, Marianne
    COMMUNICATIONS OF THE ACM, 2011, 54 (09) : 91 - 99
  • [30] Technical Perspective Making Browser Extensions Secure
    Kruegel, Christopher
    COMMUNICATIONS OF THE ACM, 2011, 54 (09) : 90 - 90
12345